OS X Flashback trojan identification and removal

Despite what most OS X users think and say, OS X is in fact as vulnerable to trojans and/or rootkits as any other Operating System. Though it is significantly harder (or not) to do so in a Unix machine, the increase in Apple computer users has turned their operating system a viable target for mass infection and botnet operation.

This time around, a trojan named as Flashback has reportedly infected more than half a million computers worldwide. It earned it’s name due to the nature of the infection, pretending to be an Adobe Flash update and thus being granted administrator privileges by unsuspecting users to download and install it’s payload.

Apparently the trojan takes advantage of flaws within the Java versions found within latest versions of OS X. Although Oracle published a fix for it several weeks ago, Apple is only just now making it available to it’s users generating this way a fair amount of controversy.

An advanced description of the trojan as well as identification and removal methods can be found here, thanks to the folks at F-Secure.


Edit: F-Secure has made a tool available online to remove Flashback from OS X machines here.