There is a virus for Mac that has recently started to pick up steam (infected over 600,000 Mac computers worldwide). It is called the Flashback trojan, and relies on a vulnerability in your computer's Java installation. This virus operates in the background, so many users don't know they are infected. Click Here for more details, and steps you can take to see if your computer is infected.
Currently there are multiple malware programs circulating designed to infiltrate Mac OS. These programs are similarly designed to look like legitimate antivirus programs and tell users that their Mac is heavily infected with viruses. The program then harasses people into providing credit card information to purchase fake anti-virus program to remove the infection. This is a ploy to get your personal information.
Often times these programs are automatically downloaded but cannot be installed without the permission of the user, by way of an administrator password. People who are not aware of these malware threats can unknowingly install these programs on to their machines. ONLY install programs on your machine that are from trusted publishers and that you have knowingly downloaded. Also, make sure that you have an updated antivirus program on your Mac. Students and Staff of OSU have access to free antivirus programs.
Here is some info from the Apple Support community about removing Mac Defender.
Apple has released a security patch for this virus. If you are using OS X 10.6 or 10.7, make sure and install all available updates for your mac. The patch was released as an Apple update, so installing the update will take care of the virus.
The Flashback virus targets a security hole in the Java software installed on your computer. Java is included with OSX, the operating system on your Mac. The virus is designed to steal personal information in the background without the user noticing, so once your computer is infected, you may not see any difference in the way it runs. To find out if your computer is infected, read the section below.
A new variant of the flashback virus has become available. In order to check if your device has this new variant you will need to open a terminal window by either searching for it using the Finder, or by opening Applications->Utilities->Terminal, then typing the following commands:
You will be looking for any files ending in the extension ".so". There is a pending list of possible files that may be listed in that directory, so far they are:
There are several other files that may be there, their names and locations are as follows:
For removal instructions, read the information below:
Apple has released a software update that should fix the most common variants of the infection: directions on downloading that update are provided below:
Removal instructions using Symantec Endpoint Protection can be found on the Symantec Website here. If you do not have symantec installed, you can download and install it from the OSUWare Website (Free for Students and Faculty/Staff).
PLEASE NOTE: The removal process involves running scans and possibly installing programs on your Mac. If you are not comfortable doing this on your own, you can get help on campus:
There are several steps you can take to keep your Mac safe from infection.
Keep your Mac (and other programs) up-to-dateAll viruses are designed to exploit security holes in different programs, and most updates work on patching these holes as they are discovered. Using out-of-date software makes it easier for infections to target your system. To check your Mac for Apple updates:
To check your Mac for other program updates: This varies based on what program you are using, but it can generally be found by opening the program, then looking for an "Updates" option in one of the top menus. Updating your Operating System: Older Mac Operating Systems (OSX) have additional vulnerabilities that newer versions don't have. The latest versions of Mac OSX are 10.7 and 10.6. You can check which version of OSX you are using by clicking the Apple symbol in the upper-left hand corner of your screen, and clicking on "About this Mac". If you have a version that is below 10.6, you may want to consider purchasing an upgrade for your computer if possible. Contact the OSU Computer Helpdesk for more details.
|
Install an Anti-Virus ProgramOSU offers Symantec Endpoint Protection for free to all students and faculty using personally owned laptops. There is a Mac version available which you can download and install from the OSUWare Website. If you need help installing an Anti-Virus program, you can bring your Mac (If it is a laptop) to the Walk-Up Computer Helpdesk in the Valley Library. Note if you are faculty with a department owned Mac, you will need to contact your department support group for help.
|
Practice safe browsing habits when using the internetBrowsing to the wrong website is one of the most common forms of infection. Follow the suggestions on the safe browsing page for safe browsing tips. |
Currently, 10.5 users and earlier are going to have to disable their Java until they can remove the infection, as the new update from Apple doesn't cover their OS. If you're not sure on how to find your OS version, follow the directions below:
PLEASE NOTE: If you are using OSX 10.5 or earlier, we highly recommend (for security reasons) that you look into purchasing an update if your computer supports it. If you have questions about updating, contact the OSU Computer Helpdesk.
If you are faculty and using a department issued laptop, you should be eligible for an upgrade through your department. Contact your department support group for help.