Flashback Trojan — The Geek Blog

This post is a bit later than planned due to my recent arrival, but I still thought I would post it out there. There has been a bit a press recently about the Flashback Trojan on many Macs.

Originally the piece I had read on the register was claiming there are as many as 550,000 infected machines.

The best article I saw on the detecting and removing the trojan was on F-Secure.

Initially if you run the commands you can see below, if you get the same output then you are not infected by the Trojan.

Macintosh-3:~ craigdba$ defaults read /Applications/Safari.app/Contents/Info LSEnvironment

2012-04-05 19:26:16.700 defaults[25533:707]

The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist

Macintosh-3:~ craigdba$ defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

2012-04-05 19:27:24.648 defaults[25535:707]

The domain/default pair of (/Users/craigdba/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist

If you do get replies then you will want to read the article in the link from F-Secure, or apply the latest software updates from Apple which does contain a Java security update. Apple has said in the text that it is for the Trojan, plus today I see an article on The Register which now says the number of machines has dropped to 270,000.

I am always interested in your thoughts so if you have any comments or feedback then please feel free to add any comments, or you can mail me here.