Antivirus Firms Release Free Tools for Cleaning Macs Infected by Flashback

Yesterday, Apple disclosed for the first time that it is working to develop a software tool to detect and remove the Flashback malware from infected machines. We also previously profiled Flashback Checker, a simple app designed to allow users to easily see if their Macs are infected but which provides no assistance with disinfection.

While Apple works on its own official solution, other parties have continued to develop their own increasingly user-friendly tools for dealing with the threat and cleaning infected machines, with some of those tools making their way into the public's hands.

Russian antivirus firm Kaspersky Lab, which has played a key role in monitoring and publicizing the threat of Flashback, yesterday announced the launch of a free web-based checker where users can simply input the hardware UUID of their Mac to see if it has registered on the firm's servers as an infected machine. The company has also released Flashfake Removal Tool, a free app that quickly and easily detects and removes the malware.

kaspersky flashback tool
Antivirus firm F-Secure has also announced its own free Flashback Removal app. The app generates a log file detailing whether it has found Flashback on a user's system, and if so quarantines it inside an encrypted ZIP file for disposal.

F-Secure also points out that Apple has yet to offer any protection for users running systems earlier than Mac OS X Snow Leopard. Flashback uses a vulnerability in Java to install itself without user authorization, and Apple released software patches for Java on Lion and Snow Leopard last week to close that hole and prevent infection on updated systems. Machines running earlier versions of Mac OS X do, however, remain unprotected. Specifically, F-Secure notes that over 16% of Macs are still running Mac OS X 10.5 Leopard, marking a substantial user base that remains vulnerable to the threat.

Update: Kaspersky Lab has informed MacRumors that the Flashfake Removal Tool has temporarily been pulled after the discovery that in some cases it could erroneously remove certain user settings. A fixed version of the tool will be posted as soon as it is available.

Update 2: The patched version of the Flashfake Removal Tool is now available through the Kaspersky Lab site.

Top Rated Comments

Dillenger Avatar
115 months ago

I checked and was not infected. I'm always skeptical about companies doing anything for free. What's the catch with Kaspersky?:rolleyes:


I think in time they will try to get you to open your walletsky so you can spend some of your moneysky on their Mac anti-virusky.
Score: 13 Votes (Like | Disagree)
jayducharme Avatar
115 months ago
Interesting that these tools are appearing after Apple announced that a fix of their own is coming....
Score: 9 Votes (Like | Disagree)
wazgilbert Avatar
115 months ago

Make sure all network, email, financial and other important passwords are complex, including upper and lower case letters, numbers and special characters.

Score: 7 Votes (Like | Disagree)
themelz Avatar
115 months ago
Kaspersky Lab web page is bogus

A few days ago I did the Terminal commands that F-Secure posted for checking for Flashback trojan (http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml). Redid it today and both times came up negative.

I downloaded and used an app to do the same (https://github.com/jils/FlashbackChecker/wiki) and also the F-Secure Flashback Removal app. They both also came up negative.

I used the web-based checker in this article, put in the hardware UUID of my Mac and surprise, surprise, it came up positive.

I would have thought that MacRumours would've tested them and saw that the Kaspersky Lab web page is bogus!!!!
Score: 7 Votes (Like | Disagree)
Sedulous Avatar
115 months ago
I still don't believe the 600,000 figure.
Score: 7 Votes (Like | Disagree)
AidenShaw Avatar
115 months ago

All Mac antivirus software is a scam. My mom's friend paid a lot of money to get her Mac cleaned of "viruses". Anyway "Mac antivirus" is an oxymoron.


People who don't admit that "virus" and "malware" mean the same thing to most people miss the point.

If your identity and credit card numbers are sent to criminals in the Ukraine - is it "OK" if malware sent the info and "bad" if a virus sent the info?

I'd think that most people would label it as "bad" regardless of minor technical details of the infection.

And add to that the simple truth that viruses aren't really that common anymore - OS changes have made the threat of viruses fairly small. When you get a product like Norton, you're buying "anti-malware" protection - even if the product name contains the word "antivirus" for historical familiarity.
Score: 5 Votes (Like | Disagree)

Top Stories

iphone 5s black slate

Images of Unreleased iPhone 5s in Black and Slate Shared Online

Sunday January 17, 2021 9:47 am PST by
Twitter user @DongleBookPro has today shared images of a prototype iPhone 5s in an unreleased Black and Slate color. The iPhone 5s was launched in September 2013. The device featured Touch ID, a 64-bit processor, and a True Tone LED flash for the first time. Other new features included a five-element lens with an f/2.2 aperture, a 15 percent larger camera sensor, Burst Mode, and Slo-Mo...
iP12 charge airpods feature 2

