As reported this week, as many as 600,000 Apple computers were infected with malware dubbed “Flashback” with the majority of users being in the USA. This particular variant uses a Java exploit and is NOT the same malware that was first seen in September 2011 and was associated with Adobe’s Flash Player. IT DOES NOT REQUIRE ANY MANUAL ACCEPTANCE OR INSTALL FROM USERS. It is also designed to immediately retrieve username/password info on infected machines.
Mashable has provided two Apple Scripts you can download to check and see if your Mac is infected. CNET has instructions on how to manually remove the malware. Currently, anti-virus providers have not updated their software with an automatic removal solution. Also note, Apple released a security update on April 3rd, but it only applies if you are running OS X Lion. Snow Leopard users are STILL vulnerable to the Flashback malware. Apple’s update closes the vulnerability it does not clean infected computers.
While Mac users are not plagued with as many attacks as PC users, this should not prevent Mac users from being proactive in securing their computers. Here are some guidelines to help secure your Mac:
- Do not logon with an Admin account. The default user account installed account on a Mac has complete Admin rights. You should create a new user account with limited privileges and only use the Admin account when you need to perform tasks such as installing software.
- Disable Java. This is not the same thing as JavaScript. In Safari go to Safari>Preferences>Security and uncheck “Enable Java”. For the OS go to the Applications folder then Utilities then Java Preferences. Uncheck everything in the General tab. (Java is not installed on OS X Lion by default)
- Check for updates. Set OS X to check for updates at least once a week.
- Turn on OS X’s firewall.
- Consider third party anti-virus tools. This is an often debated topic, but there are many free utilities that do little to slowdown Mac system performance.
Preventing malware & virus infections starts with smart computing habits. Be alert & aware as you surf the Internet, and before you open that image ask yourself, “Would my mom really send me a nude picture of Snooki?”