Responding to recent reports
that the BackDoor.Flashback botnet has infected thousands of computers running Mac OS X, Apple on Tuesday publicly acknowledged that it was developing software that will detect and remove the malware.
The Flashback/Flashfake Mac Trojan was first reported by Russian anti-virus vendor Doctor Web earlier this month.
Flashback exploited a security flaw in Java in order to install itself on Macs. Apple has released a Java update that fixes the Java security flaw for systems running OS X v10.7 and Mac OS X v10.6. By default, Macs automatically check for software updates every week, but users can also run Software Update
at any time to manually check for the latest updates. Mac owners running older editions -- Leopard and earlier -- should disable the Java browser plug-in, Apple said.
Apple is also developing software that will detect and remove the Flashback malware.
In addition to the Java vulnerability, the Flashback malware relies on computer servers hosted by the malware authors to perform many of its critical functions. Apple says it is working with ISPs worldwide to disable this command and control network.
Kaspersky Lab has also released a free detection and removal tool
for Mac users to check whether they are infected by the Flashback Trojan.
Kaspersky Lab counted up to 670,000 infected OS X machines in the botnet last week. Alex Gostev, Kaspersky's chief security expert, says the number of bots counted here are active ones, and that the numbers don't reflect the total number of infected machines.