Sign in with
Sign up | Sign in

Kaspersky Lab Recalls its Flashfake Removal Tool for Macs

By - Source: Kaspersky Email | B 19 comments

The Flashback/Flashfake removal tool released by Kaspersky Lab has its own problems.

Earlier this week, security firm Kaspersky Lab released a tool for removing the Flashback/Flashfake malware. The release followed news that around 670,000 computers worldwide were infected, 98-percent of which were likely running Mac OS X. Even more, 300,917 of those infected computers were found to reside within the United States, followed by Canada (94,625), the United Kingdom (47,109) and more.

But now Kaspersky is reporting that its detection tool actually had a bug that could cause problems for Mac users. "In some cases it is possible that the use of the tool could result in erroneous removal of certain user settings including auto-start configurations, user configurations in browsers, and file sharing data, the company said on Thursday in an email to Tom's. "The Kaspersky Flashfake Removal Tool has been temporarily suspended. The company will release an updated version of the utility with the bug corrected and will send a notification as soon as it’s available."

"In the event that users experienced problems due to the use of the Flashfake Removal Tool, they should contact Kaspersky support at techsupport@kaspersky.com or by calling Moscow at +7 (495) 797-70-32 for 24/7 help in English or Russian," the company added. "Kaspersky Lab apologizes for any inconvenience caused by this issue and is working diligently to correct the problem."

As reported earlier this week, Apple is supposedly working on its own Flashback/Flashfake removal tool. So far a release date hasn't been set, but the company says it's working with ISPs worldwide to disable the C&C network. The Flashback malware relies on computer servers hosted by the malware authors to perform many of its critical functions, Apple states.

For now Apple suggests that users running Max OS X v10.5 or earlier can better protect themselves by disabling Java in the web browser's preferences. section.

"Apple released a Java update on April 3, 2012 that fixes the Java security flaw for systems running OS X v10.7 and Mac OS X v10.6," Apple reports. "By default, your Mac automatically checks for software updates every week, but you can change that setting in Software Update preferences. You can also run Software Update at any time to manually check for the latest updates."

Mac users concerned that they might be infected with Flashback/Flashfake can still use Kaspersky's online tool to scan their system. This dedicated site is safe for users to visit and enter their computer’s UUID, which will be checked in Kaspersky Lab’s Flashfake database of infected computers (instructions for entering user UUIDs are included as well). If the UUID is found in Kaspersky's database, then infected Mac users will need to download and run the fixed removal tool when it becomes available.

Display 19 Comments.
This thread is closed for comments
Top Comments
  • 24 Hide
    Trialsking , April 12, 2012 9:24 PM
    Welcome Apple users to the PC experience!
  • 24 Hide
    willard , April 12, 2012 9:37 PM
    trialskingWelcome Apple users to the PC experience!

    But Macs don't get viruses! Steve Jobs told me so!
  • 12 Hide
    Marco925 , April 12, 2012 10:00 PM
    You have to call Moscow!?
Other Comments
  • 24 Hide
    Trialsking , April 12, 2012 9:24 PM
    Welcome Apple users to the PC experience!
  • 24 Hide
    willard , April 12, 2012 9:37 PM
    trialskingWelcome Apple users to the PC experience!

    But Macs don't get viruses! Steve Jobs told me so!
  • 3 Hide
    jackbling , April 12, 2012 9:48 PM
    This is only funny because of the comments on the previous article, "Apple is taking their sweet time, while kaspersky already has a tool released".

    I wouldnt want to be the dev, who published that kaspersky fix, right now.

    That being said, tis the nature of the beast; break/fix
  • 12 Hide
    Marco925 , April 12, 2012 10:00 PM
    You have to call Moscow!?
  • 0 Hide
    freggo , April 12, 2012 10:05 PM
    Wouldn't you think that the actual maker of the OS (may that be Apple, Linux or Windows) would be the perfect authority to create/release fixes for virus infestations?
    I mean, who knows the OS better than the folks who made it.

    3rd party A/V companies present a clear conflict of interest as they make a living from new infestations while OS makers would benefit from providing a secure and stable OS.

