Apple develops tool to 'detect and remove' Flashback Trojan

  • Published
Macbooks in an Apple store
Image caption,

Apple products have previously been regarded as less susceptible to viruses than Windows PCs

Apple has said it is developing a tool to "detect and remove" a Trojan that is said to have infected more than half a million Mac computers.

It said it is working with internet service providers (ISPs) to disrupt the command network being used by hackers to exploit the malware.

Trojans are infections that can expose computers to control by hackers.

It is Apple's first statement on the threat. It issued patches to prevent the malware's installation last week.

The two security updates were released eight weeks after Java's developer Oracle issued a fix for other computer systems.

In a <link> <caption>message posted on Apple's website's support section</caption> <url href="http://support.apple.com/kb/HT5244" platform="highweb"/> </link> , the company said it had fixed a "Java security flaw for systems running OS X v10.7 and Mac OS X v10.6".

It suggested users of Macs running earlier versions of its system software should disable Java in their web browser preferences.

In addition, Apple said it was working with ISPs to shut down networks of servers hosted by the malware authors, which the code - known as Flashback - relies on "to perform many of its critical functions".

Macs 'being targeted'

Russian anti-virus firm Dr Web, which has tracked the scale of the botnet, said it believed around 650,000 machines had now been infected.

The company's chief executive, Boris Sharov, told the BBC that since the Trojan was publicised, they have seen downloads of their anti-virus software increase by 28,000%.

"The thing that we have proven to the community is that people should care about their security, even on Macs," he said.

According to a timeline of events <link> <caption>posted on its website</caption> <url href="http://news.drweb.com/show/?i=2353&lng=en&c=14" platform="highweb"/> </link> , Dr Web said activity surrounding the virus began as far back as February.

Traditionally, Apple has promoted the fact that its Macintosh line is largely free from viruses and other similar threats due to the fact almost all malicious software is designed to exploit computers running on Microsoft Windows.

McAfee Labs' Dave Marcus told the AFP news agency: "All the stuff the bad guys have learned for doing attacks in the PC world is now starting to transition to the Mac world."

"Mac has said for a long time that they are not vulnerable to PC malware, which is true: they are vulnerable to Mac malware."

The security firm F-Secure has posted detailed instructions about <link> <caption>how to confirm if a machine is infected</caption> <url href="http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml" platform="highweb"/> </link> and how to manually remove the Trojan.