Virus & Security - Risk

— filed under:
Back to Main Status Page

Apple Mac Flashback trojan infection

A large number of Apple Mac computers have been infected with the Flashback trojan virus.  Once infected, the virus will allow the creator of the trojan to have full access to the infected Mac, including any information stored on the Mac, for example login details, banking information etc.  Often the creator of the trojan will also install other applications,which could turn the computer into a email spammer sending out thousands of spam email.

We strongly advise anyone infected with the Flashback trojan to backup their data, have the Mac wiped and the operating system and software reinstalled afresh.

Apple have released a Flashback removal security update which can be downloaded via Software Update from the Apple menu or manually from Apple's website.  Apple  advise that the removal tool will only remove the most common variants of the trojan.  

http://support.apple.com/kb/HT5273

Please be aware that the removal tool will only remove the trojan, It will not remove any applications, malware, other infections installed by the trojan.

The IT Shop in the Student Union will be able to help re-install the operating system if the original disks are provided.

http://theitshop.cardiffstudents.com

Alternatively, the Apple Store will be able to help with this repair work.  The Apple store have asked anyone visiting to book a genius appointment in advance via their website.

http://www.apple.com/uk/retail/

Any login details should be changed on a clean computer and you might need to contact your bank or card provider.

If you were infected and have carried out the necessary steps listed above please visit the IT clinic in the Students Union from 1pm to 3pm Monday to Friday to have your Mac checked.  We also offer an appointment based system and to book an appointment or for any help and advice please contact InsrvConnect.

http://www.cf.ac.uk/insrv/it/help/

We also strongly recommend all computer users to install antivirus software and to ensure all software is kept upto date, for security advice specific to Apple Macs please visit our security webpages.

http://www.cf.ac.uk/insrv/it/antivirus/applemac.html

Further information may be found at the Sophos naked security site.

http://nakedsecurity.sophos.com/2012/04/05/mac-botnets-gaining-traction-using-drive-by-java-exploit/


Last incident report updated: 2012-05-17 13:16:56

Document Actions
Key to Symbols

Status
Status Green Service fully operational
Status Amber Part of service experiencing problems or unavailable
Status Red The service is out of operation
Status SchedPart Part of service unavailable or at risk due to scheduled maintenance work
Status SchedOut The service is out of operation due to scheduled maintenance work

Risks
Risk Clear There is no foreseeable risk to this service
Risk Unknown There is no determinable risk
Risk Yellow Low risk to service
Risk Amber Moderate risk to service
Risk Red Major risk to service and/or may become unavailable at any time
Risk Sched Future risk to service because of scheduled maintenance work


* Concepts