Apple Releases Flashback Removal Tool for Macs Running OS X Lion without Java

Following yesterday's release of fresh Java updates to remove the Flashback malware system from Macs running OS X Lion and Snow Leopard, Apple today released a standalone Flashback malware removal tool to clean infections from OS X Lion systems without Java installed.

About Flashback malware removal tool

This Flashback malware removal tool that will remove the most common variants of the Flashback malware.

If the Flashback malware is found, a dialog will be presented notifying the user that malware was removed.

In some cases, the Flashback malware removal tool may need to restart your computer in order to completely remove the Flashback malware.

This update is recommended for all OS X Lion users without Java installed.

While the most dangerous method of attack for Flashback exploits a security hole in Java that Apple has now patched, various versions of the malware have also used social engineering and other tricks in attempting to gain access to users' systems.

flashback malware removal tool
With OS X Lion not having Java included by default, users of Apple's latest operating system who have found themselves infected through other means and do not have Java installed can use the new tool to clean their systems without needing to install Java.

The update weighs in at 356 KB and requires OS X Lion without Java installed.

Top Rated Comments

likemyorbs Avatar
120 months ago
Why do you say it 'weighs in at' 356 KB?

Why don't you just say it 'is' 365 KB

I don't see how writing 'it weighs in at' adds any information or style especially as you have used this phrase at least 100 times in the exact same way. That seems to reveal a certain lack of style. Or perhaps I am just being a curmudgeon.

You're a virgin aren't you?
Score: 6 Votes (Like | Disagree)
GGJstudios Avatar
120 months ago
Oh, and opening "safe" files after downloading isn't dangerous. What's it going to do, infect your computer by opening a ZIP or DMG? Just don't agree to any installations that randomly appear when you're browsing some shady site, loading plugins on the site.
This is how many were caught by the MacDefender malware. Granted, they should have closed the installer when it launched, but unchecking that option in Safari prevents even the installer from launching. It never should have been checked in the first place.

Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 10 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). Also, Mac OS X Snow Leopard and Lion have anti-malware protection (http://support.apple.com/kb/ht4651) built in, further reducing the need for 3rd party antivirus apps.
Mac Virus/Malware FAQ (https://guides.macrumors.com/Mac_Virus/Malware_FAQ)
[LIST=1]
* Make sure your built-in Mac firewall is enabled in System Preferences > Security > Firewall


* Uncheck "Open "safe" files after downloading" in Safari > Preferences > General


* Uncheck "Enable Java" in Safari > Preferences > Security. This will protect you from malware that exploits Java in your browser, including the recent Flashback trojan (http://support.apple.com/kb/HT5244). Leave this unchecked until you visit a trusted site that requires Java, then re-enable only for your visit to that site. (This is not to be confused with JavaScript, which you should leave enabled.)


* Change your DNS servers to OpenDNS servers by reading this (https://guides.macrumors.com/Mac_Virus/Malware_FAQ#Why_am_I_being_redirected_to_other_sites.3F).


* Be careful to only install software from trusted, reputable sites. Never install pirated software. If you're not sure about an app, ask in this forum before installing.


* Never let someone else have access to install anything on your Mac.


* Don't open files that you receive from unknown or untrusted sources.


* For added security, make sure all network, email, financial and other important passwords are long and complex, including upper and lower case letters, numbers and special characters.


* Always keep your Mac and application software updated. Use Software Update for your Mac software. For other software, it's safer to get updates from the developer's site or from the menu item "Check for updates", rather than installing from any notification window that pops up while you're surfing the web.

That's all you need to do to keep your Mac completely free of any virus, trojan, spyware, keylogger, or other malware. You don't need any 3rd party software to keep your Mac secure.

