Russian anti-virus company Dr Web made an announcement yesterday that it has discovered a new botnet that specifically targets Macs. This botnet has been around since 201,1 but a new variant, which takes advantage of a security hole in Java has it spreading like wild fire. Originally reporting that the infection had spread to approximately 500,000 infected Apples that number has now increased to 600,000 with more than half of those being systems in the US. If you are a PC user this is nothing to worry about but for Mac users this should be an issue of concern as malware and virus removal tools are much less prevalent on the iOS. The first thing Mac users should do is update their Java, who has now released a patch for the vulnerability so if they don’t have it they don’t have to worry about catching it via Java. You can update it via the Java software itself or go here. The next step is to find out if you have the infection.
- Load terminal and run: defaults read /Applications/Safari.app/Contents/Info LSEnvironment
- This should give you the error: The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist
- Load terminal and run: defaults read ~/.MacOSX/environment DLD_INSERT_LIBRARIES
- This should give you the error: The domain/default pair of (/Users/YOURUSER/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist
If you did not get those errors from those commands you are most likely infected. For detailed instructions on how to manually remove the infections go to the following website.