Apple users beware, the halcyon days of clicking on questionable links without repercussions is at an end.
A Trojan botnet named Flashback, because hackers have a sense of humor, has been quietly infecting Mac users via Java loopholes. There is no extra step. Users didn’t have to click on a dubious “YOU’VE WON” pop-up or answer a Nigerian Prince’s call for help. Simply visiting a website with the malware was enough to open the door to infection.
How To See If You’re Infected:
1. Go To Applications
2. Open Your Utilities Folder
3. Click On Terminal: This is will bring up an old school DOS-prompt looking window.
4. Copy/Paste This: defaults read /Applications/Safari.app/Contents/Info LSEnvironment
5. Copy/Paste This: defaults read /Applications/Firefox.app/Contents/Info LSEnvironment
6. Copy/Paste This: defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
If the Mac is not infected, each of those prompts should return the message “The domain/default pair of (/Users/YourMacHere/.MacOSX/environment, THING_YOU_COPY_PASTED) does not exist”
If the Mac is infected by the trojan, it will return a path to the malware.
Ha Ha Suckers! I’m not infected. Now what?
Oh God, I’m infected. Now what?
If you are computer savvy, you can attempt to remove it manually.
If that link makes your brain cave in on itself, you can either take the Mac to a professional or wait until Apple release a fix, depending on if you’d rather be broke or vulnerable to hackers for the foreseeable future.