Yesterday we told you about a pair of free software tools designed to help you detect and remove the Flashback botnet from your Mac. Now it looks like Apple is working on their own tool that will accomplish the same thing, though there are few details about the tool as yet.
According to a page on Apple’s website that went live yesterday, “Apple is developing software that will detect and remove the Flashback malware.” They also note that they released a Java update that fixes the exploit that the malware was using to install itself on users’ computers. They also note that the malware depends on a network of servers, and that they and ISPs all over the world are taking steps to shut down those servers. That process, however, has not always gone smoothly: AppleInsider reported yesterday that Apple tried to shut down a server owned by Dr. Web, the Russian site that originally discovered Flashback.
Dr. Web discovered the new Flashback variant early last week. While previous versions of Flashback had, like nearly all malware targeted at Macs, required user interaction to install, this new variation did not. It exploited a flaw in Java that allowed it to install itself on a user’s computer if the user so much as visited an infected website. Dr. Web initially estimated that about 550,000 computers were infected worldwide, most in the US and Canada, though that estimate was quickly revised to upwards of 600,000.