Apple releases tool to combat Flashback malware

Apple logo Apple says the tool removes "the most common variants" of the malware

Related Stories

Apple has released a fresh Java update that it says removes the Flashback Trojan on infected Macintosh computers.

The malware installs itself if a user visits a malicious website, exposing the computer to control by hackers.

The update's release comes two days after Apple said it was tackling the issue, and a week after an anti-virus firm warned 600,000 Macs were infected.

Another security firm, Kaspersky, has recalled its own Trojan-removal tool after it affected some user settings.

The company said its tool was removing settings on the computers it was being installed on, and promised to offer a replacement shortly.

'Slow reaction'

Apple, on the other hand, states on its website's support section that its new removal tool gets rid of "the most common variants" of the malware.

The tool is integrated into the latest security update to Java on Apple computers running Mac OS X 10.6 and 10.7 ("Snow Leopard" and "Lion").

Users of infected machines running earlier versions of the operating system are told to disable Java in their web browser preferences to deal with the problem.

Earlier, Apple also said it was working with ISPs to shut down networks of servers hosted by the malware authors, which the code relies on "to perform many of its critical functions".

However, Apple has been criticised for the time it took to react to the Trojan infection.

Stealing data

Start Quote

MacOS is increasingly attractive and increasingly exploited by criminals”

End Quote Rik Ferguson Trend Micro

It is suspected that Flashback was designed to steal passwords and other personal data from users through their web browser.

Russian anti-virus firm Dr Web estimated on 6 April that some 600,000 Macs around the world had contracted the malware.

But security company Norton stated that the number of infected computers had since fallen to 270,000.

Several firms released their own Flashback removal tools ahead of Apple's latest security update.

However, Kaspersky Lab issued a statement after discovering problems with its software.

"In some cases it is possible that the use of the tool could result in erroneous removal of certain user settings including auto-start configurations, user configurations in browsers, and file sharing data," the firm's spokesperson Greg Sabey said in an email to the press.

"The company will release an updated version of the utility with the bug corrected and will send a notification as soon as it's available."

Some analysts say Apple could have avoided the attack if it had tackled the problem sooner.

Java's developer Oracle had issued a fix for other systems eight weeks before Apple's first security update.

Rik Ferguson, director of security research and communication at Trend Micro, said: "Security updates issued by Apple are issued too slowly and not on any regular schedule.

"Apple's sluggishness on security updates could perhaps have been defended in the past by the relative paucity of malware on that operating system. However, MacOS is increasingly attractive and increasingly exploited by criminals."

Apple also appears to be trying to improve safety for its online store iTunes, possibly addressing the growing number of complaints about some accounts being hacked.

Users are being prompted to add back-up email addresses and answer security questions to protect their accounts and devices.

Apple has not commented on the move, which initially confused some of its users.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features

  • A painting of the White House on fire by Tom FreemanFinders keepers

    The odd objects looted by the British from Washington in 1814


  • Chris and Regina Catrambone with their daughter Maria LuisaSOS

    The millionaires who rescue people at sea


  • Plane7 days quiz

    What unusual offence got a Frenchman thrown off a plane?


  • Children testing a bridge at a model-making summer school in Crawley, West SussexSeeding science Watch

    The retired professor who turned village children into engineers


  • Krouwa Erick, the doctor in Sipilou town at the border of Ivory Coast and Guinea - 27 August 2014Bad trip

    The Ebola journey no-one in Ivory Coast wants to take


BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.