For those who frequent the Lounge who also have a Mac in their home, the Flashback Trojan has been making the rounds on Macs of late.
Over half of the 600,000 Macs infected are in the US. Infection occurs by 'drive by' download exploiting a Java vulnerability when one goes to an infected web site. It does not require any user interaction to obtain a foothold on a Mac, so it is not a social malware package.
Virtually none of the AV/AM software packages were able to detect and/or thwart the installation of Flashback, so even those Mac users who realize Macs are very vulnerable were not immune from Flashback. You can bet there will be more of this type of malware coming down the pike. Fortunately, this outbreak should be a wakeup call to all Mac users, especially those who have swallowed the lie that Macs do not get infected. The good news is that this outbreak only infected about 1% of the Mac installed base. The bad news is that Apple took two months to funnel the Java update to users after Oracle issued an update to remove the specific vulnerability to the Flashback Trojan. Apple has to do better than that.
There are some tools available to easily check for the presence of this infection. Check out the Flashback Checker here. It is a recently released Mac utility that will automatically enter the command lines outlined in F-Secure's page of manual commands one can use to check for infection. Flashback Checker is easier to use as it does the job for you without entering the two command lines outlined by F-Secure. Most Mac users will get a "clean" report after the check is made. For those who get a confirmation of the infection's presence, you can follow F-Secure's command procedures in the above link to clean your system of Flashback, or you can download Kaspersky's Flashback Removal Tool, which should be faster, and does not require Terminal command line use. News of the Kaspersky tool arrived the day after the unveiling of Flashback Checker, and it can be used both to detect and remove the infection.
For more reading on Flashback, check out this MacWorld article, and this one as well.
Kaspersky also has a very good article titled 10 Simple Tips for Boosting the Security of Your Mac. Check it out, and implement most of the tips. Mac users are going to have to be just as proactive in their security as Windows users have learned to be over the years.
UPDATE: At some point today, after I posted this thread, Kaspersky pulled their Flashback Removal Tool after it was found to alter certain user settings. So if you have downloaded the tool, but not executed it, please delete it and either wait for the updated tool, or follow the manual steps on F-Secure's page linked above to remove the trojan.
An updated Flashback Removal Tool is expected to be released shortly.