The tomato part really makes tearing through somebody’s temple seem like it would be the worst thing ever.
There’s a new Mac trojan that’s been floating around, and it’s terrifying everyone. It’s written in an unknown language, doesn’t even need your password to compromise you, and now it’s apparently infected 600,000 users. Here’s how to find out if you’re one of the unlucky ones.
From the Terminal (Applications>Utilities>Terminal):
1. Run the following command in Terminal:
defaults read /Applications/Safari.app/Contents/Info LSEnvironment
2. Take note of the value, DYLD_INSERT_LIBRARIES
3. Proceed to step 8 if you got the following error message:
“The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist”
If you don’t get that error message, well, time to head to F-Secure for your fix. If you’re clean so far, you can move on to step eight:
8. Run the following command in Terminal:
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
9. Take note of the result. Your system is already clean of this variant if you got an error message similar to the following:
“The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist”
In other words: “does not exist” means you’ve got a healthy rig. Anything else, just keep following F-Secure’s instructions to vanquish the intruder. And even if you get the all clear for now, don’t wait on downloading the security update that patches the Java vulnerability that started this whole mess.