Researchers report that the infamous Flashback family of malware is still active in the wild years after it was discovered, and they estimate that at least 22,000 devices are still infected.

Flashback, which was estimated to have infected more than 600,000 Mac OS X systems at it’s peak several years ago, was designed in part as a highly profitable ad-clicking operation, exploited several Java vulnerabilities and likely included a keylogger capability to capture authentication credentials.

“Once installed on a Mac, Flashback created a backdoor, allowing it to take almost any activity on the infected machine. Users with infected Macs are at risk of being exposed to an almost limitless variety of malicious actions, as hackers can access infected Macs and snoop on the user, copying usernames and passwords, and more,” the researchers said.

The Apple Product Security Response team took steps to neutralize the operation, including using XProtect, issuing a malware removal tool, and acquiring associated domains.

The researchers counted at least 22,000 infected machines after monitoring the domains for a five day period, and also counted 14,248 unique identifiers of the most recent Flashback variants.

“While the domain names still registered by Apple and other security researchers are being closely monitored for now, the author can buy the domain names in the future, or the botnet could even slip into other malicious hands if the C&C server domains were no longer monitored by security researchers,” the team stated.

Read More Here…


Tags , , , , , , , , ,

SANS Endpoint Security Maturity Model
  • Selvakumar Manickam

    At the end of the day, if the users are infected, it is because of lack of education and understanding on being safe on the Internet. Botnets are getting "smarter" learning new tricks and polymorphic capabilities avoiding detection. Users must be wary of what the click on and download. That is the only way to beat botnet.

    • Paisano1

      Agree – user education and increased security awareness could remedy many Internet-based maladies…

Previous Contributors

View all posts by Previous Contributors >