    If -in theory- hackers and idiots would stop making malware AV companies would be instantly out of business while OS makers would not be impacted at all; ergo the above mentioned conflict of interest.

  • 0 Hide
    tokencode , April 12, 2012 10:21 PM
    I don't know why they're removing honestly, what would you rather have, an infected machine with you user preferences or a clean machine that you have to reset your preferences?

    It's better than Apple's interim solution of disabling Java...
  • 8 Hide
    killerclick , April 12, 2012 10:57 PM
    If Steve Jobs were alive, he'd be railing against Java and Oracle now as he had against Flash and Adobe.
  • 5 Hide
    Vladislaus , April 12, 2012 11:14 PM
    killerclickIf Steve Jobs were alive, he'd be railing against Java and Oracle now as he had against Flash and Adobe.

    Apple doesn't use Oracle's JRE, but uses it's own. That is why almost all computers infected with Flashback are Macs.
  • -3 Hide
    killerclick , April 12, 2012 11:18 PM
    VladislausApple doesn't use Oracle's JRE, but uses it's own. That is why almost all computers infected with Flashback are Macs.


    But it was developed by Sun, which was bought by Oracle, and Apple is infallible so... :D 
  • 8 Hide
    slayvus , April 12, 2012 11:18 PM
    If Steve Jobs were alive he would tell them they were holding the mouse wrong and that there was no virus.
  • 3 Hide
    Anonymous , April 13, 2012 1:03 AM
    Can someone what the is advantage of owning an apple computer again?
  • -1 Hide
    Anonymous , April 13, 2012 1:03 AM
    Can someone tell me what the is advantage of owning an apple computer again?
  • 0 Hide
    Anonymous , April 13, 2012 1:23 AM
    http://www.macrumors.com/2012/04/12/apple-releases-java-update-to-remove-flashback-malware/

    Apple dragged its feet so they wouldn't have to recall a broken removal tool
  • 0 Hide
    A Bad Day , April 13, 2012 1:23 AM
    And meanwhile, Apple stays quiet and tell their employees to keep telling the customers that Macs are safer than Androids or Windows.
  • 2 Hide
    bee144 , April 13, 2012 2:18 AM
    It's a trojan not a virus. Educate yourselfs people.
  • 0 Hide
    monsta , April 13, 2012 3:40 AM
    FAIL...
  • -1 Hide
    guardianangel42 , April 13, 2012 5:04 AM
    bee144It's a trojan not a virus. Educate yourselfs people.


    That's irrelevant. Malware is malware.

    Besides, all I've ever seen in my years as a Windows user was trojans. I've never seen a virus, and I've been using Windows 7 since it came out. Trojans and malware that attempts to gain your personal information is the most common kind right now, regardless of platform.
  • 0 Hide
    eddieroolz , April 13, 2012 5:14 PM
    Well hey, let's at least congratulate Kaspersky for doing something...
  • 0 Hide
    blazorthon , April 13, 2012 10:40 PM
    freggoWouldn't you think that the actual maker of the OS (may that be Apple, Linux or Windows) would be the perfect authority to create/release fixes for virus infestations?I mean, who knows the OS better than the folks who made it.3rd party A/V companies present a clear conflict of interest as they make a living from new infestations while OS makers would benefit from providing a secure and stable OS.If -in theory- hackers and idiots would stop making malware AV companies would be instantly out of business while OS makers would not be impacted at all; ergo the above mentioned conflict of interest.


    Many PC malware samples are actually made by some of the antivirus/anti-malware companies. Notice how most viruses originate in Finland and that Finland just happens to be where most of the anti-malware companies are located or at least have a significant presence in.



    guardianangel42That's irrelevant. Malware is malware.Besides, all I've ever seen in my years as a Windows user was trojans. I've never seen a virus, and I've been using Windows 7 since it came out. Trojans and malware that attempts to gain your personal information is the most common kind right now, regardless of platform.


    That viruses and trojans aren't the same thing is not irrelevant. Oh and yes, trojans are much more common than viruses these days. I've had some viruses in the past and believe me, they are far worse than trojans. Some viruses could even do physical damage to the computer!

    Also, malware that attempts to gain your personal information is generally considered spyware.