Apparently not all Mac users got the memo about Flashback, the malware that recently infected more than 600,000 computers running OS X. According to security firm Symantec, roughly 140,000 Mac computers were still infected as of April 16.
“The statistics from our sinkhole are showing declining numbers on a daily basis,” a Symantec blog post said. “However, we had originally believed that we would have seen a greater decline in infections at this point in time, but this has proven not to be the case.”
Apple offers a standalone Flashback malware removal tool, along with a Java update that also removes Flashback. Even if you don’t have Java on your machine — it’s not included in OS X Lion by default — you should still install the patch.
Flashback is considered to be the largest Mac malware threat to date. Compared to the massive Conficker botnet for Windows PCs, Flashback compromised a larger percentage of Mac computers. Flashback emerged last year, masquerading as an update for Adobe Flash, but later gained the ability to install itself automatically when users visited a compromised website. On infected computers, Flashback will attempt to harvest information from Web browsing activities and will send that information to remote command-and-control servers.
Although Flashback’s infection numbers were first reported this month, the underlying Java vulnerability had been patched by Oracle in February. As a result, Apple has faced criticism for being quick to point out the security of Mac OS X, but slow to address security problems, however rare they may be.
Following the outbreak of Flashback, security researchers have discovered a pair of new Mac malware threats, but so far they have only been spotted in targeted political attacks.