A Mac developer has posted a tool that detects a Flashback malware infection on Apple's computers. Last week we posted about, More than 600000 Macs system infected with Flashback Botnet. That's slightly more than 1 percent of all 45 million Macs in the world still a relatively small number, but a worrisome one for Mac users, as the tally of infected machines continues to grow.
FlashBack Checker - 38KB tool was created by Juan Leon, a software engineer at Garmin International, the Kansas-based company best known for its GPS devices.
When Flashback Checker is run, it displays "No signs of infection were found" or provides additional information if it does detect changes the malware has made to the Mac.
According to Dr. Web, the Russian security company that was the first firm to quantify Flashback infections, nearly 2% of all Macs have been hit by the malware.
Dr. Web used a different technique to detect Flashback than Leon. Rather than examine the Mac itself, Dr. Web's tool compares the UUID (universally unique identifiers) of a machine to the list of UUIDs of infected Macs it compiled after commandeering a hacker command-and-control (C&C) server.
To help tackle the recent Flashback malware threat, Apple released a couple of updates for the Java runtime in OS X to bring it up to the latest Java release (version 1.6.0_31), which patches the vulnerability being exploited.
The download is posted to github and can run on Mac OS X10.5 and above. Leon also posted the source code for those interested in checking it out.
About the author