To see if you haven't got it:<p>In terminal run:<p>defaults read /Applications/Safari.app/Contents/Info LSEnvironment<p>You should get this error:<p>The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist<p>Then run:<p>defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES<p>You should get this error:<p>The domain/default pair of (/Users/YOURUSER/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist<p>If you do you are clean of this variant!<p>If this doesn't happen go to <a href="http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml" rel="nofollow">http://www.f-secure.com/v-descs/trojan-downloader_osx_flashb...</a> to fix it
It's hard to believe, the claim is that is uses Reddit's search functionality to find connection addresses. I've never been able to find anything using Reddit's search.
Many independent reports of this, but I haven't seen any instruction for detecting or fixing<p><a href="http://www.tuaw.com/2014/10/03/thousands-of-macs-infected-with-os-x-botnet-malware-controlled-v/" rel="nofollow">http://www.tuaw.com/2014/10/03/thousands-of-macs-infected-wi...</a>
Hmm. I've never heard of drweb.com before, and there's no instructions on how to detect the worm, but they want to sell me anti-virus software.<p>This might be legit, but I'll wait and see if this appears anywhere else before I trust it as being valid.
Has there ever been a company that covertly creates a virus and releases it into the wild, and then "catches" it and sells an anti-virus remedy?