Mac OS X OSX/Flashback Trojan Detection

This script is Copyright (C) 2012 Tenable Network Security, Inc.

Synopsis :

The remote Mac OS X host appears to have been compromised.

Description :

Using the supplied credentials, Nessus has found evidence that the
remote Mac OS X host has been compromised by a trojan in the
OSX/Flashback family of trojans.

The software is typically installed by means of a malicious Java
applet or Flash Player installer. Depending on the variant, the
trojan may disable antivirus, inject a binary into every application
launched by the user, or modifies the contents of certain web pages
based on configuration information retrieved from a remote server.

See also :

Solution :

Restore the system from a known set of good backups.

Risk factor :

Critical / CVSS Base Score : 10.0

Family: MacOS X Local Security Checks

Nessus Plugin ID: 58619 ()

Bugtraq ID: