Kaspersky kills flawed FlashBack removal tool

Update: Company had fixed the Flashfake Removal Tool and releases updated Version.

Russian antivirus firm Kaspersky has taken down its removal tool for Mac users infected with the FlashBack Trojan after users began complaining it bricked their machines. 

Forbes first reported troubles that users of Kaspersky’s removal tool were having, citing several complaints on Apple’s user forum.

One user complained that after installing Kaspersky's tool and restarting the machine “that’s where the trouble began”. That user’s Mac was caught in a frozen state.    

A Kaspersky spokesperson confirmed to Forbes it had “identified an issue with its free Kaspersky Flashfake Removal Tool”.

In some cases the “tool could result in erroneous removal of certain user settings including auto-start configurations, user configurations in browsers, and file sharing data”, the spokesperson added.

The security vendor first promoted its removal tool in an April 9 press release.

Security vendors have rallied around the Flashback botnet as the FlashBack Trojan that destroyed the myth that Apple is immune to malware.

At its height the Trojan was confirmed to have infected over 600,000 users but within a week been scaled back by around half, according to a Symantec report yesterday.

Several antivirus vendors have released free detection and removal tools for infections that occurred prior to Apple’s sluggishly released security update on April 3 that closed a Java flaw that Oracle had offered a fix for weeks prior.

Apple says it is working with “ISPs worldwide to disable this command and control network”.

Update: A Kaspersky Lab spokesperson emailed CSO Australia advising the company had fixed the Flashfake Removal Tool and releases updated Version.

"Kaspersky Lab has successfully fixed its free Kaspersky Flashfake Removal Tool. A bug was identified in the original version of the tool, which was first reported at approximately 17:40 MSK (GMT+4) on April 12. The tool was taken offline for maintenance.

A new version of the tool with the necessary updates was released at 3:30 MSK (GMT +4) on April 13. It is available now and fully operational.

Users can visit www.flashbackcheck.com to verify if they’re infected with Flashfake and use the Kaspersky Flashfake Removal Tool to disinfect their computers.

Customers who previously encountered problems with the Flashfake Removal Tool are encouraged to contact Kaspersky Lab’s technical support at techsupport@kaspersky.com

Kaspersky Lab apologises for any inconvenience caused by this issue. The company is focused on creating utilities to keep users safe from infection and will continue to improve its internal processes to prevent such errors from occurring in the future"

2 Comments

Menelok

1

Yes ... the design is clearly needed to be changed :)
The dark green color would fit perfectly xD

going out dresses

2

Appreciate the recommendation. Will try it out.

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Identity & Security Management

Identity and Security Management

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.