Apple working on Flashback removal tool

Malware infecting more than 600,000 Macs worldwide is designed to steal users' personal information.

Steven Musil
Steven Musil Night Editor / News
Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.
Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.
2 min read

Apple quietly announced today it is working on a tool to detect and remove the Flashback malware currently infecting hundreds of thousands of Mac computers around the world.

"In addition to the Java vulnerability, the Flashback malware relies on computer servers hosted by the malware authors to perform many of its critical functions," Apple wrote on its Web site. "Apple is working with ISPs worldwide to disable this command and control network."

Apple did not indicate when it expected the tool to be released to the public, and a company spokesman could not provide an estimate.

The malware made headlines last week when a Russian antivirus company revealed that more than 600,000 Macs were infected with the malware, which is designed to steal personal information. The malware was initially found in September 2011 masquerading as a fake Adobe Flash Player plug-in installer, but in the past few months it has evolved to exploit Java vulnerabilities that went unpatched in Mac systems.

Several experts have since said that the infection is the biggest yet to target Apple's Mac platform, which has grown in recent years alongside the popularity of the company's mobile devices.

Anti-malware makers have made efforts to build detection and removal tools for Flashback into their products, though one of the most readily available methods has been a manual process that involves plugging code strings into a built-in system utility. For its part, Apple issued an update earlier this month for OS X 10.6 and 10.7 that brings Java up-to-date and patches these vulnerabilities to keep computers from being infected in the first place.

[Via The Loop]

CNET staff writer Josh Lowensohn contributed to this report.