Kaspersky Announces Free Website to Check Your Mac for Widespread Virus
Submitted by Alyssa.ames on Tue, 04/10/2012 - 11:23
By: Kaspersky Américas on 10/04/2012
Lab’s experts recently analyzed the Flashfake botnet
and found a total of 670,000 infected computers worldwide, with more than 98%
of the computers most likely running Mac OS X, and most located in the United
States. This is the largest Mac-based infection ever. Kaspersky
Lab has today announced a free website and disinfection tools where users can
check their machines, and remove the virus if necessary.
dedicated site is safe for users to visit and enter their computer’s UUID,
which will be checked in Kaspersky Lab’s Flashfake database of infected
computers. Instructions for entering user UUIDs are included as well.
How to disinfect your
If your UUID is found in our
database, you need to disinfect your Mac. Here are two recommendations to do
Use a free special utility,
the Kaspersky Flashfake Removal Tool. It will
automatically scan your system and remove Flashback if it is detected. This is a
free-to-download and free-to-use program.
Download a trial version of Kaspersky
Anti-Virus 2011 for Mac. This program offers comprehensive protection
against all known malicious programs for Mac OS X, including Flashback.
Throughout the previous weekend, Kaspersky Lab experts have seen
a decline in the number of infected computers (known as “bots”) for Flashfake: on
April 6 the total number was 650,748. At the conclusion of April 8 the number
of active bots was 237,103; however, the decrease in infected bots does not
mean the botnet is rapidly shrinking. The statistics represent the number
of active bots connected to Flashfake during the past few days – it is not the
equivalent of the exact number of infected machines. Infected computers that
were inactive during the weekend would not be communicating with Flashfake,
thus making them not appear as an infected bot.
States had the most infected computers (300,917) followed by Canada (94,625),
the United Kingdom (47,109) and Australia (41,600). Other infected countries
included France (7891), Italy (6585), Mexico (5747), Spain (4304), Germany
(4021) and Japan (3864).
On April 6
Kaspersky Lab’s researchers reverse-engineered the Flashfake malware and
registered several domain names which could be used by criminals as a C&C
server for managing the botnet. This method enabled them to analyze the
communications between infected computers and the C&Cs. By connecting
to Flashfake, Kaspersky Lab’s experts are able to continuously monitor the
botnets communication with active bots and have published their findings (post by Alexander Gostev, Chief
Security Expert, Kaspersky Lab).