Hidden iPhone 12 Hardware Feature Could Still be Unlocked

Thursday January 14, 2021 2:51 am PST by
All iPhone 12 and iPhone 12 Pro models purportedly have a hidden reverse wireless charging feature, according to an FCC filing. The feature has not yet been activated, but could yet be unlocked for an upcoming Apple accessory. The FCC filing suggests that iPhone 12 models contain the hardware for Wireless Power Transfer (WPT) to accessories: In addition to being able to be charged by a...
Top Stories 43 Feature

Top Stories: MacBook Pro, iMac, Mac Pro, and iPhone Rumors, Best of CES 2021

Saturday January 16, 2021 6:00 am PST by
This week was sure a busy one in the Apple world, with a flurry of announcements out of CES early in the week followed by a rash of Mac- and iPhone-related rumors later in the week. The new rumors this week included details on updated MacBook Pro, iMac, and Mac Pro models, as well as a few other tidbits, so make sure to read on below to get caught up! Kuo: New MacBook Pro Models to...
foldable iPhone concept feature

Apple Testing In-Display Fingerprint Sensor for iPhone 13, Foldable iPhone Also in the Works

Friday January 15, 2021 1:46 pm PST by
Apple has started "early work" on an iPhone that has a foldable display, according to a new report from Bloomberg's Mark Gurman. Though testing of a foldable iPhone has begun, Apple has not committed to releasing a device that has a foldable display. Development has not yet expanded beyond a display and Apple does not have full foldable iPhone prototypes in its labs. Like foldable...
16inchmacbookpromain

Kuo: New MacBook Pro Models to Feature Flat-Edged Design, MagSafe, No Touch Bar and More Ports

Thursday January 14, 2021 9:32 pm PST by
Apple is working on two new MacBook Pro models that will feature significant design changes, well-respected Apple analyst Ming-Chi Kuo said today in a note to investors that was obtained by MacRumors. According to Kuo, Apple is developing two models in 14 and 16-inch size options. The new MacBook Pro machines will feature a flat-edged design, which Kuo describes as "similar to the iPhone 12" ...
macbook pro flexgate

Apple Extends 13-Inch MacBook Pro Backlight Repair Program

Sunday January 17, 2021 10:31 am PST by
Apple this week extended its worldwide 13-inch MacBook Pro Display Backlight Service Program, authorizing coverage for eligible notebooks for up to five years after the original purchase date or up to three years after the start date of the program, whichever is longer. The previous cutoff was four years after the original purchase date. Apple launched the program on May 21, 2019 after...
iphone x camera close

iOS 14.4 Will Introduce Warning on iPhones With Non-Genuine Cameras

Thursday January 14, 2021 8:07 am PST by
In the second beta of iOS 14.4 seeded to developers and public testers this week, MacRumors contributor Steve Moser has discovered code indicating that Apple will be introducing a new warning on iPhones that have had their camera repaired or replaced with aftermarket components rather than genuine Apple components. "Unable to verify this iPhone has a genuine Apple camera," the message will...
Apple TV Ray Light 2 Triad

Apple Extends Free Apple TV+ Trials Until July

Friday January 15, 2021 10:50 am PST by
Apple is once again planning to extend its free Apple TV+ trial subscriptions, this time until July. When Apple TV+ launched in November 2019, Apple offered free Apple TV+ subscriptions to those who purchased a new Apple device in or after September 2019. Those free subscriptions were set to expire in November 2020, but in October 2020, Apple announced that it was extending free trials...
mac pro mini feature

Apple Working on Two New Mac Pro Desktops, One of Which Will Be Reminiscent of Power Mac G4 Cube

Friday January 15, 2021 10:23 am PST by
Apple is developing two versions of the Mac Pro to succeed the Mac Pro that was first released in December 2019, according to a new report from Bloomberg. The first updated Mac Pro is a direct successor to the current Mac Pro and it will use the same design. It may also be equipped with Intel processors rather than Apple silicon chips, and it could be one of the sole machines in the Mac...
macbook pro magsafe

MagSafe is Coming Back to the Mac: A Look Back at Apple's Original Magnetic Charging Technology

Friday January 15, 2021 12:16 pm PST by
Surprise late night rumors last night provided us with our first in-depth look at what we can expect from the new MacBook Pro models that are coming in 2021, and there are some significant changes in the works. Along with additional ports, a new flat-edged design, and the removal of the Touch Bar, Apple's updated MacBook Pro machines will readopt MagSafe. MagSafe in the 2021 MacBook Pro...