Flashback malware alert

Posted: Tue 17 Apr 2012, 5:41pm.

We have identified a number of Macs on the campus network this week which are infected with Flashback malware. This is a new type of malicious software which has affected thousands of Macs in the last few weeks.

What it does
The software targets Macs in particular and once installed, it tries to collect the usernames and passwords that you use to login to websites and services.

How you get it
The software masquerades as a Flash update. When you visit an infected website, you are asked to upgrade your Flash player. When you click to agree, the malicious software is installed onto your computer. There are also some variants which are able to install themselves silently by exploiting a weakness in the Java software component for Mac.

How to protect yourself
If you use a recent version of Mac software (10.6 Snow Leopard or 10.7 Lion - you can check by clicking on the Apple logo and selecting About this computer...), the best way to protect yourself is just to update your software:

  • click on the Apple logo and choose Software update...

Apple have released a new update which protects your Mac and also tries to remove the malware if it is present.

How to remove the malware
If you think you may be infected with the malware, you can remove it simply by performing the latest software update (if you have the more recent Mac software, 10.6 Snow Leopard or 10.7 Lion with Java). Apple have also produced a removal tool specifically for Lion users who do not have Java (see below).

If your computer is infected
We have detected a small number of Macs which have the malware installed. In these cases, we have disabled internet access for the users and asked them to contact IT Services. If you fall into this category, please bring your computer along to the IT Services help desk in Shawcross and we will remove the malicious software and restore your access.

More information and useful links

 

Subscribe to our latest news mailing list to receive email alerts of updates.