If you think your Mac is virus-proof, think again. The folks over at Intego security have identified a newer and beefier version of the Flashback virus for OSX. It’s already spread to 600,000 computers, and it uses all sorts of dirty tricks to take over your computer and try to get at your passwords. Apparently, it can disguise itself as a software update window to trick you into installing it. Yikes!The best thing you can do to prevent it from getting into your computer is to click on your Apple menu, go to Software Update… and install the real update for Java. If you want to make sure your computer isn’t already infected, you’ll need to fire up the Terminal (which lives in Applications > Utilities > Terminal) and paste in a couple of commands. First, you’ll want to copy the following command and paste it into your terminal window:
defaults read /Applications/Safari.app/Contents/Info LSEnvironment
Make sure the result that comes up is:
“The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist”
Next, you’ll want to copy this command and paste it into terminal:
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
You’ll be looking for the result to be:
“The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist”
If either of the results doesn’t match the messages above, you might have a virus! If you’re comfortable with using the command line you can fix it yourself. If not, it’s time to talk to a professional.
Penn students, faculty, and staff should also be sure to install anti-virus software on their computers (both Mac and PC!), which Penn kindly makes available for free at http://www.upenn.edu/computing/product/ (you’ll need your PennKey to download the installer).