As we German majors would say, “Die fetten Jahre sind vorbei.” Roughly translated, “the good times are over.” Just as I have that miserable virus known as the common cold, many Tufts students and computer owners around the world have yet another virus to deal with. But what makes this different from your average computer virus ‘gone viral’ is that it is for Macs.
As Macs became more and more popular, security researchers had been seeing a rise in the number of viruses for Macs. However, none of those viruses became widespread, and frankly, most of them were the type you only get when a rich Nigerian cousin you don’t have, who calls you sir although you’re a girl and supposedly his cousin, asks you to download a program so he can wire you US $1 million.
However, this virus is purported to affect over half a million computers. In addition, the user doesn’t have to download anything or enter any passwords. When users visit one of the sites hosting the virus, they have a completely normal experience without realizing that a virus is being downloaded in the background.
The virus is a so−called trojan (as in the horse), meaning that it allows someone using another computer to control yours. However, it doesn’t gain full control of your computer until it tricks you into entering your password, usually under the pretense of installing an update to Adobe’s Flash Player (hence Flashback).
It actually hasn’t wreaked too much havoc so far, though the virus has appeared to grow more ambitious over time. Originally, the virus was like an alien spaceship come to Earth in a science−fiction movie; everyone was watching it, yet it did nothing. But some reports are now indicating that it is displaying fake websites to fool people into giving their personal information.
Of course any Mac owner’s number one question right now is “Am I infected?” Well, like any active citizen should do, I encourage you to get yourself tested! Naturally, there’s an easy way and a hard way. The easy way is that somebody made a Flashback Checker app.
However, I would preach extreme caution with this. The original version, written by Juan Leon of Garmin, has been proven to be virus−free, but virus−checking tools are actually a popular delivery vehicle for viruses. I would recommend the hard way, which doesn’t involve downloading anything and is as follows.
In your Applications folder, open the Utilities folder and run the Terminal program. In the text window, type:
defaults read /Applications/Safari.app/Contents/Info LSEnvironment and press Enter. You should see the response “The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist.” If you have Firefox installed, you should try the same thing, replacing Safari.app with Firefox.app.
If either of these doesn’t give you the expected response, look for an antivirus that has been updated to remove Flashback (some haven’t yet) and download it. Many of the ones people have reported success with have a 30−day free trial, which is enough.
Most importantly, update your computer immediately afterwards by clicking on the Apple menu (upper−left corner) and then “Software Update...” Which leads me to answer the other obvious question: “How did this happen?” The shocking answer is that it was Apple’s negligence. The program takes advantage of a security flaw in the Java program, which is installed by default on all but the newest Macs, and often on the new ones anyway, since many programs require it. Java’s parent company, Oracle, discovered and fixed this flaw, but it took Apple 7 weeks and a virus outbreak to push the fix through their update service. The simplified update experience Apple provides clearly has a downside.