If you still want to run antivirus for some reason, ClamXav (http://www.clamxav.com/) (which is free) is one of the best choices, since it isn't a resource hog, detects both Mac and Windows malware and doesn't run with elevated privileges. You can run scans when you choose, rather than leaving it running all the time, slowing your system. ClamXav has a Sentry feature which, if enabled, will use significant system resources to constantly scan. Disable the Sentry feature. You don't need it. Also, when you first install ClamXav, as with many antivirus apps, it may perform an initial full system scan, which will consume resources. Once the initial scan is complete, periodic on-demand scans will have much lower demands on resources.
Score: 5 Votes (Like | Disagree)
macsmurf Avatar
120 months ago
Agreed. Now go bitch at the folks at Adobe and Oracle because it was THEIR software that was the issue that allowed this threat to happen. Not Apple.
Apple maintain and is responsible for Java for OS X which is a port of Java from Oracle. Moreover, Apple have a responsibility towards their customers.

Oracle DID fix the vulnerability 8 weeks before Apple. Apple just had to port the patch.

Even if that was to big a job for Apple they could have disabled the Java plugin on their platform as long as Java was unpatched. That amounts to making a software update that unchecks an option in the Safari preferences.

Even if that was too much of an effort they could have recommend to their customers to disable Java until further notice.
Score: 5 Votes (Like | Disagree)
roadbloc Avatar
120 months ago
But was that infection caused by a flaw in OS X. No, it was a flaw in Java. Which Apple doesn't own or operate. You act like porting a software and setting up the installers etc for it to download via their Software Update system is this easy piece of cake that would take 5 minutes to set up. Which is likely very far from the truth.

Sigh. Okay, this is going to take a little more explaining it seems.

Imagine I have make a recipe for a wonderful cake. I call this cake the Java-Cake. I make these Java-Cakes and sell them to cake stalls/shops.

Okay, now this is where you come in. You want to sell my cakes in your cake shop, a shop you call the Apple-Cake-Shop. But you wish to bake them yourself so they arrive on the shelf fresh and perfect. I agree to give you access the latest recipe as long as people are aware that it is a Java-Cake and not an Apple-Cake-Shop Cake.

For a few weeks everything is great. Then I notice that some people are having an allergic reaction to a certain ingredient in my Java-Cake. I improve the recipe and remove the offensive ingredient. By default, you get a copy of the new recipe, because it is part of the agreement that you have access to the latest recipe.

Unfortunately, you fail to take notice and continue to use my old Java-Cake recipe. Your consumers begin sending complaints of allergic reactions. Naturally, because it is a Java-Cake and made by me, the initial reaction is to blame me. Unfortunately, everyone else but you has the safe version of the Java-Cake, putting you at fault, because you (for whatever reason) failed to use the latest recipe.

When you agree to do something on behalf of your consumers, it is your responsibility. It is your fault as the owner of the Apple-Cake-Shop as you failed to update the recipe. You either need to pick up the game a bit or let me bake your Java-Cakes for you to ensure you have the latest recipe.

And that is exactly what Apple needs to do. Either accept its responsibility that it took on or let Oracle bake their Java-Cakes for them.

Get it now?
Score: 4 Votes (Like | Disagree)
Roc P. Avatar
120 months ago
So those of you who ran this update, what happened? Did it just install and then nothing happened? I found it odd to not even be told that I at least DIDNT have this Trojan.
Score: 4 Votes (Like | Disagree)
faroZ06 Avatar
120 months ago
I've had Java running all this time and never had a problem...

Same. I don't see how so many people are getting this.

Also, Apple didn't release anything for Leopard, right?
Score: 4 Votes (Like | Disagree)

Top Stories

iphone12protriplelenscamera

Apple's Orders for Key iPhone 13 Camera Component Expected to Outstrip Entire Android Market

Wednesday June 9, 2021 12:47 am PDT by
Major camera upgrades coming to the iPhone 13 series are putting increased pressure on suppliers to meet Apple's demand for key lens components, according to a new DigiTimes report. Apple has reportedly put Taiwan-based makers of voice coil motor (VCM) components on notice to increase their capacity by 30-40% in order to meet the company's demand, which is expected to outstrip the entire...
macos monterey setup assistant

macOS Monterey Allows You to Erase a Mac Without Needing to Reinstall the Operating System

Wednesday June 9, 2021 4:41 pm PDT by
It's been a few days since Apple announced macOS Monterey, and we continue to dig through new features that weren't mentioned during the WWDC keynote, including a much more convenient way of erasing a Mac. Following in the footsteps of the iPhone and iPad, the Mac has gained an "Erase All Content and Settings" option on macOS Monterey. The option allows you to erase all user data and...
EEC Apple iphone 13

