Antivirus companies Norton and Kapersky have both released utilities to help identify and remove the Flashback trojan that exploits a security flaw in older versions of Java. Apple released updates that patch the Java flaws, and on Thursday rolled out a new update that also checks for and removes the Flashback trojan.
Norton’s free utility runs in the Terminal instead of including an OS X-native interface, but includes clear instructions. Kapersky’s Flashback identifier runs through the company’s website, and includes a link to download the company’s antivirus tools if the Trojan is detected.
Flashback installs its payload on Macs running unpatched versions of Java, and can target victims that visit websites designed to push the malware onto their computer. Recent versions of the trojan don’t require users to provide passwords to install, making it easier to get stung without realizing what happened — assuming you haven’t installed Apple’s Java security updates.
You can check for the Flashback trojan without downloading any utilities, too. F-Secure detailed the steps needed to use Terminal to see if Flaskback’s files are on your Mac last week.
Since some Flashback variants try to trick you into giving up your user account information by posing as a Flash installer, it’s a good idea to go to Adobe’s website should you need to add Flash to your Mac. Alternatively, you can use Google’s Chrome Web browser to view Flash content even when you haven’t used Adobe’s Flash installer because the browser includes its own built-in Flash Player.