Flashback Trojan Proves Apple’s Vulnerability: How To Protect Your Mac

As many as 600,000 Macs worldwide have been infested by the sudden attack of Flashback Trojan.

Apple's so-called secured fortress that was the Mac's anti-malware security scanner has enjoyed a formidable reputation till date. However, an increasing number of reported attacks and intrusions have begun to lay siege to that stronghold.

It is not for the first time the incident of malware attack has happened. Last year, there were attacks by malwares/viruses like Tsunami and Revier/Imuler Trojans and the Mac Defender counterfeit antivirus program.

Although the number, when compared to the Windows PCs, looks very small, yet the problem has created enough tension within the Mac OS X ecosystem.

Apple, however, has accepted the fact that it's not immune to such malware attack, and has wasted no time in pulling up its socks. The company is heard to be working hard to develop software to detect and remove the Flashback malware.

The company has provided a support document which describes Flashback as a malware that exploits the security flaw in Java in order to install itself on Macs.

The company has released a Java update that patches the Java security flaw for systems running on OS X v10.7 and Mac OS X v10.6. Mac by default, checks for software updates every week, but Apple recommends making changes in that setting in Software Update preferences and to run the Software Update at any time to manually check for the latest updates.

By the time the Cupertino-based tech giant comes up with its own tool to protect your Mac from the malware, check out the 10 best ways you can secure your system from Trojan.

Launch Terminal to Check Whether Your Mac is Affected

Check out first whether your Mac is infected with the Flashback Trojan virus, and, to do so, Gizmodo has pointed out some easy-to-follow instructions. The app, created by F-Secure, checks and cleans your system from the malware attack. The best part about the app is it is free!

Follow these steps as detailed by F-Secure to detect the Flashback malware:

1. Run the following command in Terminal:

defaults read /Applications/Safari.app/Contents/Info LSEnvironment

2. Take note of the value, DYLD_INSERT_LIBRARIES

3. Proceed to step 8 if you got the following error message:

The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist

In case of any error message, you can head to F-Secure for fix. For users who're clean so far, move on to step eight:

8. Run the following command in Terminal:

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

9. Note down the result. In case you receive an error message similar to the following, your system is clear of the malware:

The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist

For Mac users, download the Flashback Removal Tool

We, however, suggest all the Mac users to stick to basic safeguard measures like:

Disable Java

Java has always been a popular target for exploiters and this time also there's no exception. According to Costin Raiu, a security expert with Kaspersky Lab, the Mac users should uninstall Java from the machine.

Uninstall Flash Player

Along with Java, users should also uninstall the Flash Player as this is another popular target for hackers. Raiu says that the old version of Flash Player increases the vulnerability while browsing the Internet.

Use a Secure Web Browser - Google Chrome For Example

Apple's built-in Safari browser does not get updated as quickly as the Google Chrome. The Chrome also contains better malware scanning mechanisms and has a strong track record of quickly fixing security issues.

Keep Strong Password

As we all know, using a strong password is one of the most important steps to protect your computer from hackers and other unwelcome users.

Mac comes with a built-in password manager, called the Keychain. The program helps save your system from phishing attacks. Raiu suggests increasing online security. The users should create unique and strong passwords for each of their resources and keep them in the keychain.

Install a Security Solution

Finally, it is strongly recommended that Mac users should install strong security solution on their systems to safeguard their systems from any future similar attacks.