Intego + Recommended

Intego Offers Free Software for Detecting All Variants of Flashback Malware

Posted on April 10th, 2012 by

Since September, 2011, Mac users have been targeted by the Flashback malware, in what some commentators are now calling an epidemic. This malware has gone through many changes since Intego first discovered it, morphing from a Trojan horse to a drive-by download. While the means of delivery has changed, the malware that is installed on Macs is the same, but there are many variants of it. More than 600,000 Macs are known to be infected by the Flashback malware, and most Mac users don’t know whether they are infected or not.

If Apple’s Flashback removal tool does find that you are infected with one of the “most common variants of Flashback,” it will remove the malware, and display an alert. However, in Intego’s tests, this alert displayed very quickly, and disappeared almost immediately.


Unfortunately, this information can be misleading, because the instructions that circulate discuss just one variant of the Flashback malware. There are some two dozen variants already, each of which puts files of different names in different locations; these instructions and applications will therefore not find any but the one specific variant that they target.

These instructions may instill a false sense of security in users who follow them, or who run applications that use them. A user may be told that he or she is not infected, when their Mac may actually be infected, but just by a different variant. Finally, these instructions are all the more worrisome because information on the Internet has a long life-span. Users who find this information in a month or two may still think that it is valid.

Intego is offering the best, and free, way to help Mac users detect the Flashback malware. Intego’s Mac antivirus, VirusBarrier X6, offers a free 30-day trial version, and Mac users can download this and check to see if their Macs are infected by any of the many variants of the Flashback malware, along with other types of malware. VirusBarrier X6′s threat filters are up to date, and will detect every variant of the Flashback malware, not just the one for which detection instructions have circulated.

After you install the demo of VirusBarrier X6, make sure to update these threat filters in NetUpdate, which is installed with VirusBarrier X6, and which manages updates to the program and its filters. Mac users will be able to update these filters for the entire 30-day trial period.

To download a 30-day free trial of VirusBarrier X6, click this link..

  • Al Varnell

    It’s important to note that at least two of the tools being used to detect are using the wrong reference document and will not find two of the files currently being used to track those 600,000 infected Macs. The current variant has been in circulation since the end of March and is described in this document http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_k.shtml which has been out for over a week now.

    • LysaMyers

      What tools and reference documents are you referring to?

  • Gordon Miller

    I have been a subscriber to Intego for more than three years. How do I know that I don’t have the malware?

    • LysaMyers

      Please make sure you’ve completely scanned your machine with up to date virus definitions. It may be interesting to note that Flashback will not install itself if certain security tools are installed, including VirusBarrier X6

Join Our Awesome Email Newsletter

Enter your email address below to start receiving the best Mac Security Updates.

{"url":"\/marketo\/json\/add-to-newsletter","data":"list_name=Blog Roadblock"}