Apple has announced that it is developing a tool to detect and remove the Flashback Trojan that has infected over 600,000 Macs, but has come under fire for its slow response.
The Trojan exploits vulnerability in Java to steal personal information and also hijacks the infected Mac to become part of a remotely-controlled "botnet",
Apple said it is working with internet service providers (ISPs) to disrupt the command network being used by hackers to exploit the malware.
The Telegraph quoted Kaspersky Labs' chief security expert Alexander Gostev as saying: “Apple doesn't allow Oracle to patch Java for Mac. They do it themselves, usually several months later.”
Gostev said this means that the window of exposure for Mac users is much longer than PC users. "This is especially bad news since Apple’s standard anti-virus update is a rudimentary affair which only adds new signatures when a threat is deemed large enough,” he said.
According to a timeline posted by Russian anti-virus firm Dr Web, which has tracked the scale of the Flashback botnet, activity surrounding the Trojan began in February.
“This once again refutes claims by some experts that there are no cyber-threats to Mac OS X,” the firm said.
McAfee Labs' Dave Marcus told the AFP news agency: "All the stuff the bad guys have learned for doing attacks in the PC world is now starting to transition to the Mac world."
The security firm F-Secure has posted detailed instructions about how to confirm if a machine is infected and how to manually remove the Trojan. Kaspersky Lab has also created a website to enable Mac users to check if their machine is infected.