HT5254: About the security content of Flashback malware removal toolLearn about About the security content of Flashback malware removal tool
Currently Being ModeratedApr 17, 2012 5:47 PM (in response to pedalmonkey)
It is a trojan that effeted a small % of Macs. If you have reason to think yours was effected the download Apple's Flashback removal tool and install the latest updates from Software Update.
Currently Being ModeratedApr 17, 2012 5:51 PM (in response to pedalmonkey)
See About the Flashback malware. (Note that my pages contain links to other pages that promote my services, and this should not be taken as an endorsement of my services by Apple.)
As to what it does, there's no real documentation on that. There are a few scattered reports here and there, like that it will redirect search results in your browser to malicious sites, but it was basically capable of anything. It injected code into your web browser at a minimum, and could have snooped on anything that you did with your browser. So you'd be wise to keep an eye on your finances, change any financial site passwords, cancel any credit cards the instant any suspicious charges appear, etc. You may want to pay for something like LifeLock to keep an eye on your credit rating and help you fix any problems that appear. That could be overkill, or it could save you from long-lasting financial consequences.
Currently Being ModeratedApr 17, 2012 8:29 PM (in response to pedalmonkey)
> Gimme some answers, Apple.
You do realize that Apple doesn't live here, right? They might drop by unofficially to browse in their spare time, but rarely comment and never openly or officially.
Safarii crashes and occassionally redirects to ad sites are about the only thing users are reporting today and some noticed nothing at all. There were many crashes in the early days, but it would seem they've worked out most of the bugs.
Intego wrote the only analytic report I have found that alleges capture and reporting of username/password pairs. They even figured out that reporting goes out over Twitter. But so far there has only been one report, that I've heard about, of fraudulent credit card activity around the time of infection. Maybe they just haven't gotten ariund to the exploitation phase yet.
As was mentioned, this malware has a backdoor, so could be configured to do most anything.
Currently Being ModeratedApr 17, 2012 9:01 PM (in response to MadMacs0)
Yeah, I realize that Apple doesn't live here. I also appreciate you all takking time to answer my question. It ****** me off when they give us a security update to a possible security breach but don't tell us what to keep an eye out for.