The Flashback malware for OS X has been one of the largest attacks to date on OS X, which at its peak on April 6 affected an estimated 600,000 systems running OS X. While developments regarding this malware's mode of infection and the scope of the problem have been concerning, efforts by those in the Mac community are underway to tackle and remove the problem. So far, these efforts have cut the number of infected systems in half in just under five days.
This effort has stemmed from the availability of instructions on how to manually detect and remove the malware, detailed analysis of the problem by F-Secure and others, and detection tools made available by security firm Dr. Web and even by those in the Apple community discussions. There have also been extensive efforts by those on the Apple Discussion forums to help people remove the malware from their systems.
Extending this effort, today security company F-Secure has released a new Flashback removal tool, which will detect and repair the damage done by known variants of the Flashback malware. The tool is a free standalone AppleScript application that is separate from F-Secure's antivirus scanner, which performs the same routines as has been outlined in current instructions for manually removing the tool and logs its findings in a file on the user's desktop. The only difference is instead of immediately deleting the malware, it extracts it from your system and saves it in a zip archive that you can optionally send to security companies for analysis, or simply delete if desired.
Even if you have followed manual instructions to remove this malware, we recommend you download and run this tool to ensure your system is free from the malware, especially if you are unfamiliar with the use of the OS X Terminal.
This new tool by F-Secure is another advancement by the Mac community against this threat that accompanies not only manual instructions and help from community members, but also swiftly updated definitions for Sophos, ClamXav, VirusBarrier, and other malware scanners for detecting the malware. On Apple's end, even though the extent of this infection stemmed largely from Apple's delay in issuing a patch for known Java vulnerabilities, the company finally released the patch and has further announced its own Flashback removal tool is in the works.
It's hope that these, and the continuing efforts by the Apple community, will reduce the prevalence of this infection to a minimum.