backtop


Print 18 comment(s) - last by drbecker1.. on May 5 at 9:01 PM


  (Source: ibtimes.com)
Flashback appeared in March 2012, and by April, it had infected over 600,000 Macs

Security software company Symantec released a report today showing that the Flashback trojan, which is infecting hundreds of thousands of Mac computers, could be generating as much as $10,000 per day.

The Flashback trojan, also known as Flashfake, disguises itself as an install Java applet on hijacked sites. When the user approves it, the trojan runs a piece of code that exploits a flaw in Java to remove OS X's anti-malware abilities. It then has the ability to steal clicks from ads on Google's search engine next to regular search results. Flashback installs alternative control programs, which turns Macs into bots. Meanwhile, the cyber criminals reap the benefits from the ghost clicks, meaning ad clicks that are not performed by a human, but by a bot instead.

Flashback appeared in March 2012, and by April, it had infected over 600,000 Macs. Despite efforts to eliminate the trojan, hackers are still earning fraudulent revenue from Flashback daily.

Symantec offered an example of a code that hijacked an ad based on a search for the word "toys." While Google should be making money on this ad click, the code redirects the click elsewhere, and the hackers receive 8 cents for the ghost click instead.

"It's now well-known that the latest OSX.Flashback.K variant was being distributed using the Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability (CVE-2012-0507), which was patched by Oracle in February," said Symantec. "Unfortunately for Mac users, there was a large window of exposure since Apple’s patch for this vulnerability was not available for six weeks.

"This window of opportunity helped the Flashback Trojan to infect Macs on a large scale. The Flashback authors took advantage of the gap between Oracle and Apple's patches by exploiting vulnerable websites using Wordpress and Joomla to add malicious code snippets."

The Symantec report was unable to come up with a definite figure regarding how much the hackers were making, but estimated that cyber criminals using hundreds of thousands of Flashback trojan infections could be making up to $10,000 on a daily basis. It came to this conclusion by comparing Flashback infections to the 2011 W32.Xpaj.B botnet in 2011, which consisted of only 25,000 Windows PCs that generated $450 per day. 

Just last month, computer security company Kaspersky Labs announced that Apple is at least 10 years behind Microsoft when it comes to security. With Apple selling more Macs year-over-year, cyber criminals are starting to notice these computers' popularity and target them with malware attacks.

Source: Symantec



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

By superstition on 5/2/2012 3:42:41 PM , Rating: 1
While Apple has not handled malware issue very well (particularly when it comes to having their "geniuses" lie to customers), these anti-virus companies have a history of using scare tactics to try to get people to purchase their products.

Java isn't part of OS X Lion. Users have to install it manually. Users also had to agree to install the malware. While Apple took too long to patch Java, there is also something to be said for computer users being responsible enough not to be suckered into choosing to install malware and also for Java to not be so vulnerable in the first place.




"There's no chance that the iPhone is going to get any significant market share. No chance." -- Microsoft CEO Steve Ballmer














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki