Friday, 6 April 2012

How to check if you Mac has the Flashback Botnet trojan

The Flashback Botnet trojan which has now infected over 600,000 Mac computers world wide is pretty hard to detect. It requires bringing up the command line interface and running these commands:

  • defaults read /Applications/Safari.app/Contents/Info LSEnvironment  
  • defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

If the result to running these two commands is "does not exist" than you PC is clean.
I am pretty sure most Mac users are not all that comfortable with having to run terminal commands. For those not comfortable with running commands on the terminal Mashable has created two scripts which you can run instead which are found at this link.


Run the two executables found inside the zip. If like the picture above, the last three words are "does not exist" on both runs you PC is clean. 


Finally, do not forget to update the software on your Mac. The latest Java updates close the door for now. Mac users should expect more of the same from now. When Mac's had a 2% market shares, it was not worth attacking. With its market share hitting 7% is looks like the malware makers now have Mac computers in their sights.

No comments:

Post a Comment

//PART 2