Advertisement

Mac users hit by global trojan malware outbreak

Many Apple users out there think that having a Mac will keep them safe from computer viruses. A recently discovered trojan has proven that belief false.

Over 600,000 Mac computers worldwide are infected with the Flashback Trojan, according to the Moscow-based anti-virus vendor Doctor Web. The company found on Wednesday that a large number of websites — estimated at four million — install the malicious code on systems.

The majority of the infected computers are located in North America. Apparently, 20 per cent of the infected computers are in Canada, while another 57 per cent are in the United States.

When a user stumbles across the malicious code on a website, it exploits a vulnerability the Mac operating system has in how it reads the Java programming language, the Financial Post reports. Once the code is on the computer, it takes over administrative functions on the Mac and hunts for usernames, passwords and personal data, which it relays back to a central computer system.

If you want to know if your Mac has been infected (and how to fix it if needed), Gizmodo reports that you should follow these steps provided by F-Secure:

1. Run the following command in Terminal:

defaults read /Applications/Safari.app/Contents/Info LSEnvironment

2. Take note of the value, DYLD_INSERT_LIBRARIES

3. Proceed to step eight if you saw the following error message:

"The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist"

Step eight checks to see if you have a variant of the trojan:

8. Run the following command in Terminal:

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

9. Take note of the result. Your system is already clean of this variant if you see an error message similar to the following:

"The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist"

If you get a "does not exist" result for both commands, then your machine is clear. If anything else comes up, F-Secure recommends taking your computer to a professional service that is familiar with the best way to remove these kinds of viruses.

To help make sure you're protected, it's recommended that you download Tuesday's security update for Mac OS X 10.6 as soon as possible.