Over half a million Macs reportedly infected by Flashback trojan

5 April, 2012 - Paul Dixon
Dr. Web website on a MacBook Pro

According to Russian anti-virus company Dr. Web, more than half a million Macs worldwide are currently infected by the Flashback trojan, including 274 systems located in Apple’s own backyard – Cupertino, California.

Variations of the Flashback trojan have been around since 2007, the latest targets a vulnerability in older versions of Java.

Dr. Web explains how a Mac becomes infected:

“Systems get infected with BackDoor.Flashback.39 after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system. JavaScript code is used to load a Java-applet containing an exploit. Doctor Web’s virus analysts discovered a large number of web-sites containing the code.”

As OS X Lion does not come with Java by default, only users who have chosen to install it, or are running older versions of OS X such as Leopard and Snow Leopard, are potentially susceptible to the trojan.

Apple released an update to Java which addresses the vulnerability earlier this week, if you haven’t already downloaded it, you can do so via Software Update. Another anti-virus company, F-Secure, has provided diagnostics on their website which will determine whether or not your Mac has been infected, and if it has, how the trojan can be removed.

The majority of the infected Macs (303,449) are believed to be located in the US, followed by Canada in second place (106,379), the UK in third place (68,577), and Australia in fourth place (32,527).

[Via Ars Technica]

About the author

Paul Dixon is the owner of Macsessed. He lives in Lancashire in the UK where he works as a web designer. You can find him on and Twitter.