Free Flashback Checker finds out if your Mac is infected

Still not sure whether you’re infected with that Flashback malware that’s been making headlines? A new free app from a Mac programmer can you help you verify whether your Mac’s caught the bug.

Last week, Macworld outlined everything you need to know about the Flashback trojan horse, but the most important thing you need to know is whether your Mac has fallen victim to it. You could muck about in Terminal to get the answer, or you could grab Flashback Checker, a small utility from programmer Juan Leon.

Flashback Checker

First reported by Ars Technica, Leon’s program handles the task of combing through your Mac’s contents to find any traces of the Flashback malware.

Leon, a Mac programmer for a software maker by day, told Macworld via email that he’s always tinkering on his own time, creating utilities and plugins or contributing to open source projects. Indeed, Flashback Checker is one of those projects Leon worked on during his off-hours.

“I saw on Twitter that [Mac IT professional and frequent Macworld contributor John C. Welch] had created some scripts to help folks out, and figured I could write a native application that checked for all the known variants in a single run,” Leon said in his email. “He suggested that I make the source available to earn more goodwill. I researched the problem and came up with the checker in a couple of hours.”

Leon says his side projects are usually inspired by finding a tedious task and making it easier to perform. “That was the case with the Flashback Checker,” he said. “People were struggling the the command line.”

Here’s how Flashback Checker works: When you launch the app, click its one button—Check for Flashback Infection. If the results display includes the message “No Signs of infection were found,” you can breathe easy. If you’re infected, the utility alerts you. Leon’s code doesn’t remove the malware; instead, it points you in the right direction to go about cleaning up your system, which includes running some very specific Terminal commands.

Leon said he toyed with the idea of also removing the malware with his program, “but I thought people would be unwilling to supply thier admin password to an unknown app.”

The latest variant of the Flashback trojan horse is capable of installing without requiring your password, even if all you did was visit a maliciously-crafted webpage. The malware exploits a Java vulnerability first patched by Oracle back in February; Apple only released an update to patch those flaws late last week, after the Flashback malware had already infected more than half a million Macs.

The curious can download the the source code for Leon’s Flashback Checker as well.

This article was updated at 4:15 p.m. PT with comments from Juan Leon.

recommended for you

Securitysplainin'

Read more »

Subscribe to the Apple @ Work Newsletter

Comments