Apple working on fix to 'detect and remove' Flashback trojan

Cupertino acknowledges malware for the first time on support page

TODO alt text

Apple says it is working to create a solution for the Flashback malware, which is believed to have infected over 600,000 Mac computers around the world.

In a post in the company's Knowledge Base website, Apple has publicly commented on the issue for the first time since issuing a Java fix for the problem late last week.

The Flashback 'botnet' can command infected machines while harvesting usernames and passwords, but is not a problem directly attributable to the Mac OS X software itself.

The Knowledge Base article says Apple has a fix in the pipeline, which will detect and remove the malware.

Seek and destroy

The company is also working with internet service providers around the world in order to 'disable the command and control network' responsible for directing infected machines.

The post says: "A recent version of malicious software called Flashback exploits a security flaw in Java in order to install itself on Macs.

"Apple released a Java update on April 3, 2012 that fixes the Java security flaw for systems running OS X v10.7 and Mac OS X v10.6. By default, your Mac automatically checks for software updates every week, but you can change that setting in Software Update preferences. You can also run Software Update at any time to manually check for the latest updates.

"Apple is developing software that will detect and remove the Flashback malware.

"In addition to the Java vulnerability, the Flashback malware relies on computer servers hosted by the malware authors to perform many of its critical functions. Apple is working with ISPs worldwide to disable this command and control network."

Via: AllThingsD