Last week the blogosphere nearly exploded (see here, here, here and here for only a few examples) with the news of the Flashback trojan, creating a botnet of nearly 600,000 Apple machines. Getting your machine infected is as easy as surfing to a bogus website containing the malware, which installs itself using an exploit in Java. This technique is called a drive-by download. There is no need for you to enter your admin credentials. It’s even worse: the malware will install itself without you noticing it at all. Pretty scary if I may say so.
If you want to know if your Mac is infected with the Flashback trojan, then check out this page on F-Secure’s website to find out and follow the removal instructions if you do find it on your machine.
To make your Mac less vulnerable for this kind of malware attack, I recommend checking out Khürt Williams’ post who explains how to turn off Java in Safari and on OS X level. This makes very much sense when you are not a software developer who has to deal with Java on a daily basis. If you use an other browser like Google Chrome or Firefox, then check out this page for instructions. Khürt also advises to uninstall Adobe’s Flash plugin. This is one bridge too far for me at the moment, but it certainly is a good idea.
A lot of people consider the outbreak of Flashback as a turning point for the Mac platform. Mac users should face it that they are not ‘forgotten’ anymore by malware writers and should install anti-virus protection, just as the majority of Windows users does nowadays. Check this post on AskDifferent.com for a list of anti-virus solutions for the OS X platform.
Update April 11th, 2012: Apple works on software to release the Flashback malware from infected Macs and is working with ISPs worldwide to bring down the botnet’s command & control servers. Read more about this on arstechnica.com.