Skip to content

Half a Million Macs infected with Flashback Trojan

  • by

botnet

Russian anti-virus company Dr. Web made an announcement yesterday that it has discovered a new botnet that specifically targets Macs. 

This botnet has been around since 2011, but a new variant, which takes advantage of a security hole in Java has it spreading like wild fire.  Originally reporting that the infection had spread to approximately 500,000 infected Apples that number has now increased to 600,000 with more than half of those being systems in the US. 

If you are a PC user this is nothing to worry about but for Mac users this should be an issue of concern as malware and virus removal tools are much less prevalent on the iOS.  The first thing Mac users should do is update their Java, who has now released a patch for the vulnerability so if they don’t have it they don’t have to worry about catching it via Java.  You can update it via the Java software itself or go here.  The next step is to find out if you have the infection.

  1. Load terminal and run: defaults read /Applications/Safari.app/Contents/Info LSEnvironment
    1. This should give you the error: The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist
  2. Load terminal and run: defaults read ~/.MacOSX/environment DLD_INSERT_LIBRARIES
    1. This should give you the error: The domain/default pair of (/Users/YOURUSER/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist

 If you did not get those errors from those commands you are most likely infected.  For detailed instructions on how to manually remove the infections go to the following website.

Frankenstein Computers has been taking care of our happy clients since 1999. We specialize in affordable IT Support, Cyber Security, IT Service, IT Security, Office 365, Cloud, VOIP, SPAM, Wireless, Network Design, MAC repair, PC Repair, Virus Removal, remote support, web design, on site support and much more. Check out what our clients have to say about us on Yelp!