There have been many reports in the last few days regarding the Flashback trojan, one of the very few viruses that has infected Macs. Macs haven’t ever been virus-proof, but historically there haven’t been more than a small handful of viruses for Mac. The flashback trojan is a virus that tricks a user into installing it, then sends personal information back to a mothership. Today we’ll go through how to tell if your computer is infected, how to disinfect it, and how to safeguard against future trojans and viruses.
1. Do I already have the Flashback Trojan? and if so, How do I remove it?
You can run a set of terminal commands to check (and you can find a good step by step on how to do that here), OR you can run Software Update. If Apple’s Software Update says your software is up to date, then you don’t have the flashback trojan. Apple has pushed two Java updates in the last two updates specifically removing the trojan and patching the security hole that Flashback took advantage of. Run your software updates.
2. How can I protect myself from future threats?
Run antivirus software. There are plenty of choices, and having these installed on your Mac would have prevented Flashback in the first place (the trojan actually looked for some of these on your hard drive, and if it found them, aborted its install!).
•Little Snitch – This program is awesome. It tells you what programs on your computer are accessing the internet.
•Avast Free Edition for Mac – Avast has a good, free Windows antivirus as well. The Mac version is in beta, but it does the trick.
Those are two of my favorite in the anti-virus market. I can’t say how useful Little Snitch can be. I’ve used it many times when customers had really slow internet connections, to show them how many different programs they were using that accessed the internet.
In addition to Anti-virus software, there are a couple of “best practices” for not getting viruses on your computer.
•Don’t use your computer as an administrator.
•Set a separate user account password and keychain password
There are some great “best practices” at MacWorld’s Protect Your Mac page. Follow them.