Apple is developing a software update that will detect and remove the Flashback virus which currently infects nearly 600,000 Mac computers.
The Flashback Trojan botnet that has infected Mac originally exploits vulnerability in Java to steal personal information of the user. In a statement on its site, Apple has confirmed that it was following up the security flaw it released on April 3 with an update that will detect and remove the malware from infected PCs.
“In addition to the Java vulnerability, the Flashback malware relies on computer servers hosted by the malware authors to perform many of its critical functions,” it said. “Apple is working with ISPs [internet service providers] worldwide to disable this command and control network”, said Apple in the statement on its website.
Russian security firm Doctor Web earlier in April detected that a malware, officially called the BackDoor.Flashback.39, had already infected around 600,000 Mac computers. The updated version of the Flashback Trojan has been active since 2011, according to the experts.
However, Apple’s response to Flashback virus was criticised by Kaspersky Lab, a major anti-virus firm. “The three month delay in sending a security update was a bad decision on Apple’s part”, said Alexander Gostev, chief security expert at Kaspersky Lab.
“Apple knew about this Java vulnerability for three months, and yet neglected to push through an update in all that time”, added Gostev.
Apple has not yet confirmed an exact date when the update will be available. While the users wait for the update, Apple advises Mac users running OS X v10.7 and Mac OS X v10.6 to disable Java in their web browsers.