Flashback is a Trojan and Trojans aren't installed without your knowledge. If you remember your Greek mythology the Trojan horse was a gift, but hidden inside were troops and it was a trick. Flashback also pretends to be something else and in this case it is a Flash installer. You may visit a website and be prompted to update Flash and be presented with a Flash installer. It is a trick though and inside the app is malware, which gets installed on your Mac.
To see whether you might have the Flashback Trojan or whether your Mac is at risk, go to Safari, Preferences, Security and see if the Enable Java tick box is ticked. If it is, then your Mac is at risk, but if it isn't ticked then you can't be infected with Flashback. You might want to clear that tick box and browse the web without Java. Whether you need Java depends on which websites you visit and you might not miss it. If you come across a website that isn't working, you can always enable Java temporarily and reload the web page.
If Java is enabled in Safari you might have Flashback and you should check whether you have this Trojan on your computer. Open a Terminal window and type these two commands:
defaults read /Applications/%browser%.app/Contents/Info LSEnvironment
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
In both cases you should get a message that says 'does not exist' at the end of the line. Anything else means that you probably have Flashback.
If you think you have Flashback and want to know how to remove it, go to the F-Secure blog here or go to the F-Secure threat description here.
0 comments:
Post a Comment