Apple's Flashback malware remover now live
Apple this afternoon released an integrated tool to remove Flashback, malware designed to steal user information that was estimated to be present in more than half a million machines just last week.
The tool, which was made available as part of a security update to Java today, comes two days after Apple said it was working on an automated way for users to remove the infection.
Flashback is a form of malware designed to grab passwords and other information from users through their Web browser and other applications. A user typically mistakes it for a legitimate browser plug-in while visiting a malicious Web site. At that point, the software installs code designed to gather personal information and send it back to remote servers. In its most recent incarnations, the software can install itself without user interaction.
According to Apple, the new tool removes "the most common variants" of the malware, as well as turning off automatic execution of Java applets on Web pages.
After being discovered by Russian antivirus company Dr. Web earlier this month, several security firms -- including Kaspersky and Symantec -- verified its prevalence, while noting that infections have been in a decline. Yesterday Symantec estimated around 270,000 machines to be infected with the malware worldwide, down from an estimate of more than 600,000 counted last week.
Apple's removal tool joins a small number of other solutions created to detect and remove the malware. Yesterday F-Secure released a small piece of software that makes use of AppleScript to detect it and make any necessary repairs, with Symantec rolling out its own such tool today, just ahead of Apple's. Kaspersky Lab, which was the first company to verify Dr. Web's infection numbers, introduced one of the first automated removal tools last week.
Updated at 3:28 p.m. PT to note that infection numbers were estimates.