Apple Event: May 7th at 7 am PT

Learn more

Add to your calendar 

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: chaminade0408
chaminade0408 Author
User level: Level 1
0 points

OSX popup about malware?

I just updated my MacBook Pro (which I check for updates about 2-3 times a week, plus the automatic alerts) and it updated Java. Almost immediately after, I got this:


It says "Malware was found and removed from computer. The "OSX.FlashBack.iv" malware was found and removed." It then gives you the option to "Report malware to Apple to protect other users," to click on the question mark for help (which goes no where..opens up "Help" with no information displayed" and to click OK.


does anyone know anything about this? should I be concerned? I can find almost nothing about OSX.FlashBack.iv online, or anything about the the prompt itself. is this an actual Apple prompt?


any help would be greatly appreciated!



User uploaded file

MacBook Pro (15-inch Early 2008), Mac OS X (10.5.5)

Posted on Apr 19, 2012 5:59 PM

Reply
19 replies
User profile for user: dudelar
dudelar
User level: Level 1
4 points

May 11, 2012 10:50 AM in response to MadMacs0

sorry, i haven't posted in awhile and hadn't updated my profile. i'm running 10.6.8 on a macbook pro because of older software. i ran the original security update when the malware was initially announced in late april. i also ran a scan that i found via one of the articles about the malware online through my terminal and my system came up clean. what i'm confused about is that my system was clean after the update so why after this one did it find the malware? i guess i'm wondering if the original security update actually caught all of the trojan malware

Reply
User profile for user: MadMacs0
MadMacs0
User level: Level 5
5,221 points

May 11, 2012 11:31 AM in response to dudelar

dudelar wrote:


i ran the original security update when the malware was initially announced in late april.

So that would have been this one Java for Mac OS X 10.6 Update 8 on or after April 12.

i also ran a scan that i found via one of the articles about the malware online through my terminal and my system came up clean.

That was likely incomplete as there were only a couple back then that were looking for all the components of the latest variant. There have been over two dozen versions of this particular malware, so many of the Terminal command were inconclusive.

what i'm confused about is that my system was clean after the update so why after this one did it find the malware? i guess i'm wondering if the original security update actually caught all of the trojan malware

Are you now talking about this update Security Update 2012-002 (Snow Leopard) which was released earlier this week? The security release notes About the security content of OS X Lion v10.7.4 and Security Update 2012-002 don't say anything about Flashback or the malware removal, so I need to do some additional checking.


Were you able to verify installation of these in Software Update or did you download them separately.

Reply
User profile for user: dudelar
dudelar
User level: Level 1
4 points

May 11, 2012 11:32 AM in response to MadMacs0

yes, my computer found the update 2 days ago but i just got around to updating last night. i totally understand the terminal command that i ran not finding all versions of the malware. i guess that's what i was wondering about. if you don't mind me asking, aside from changing important passwords etc... should i be worried about this malware effecting my system in any other way?

thanks for your help

Reply
User profile for user: MadMacs0
MadMacs0
User level: Level 5
5,221 points

May 12, 2012 12:32 AM in response to dudelar

dudelar wrote:


aside from changing important passwords etc... should i be worried about this malware effecting my system in any other way?

There doesn't seem to be agreement on everything this malware is capable of. It almost certainly was responsible for redirecting your browser to ads for which they get paid. Intego seems to know that most about this and even experienced an intrusion first hand. At one time they seemed certain that username/password pairs were being harvested and sent to the bad guys, but their most recent writing doesn't confirm that it has, yet. http://www.intego.com/mac-security-blog/what-is-flashback/

Reply

OSX popup about malware?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up