Apple’s Flashback malware remover now live
April 12, 2012
Apple this afternoon released an integrated tool to remove Flashback, malware designed to steal user information that was found to be present in more than half a million machines just last week.
The tool, which was made available as part of a security update to Java today, comes two days after the company quietly announced plans to offer it to users.
Flashback is a form of malware designed to grab passwords and other information from users through their Web browser and other applications. A user typically mistakes it for a legitimate browser plug-in while visiting a malicious Web site. At that point, the software installs code designed to gather personal information and send it back to remote servers. In its most recent incarnations, the software can install itself without user interaction.
According to Apple, the new tool removes "the most common variants" of the malware.
After being discovered by Russian antivirus company Dr. Web earlier this month, several security firms -- including Kaspersky and Symantec -- verified its prevalence, while noting that infections have been in a decline. Yesterday Symantec said that around 270,000 machines were infected with the malware worldwide, down from the more than 600,000 counted last week.
Apple's removal tool joins a small number of other solutions created to detect and remove the malware. Yesterday F-Secure released a small piece of software that makes use of AppleScript to detect it and make any necessary repairs. Earlier this week, Kaspersky Lab, which was the first company to verify Dr. Web's infection numbers, offered up its own such tool.