Apple Registers iPhone 13 Models in Eurasia Ahead of September Launch

Friday June 11, 2021 2:16 am PDT by
Nashville Chatter Class has discovered a new Russian-language regulatory filing in the Eurasian Economic Commission (EEC) database pointing towards several unreleased iPhone 13 models that Apple will be launching in the fall. Versions of iPhone running iOS 14 are listed with the model numbers A2628, A2630, A2634, A2635, A2640, A2643, and A2645. None of the numbers correspond to Apple's...
Dark Sky App Featured

Dark Sky iOS App, Website, and API Now Scheduled to Remain Available Until End of 2022

Thursday June 10, 2021 7:34 am PDT by
Last year, Apple acquired the weather app Dark Sky, and shortly after its purchase, Apple shut down the app for Android. Despite the revamped iOS 15 Weather app taking heavy inspiration from Dark Sky, the weather's app standalone iOS app, web app, and API will remain available until the end of next year, compared to the end of this year, as previously planned. Dark Sky announced in an update ...
mr white ipod touch 5 protoype3

Unreleased iPod Touch 5 With Chamfered Edges and 30-Pin Dock Connector Shared Online

Thursday June 10, 2021 2:05 am PDT by
Occasional leaker Mr White has today shared interesting images on Twitter of what appears to be an old-school fifth-generation iPod touch prototype with chamfered edges and a brushed aluminum finish. The original iPod touch 5 that Apple released in October 2012 had a unibody anodized aluminum chassis with rounded edges, and was available in several colors, including slate. Another...
live text macos monterey

Several macOS Monterey Features Unavailable on Intel-Based Macs

Wednesday June 9, 2021 8:23 am PDT by
While there are many great new features in macOS Monterey, several of them are not available on Intel-based Macs, according to Apple. On the macOS Monterey features page, fine print indicates that the following features require a Mac with the M1 chip, including any MacBook Air, 13-inch MacBook Pro, Mac mini, and iMac model released since November 2020:Portrait Mode blurred backgrounds in...
ipad mini 6

Next iPad Mini Will Allegedly Feature Thinner Bezels, USB-C Port, and Touch ID Power Button

Friday June 11, 2021 1:13 pm PDT by
On his newly launched Front Page Tech website, leaker Jon Prosser has shared renders showing off the alleged design of the next-generation iPad mini, which he says are based on schematics, CAD files, and real images of the device. In line with details shared earlier this month by Bloomberg's Mark Gurman and Debby Wu, Prosser claims that the new iPad mini will feature slimmer bezels around...
apple logo plain

Trump Administration Subpoenaed Apple for Data on Two House Intelligence Committee Democrats

Thursday June 10, 2021 6:21 pm PDT by
When investigating leaks of classified information during the early days of the Trump Administration, the United States Justice Department subpoenaed Apple for metadata from the accounts of at least two Democrats on the House Intelligence Committee, reports The New York Times. Apple was also required to provide data from their aides and family members, with the DoJ requesting the records of...
macos monterey tidbits feature copy

macOS Monterey Tidbits: Animated Memoji on Login Screen, Change the Color of the Mouse Pointer, and More

Friday June 11, 2021 10:27 am PDT by
We've highlighted several new features coming in macOS Monterey, such as Low Power Mode and the option to erase a Mac without reinstalling the operating system, but there are some smaller tidbits that we wanted to share. Animated Memoji on Login Screen One small but fun new feature in macOS Monterey is the addition of a personalized Memoji on the login screen, complete with animated facial...
ios15 mail privacy feature

Apple Putting a Stop to Email Tracking Pixels With Mail Privacy Protection in iOS 15 and macOS Monterey

Thursday June 10, 2021 11:03 am PDT by
Tracking when you've opened up an email and what you've read is something that many companies and advertisers rely on for their marketing efforts, plus there are email clients out there designed to let users know when the emails they've sent have been opened up. Much of this tracking is facilitated by remote images that load when viewing an email, and some of it is even sneakier, with...