April 6, 2012 Leave a comment
This is probably the most ‘stable’ article I have read on the Mac Flashback malware exploit, ‘stable’ in the sense that there is no hysteria or hyperbole.
The one thing I would add is that you should check all browsers as well as Safari:
defaults read /Applications/Firefox.app/Contents/Info LSEnvironment
defaults read /Applications/Google\ Chrome.app/Contents/Info LSEnvironment
defaults read /Applications/Chromium.app/Contents/Info LSEnvironment
In fact I have removed Flash from the ‘/Library/Internet Plug-Ins’ and ‘~/Library/Internet Plug-Ins’ folders, so Safari and Firefox don’t have flash on my machine, Google Chrome and Chromium have their own Sandboxed versions of Flash. Also while I have Java installed, it is disabled on all browsers.