Blocking (and sort of removing) FlashBack for Mac and other Malware

You might have missed it, but a few weeks ago OS X had one of the biggest malware epidemics that it’s ever had thanks to a lovely little exploit called FlashBack. It’s been estimated that 600,000 and counting Mac’s have been infected with FlashBack. All thanks to a combination of a bunch of outdated WordPress sites and a really old exploit with Java, which Apple should have patched ages ago. Basically what happens is an infected WordPress website will redirect a Mac secretly to a URL, which would then download and run a Java exploit programmed to install the malware on your computer–without you knowing.

Since everything has hit the fan Apple did release a patch to prevent the infection from spreading. This is obviously awesome, but what they didn’t really mention was this patch is only good if you’ve not yet been hit by Flashback. If you’ve already been infected this patch isn’t going to remove the malware, it’s just going to patch the hole it used to install itself in the first place. If you are not tech smart at all and you try to remove the malware yourself you do run the risk of messing something up, deleting the wrong file could cause some serious issues with your Mac.

Thankfully OpenDNS has a really simple way to prevent and render FlashBack useless without installing, removing, editing, or modifying anything in your OS that could cause problems to surface and it only takes about 30 seconds to setup!

The first thing you’ll want to do is open System Preferences and locate Network:

Once you access the Network screen you will see an option called Advanced… in the right corner of the screen, select it:

In the Advanced window locate DNS from the navigation bar and select it:

Under the DNS window you will find a section which says DNS Servers, in that area enter the following IP Addresses:

  • 202.67.222.222
  • 202.67.220.220

When finished your screen should look something similar to this:

If everything matches up to the screenshot above hit OK and then Apply on the following screen.

That’s it, you are now fully protected from FlashBack as any infected domain will simply not load on your Mac. You’ll be greeted instead by a white screen with the OpenDNS logo saying “This site has been blocked as it is associated with the FlashBack Exploit for Mac”.  If you’ve already been infected with FlashBack the malware will now be rendered useless as the software won’t be able to call home.

This is just the tip of the iceberg in terms of coverage you can expect from OpenDNS as the system also prevents you form loading known scams, phishing attempts, and various other online threats.

So that’s that, enjoy a safer internet and whatnot.