Instructions to see if you’ve been infected with the Flashback malware

Written by

It’s worth checking to find out. I did, but I’m not infected.



  • http://twitter.com/MoBurkhardt MoBurkhardt

    there are no instructions to see if you’ve been infected, just how to remove the trojan if you’ve got it

    • CashGap

      Step 1 and Step 8 to test for the malware.

  • http://twitter.com/greg42 Greg

    Anybody have a non-Terminal way to check/remove?  I mean, I see it’s a step by step instruction, but I am after all a decades-long Mac user. ;-)  Even a commercial product is okay, just wondering if any of them work against it.  I don’t much care for the fear-mongering of some of them, but I could see this being an actual deal.

    Also do we know if this runs on PowerPCs? Old versions of OS X? It’s Java, so it’s good on anything perhaps?  Can’t seem to get a handle on things spelling that out, stuff is too terse about it.  And I’m reasonably adept so how would the average Mac user do?

    • http://www.bynkii.com/ John C. Welch

      I ganked an AppleScript application to test for it: 

      http://dl.dropbox.com/u/23632593/Find%20Flashback.zip

      it’s pretty straightforward applescript, so the code’s there for  you to inspect if you wish.

      • Simon Harper

        Many thx for the script, a tad quicker than Terminal typing. Cheers

  • sfmitch

    Clean as a whistle!

  • http://profile.yahoo.com/2ZAPU6B53EKLAXIRWNVERU7A3Q Fisher

    I don’t know anyone who has been infected by this yet. Nobody. Am I the only one questioning whether this is really a problem? Viruses and Malware seem incompatible with the sophisticated security design of OS X.

    • http://www.bynkii.com/ John C. Welch

      five infections out of about 60 machines checked. around 200 total on my network. Been seeing symptoms for two weeks, just didn’t have the info to realize what it was. 

  • Enonzey

    “. . . successfully infected more than 550,000 Macs . . .” http://krebsonsecurity.com/2012/04/urgent-fix-for-zero-day-mac-java-flaw/

    The security design of OS X may not be as sophisticated as you think, particularly with Java in the mix.

  • http://twitter.com/Moeskido Moeskido

    I avoid using Terminal, but this wasn’t hard to do. Thanks, Mr. D.

  • Michael Adams

    Not infected, but I also have ClamXav installed and according to the article, the malware checks for that (and other anti-virus apps) and, if found, deletes itself.