It's hard to believe, the claim is that is uses Reddit's search functionality to find connection addresses. I've never been able to find anything using Reddit's search.
At least for detection (from the article): "During installation it is extracted into /Library/Application Support/JavaW, after which the dropper generates a p-list file so that the backdoor is launched automatically."
In terminal run:
defaults read /Applications/Safari.app/Contents/Info LSEnvironment
You should get this error:
The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist
Then run:
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
You should get this error:
The domain/default pair of (/Users/YOURUSER/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist
If you do you are clean of this variant!
If this doesn't happen go to http://www.f-secure.com/v-descs/trojan-downloader_osx_flashb... to fix it