Symantec: Flashback Trojan for Mac Generates $10,000/Day
May 1, 2012 1:46 PM
comment(s) - last by
Flashback appeared in March 2012, and by April, it had infected over 600,000 Macs
Security software company Symantec released a report today showing that the Flashback trojan, which is
infecting hundreds of thousands of Mac computers
, could be generating as much as $10,000 per day.
The Flashback trojan, also known as Flashfake, disguises itself as an install Java applet on hijacked sites. When the user approves it, the trojan runs a piece of code that exploits a flaw in Java to remove OS X's anti-malware abilities. It then has the ability to steal clicks from ads on Google's search engine next to regular search results. Flashback installs alternative control programs, which turns Macs into bots. Meanwhile, the cyber criminals reap the benefits from the ghost clicks, meaning ad clicks that are not performed by a human, but by a bot instead.
Flashback appeared in March 2012, and by April, it had
infected over 600,000 Macs
. Despite efforts to eliminate the trojan, hackers are still earning fraudulent revenue from Flashback daily.
Symantec offered an example of a code that hijacked an ad based on a search for the word "toys." While Google should be making money on this ad click, the code redirects the click elsewhere, and the hackers receive 8 cents for the ghost click instead.
"It's now well-known that the latest OSX.Flashback.K variant was being distributed using the
Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability
(CVE-2012-0507), which was patched by Oracle in February," said Symantec. "Unfortunately for Mac users, there was a large window of exposure since Apple’s patch for this vulnerability was not available for six weeks.
"This window of opportunity helped the Flashback Trojan to infect Macs on a large scale. The Flashback authors took advantage of the gap between Oracle and Apple's patches by exploiting vulnerable websites using Wordpress and Joomla to add malicious code snippets."
The Symantec report was unable to come up with a definite figure regarding how much the hackers were making, but estimated that cyber criminals using hundreds of thousands of Flashback trojan infections could be making up to $10,000 on a daily basis. It came to this conclusion by comparing Flashback infections to the 2011 W32.Xpaj.B botnet in 2011, which consisted of only 25,000 Windows PCs that generated $450 per day.
Just last month, computer security company Kaspersky Labs announced that
Apple is at least 10 years behind Microsoft when it comes to security
. With Apple selling more Macs year-over-year, cyber criminals are starting to notice these computers' popularity and target them with malware attacks.
This article is over a month old, voting and posting comments is disabled
The real issue Mac vs. Windows
5/5/2012 9:01:33 PM
When I switched from MS to Apple 11 years ago the difference in performance w/o problems was night (MS) and day (Apple) and things have gotten nothing but brighter since then. NOTHING ever goes wrong, since that time years ago no program has ever crashed save a rare problem on an internet site. AND with the time and hassle saved the question of a few extra dollars cost is absurd if you earn more than 50 cents per hour and if that argument isn't enough, over the last 6+ years, no one I know of at the Boston Mac Group (MIT) has purchased anti-virus software ($100 - 200/yr) as there is still no need for it. When a new OS comes out the price has averaged out to $20/yr; I use Apple's version of MS Office and paid 15% the cost and when after 3 years a new version was available, that was $35. If I don't know how to do anything involving my Mac or Apple software, I call for free support (after $350/3 years) and am talking to an expert in that topic in a total wait time of so far NEVER more than 3 minutes. Frankly, I have many better things to do with my life than waste time trying to become a software engineer like when MS was a miserable part of my life. And thems just for starters...
"Can anyone tell me what MobileMe is supposed to do?... So why the f*** doesn't it do that?" -- Steve Jobs
Kaspersky Labs: Apple's Security 10 Years Behind Microsoft
April 26, 2012, 7:39 AM
Apple Admits Its Macs Have a Malware Problem
April 12, 2012, 12:07 PM
Malware Authors Get Boost from Apple's Sluggish Updates, Infect 600K Macs
April 6, 2012, 8:40 AM
Newegg Legal Chief: "We don't Feed the Trolls"; Defeats Bell Lab Shell Comp.
May 17, 2013, 10:11 AM
Quick Note: EA Axing Online Pass
May 16, 2013, 10:59 AM
Google's Eric Schmidt: "Don't Be Evil" was Stupid
May 14, 2013, 11:00 AM
RIAA Acknowledges Digital Streams for Artist Awards
May 13, 2013, 7:17 AM
ESPN Looking to Pay Wireless Carriers for Customer Data Overages
May 10, 2013, 11:21 AM
YouTube Offering Paid Subscriptions for Individual Channels
May 10, 2013, 10:50 AM
Most Popular Articles
Report: Microsoft Eyes Return to "Dying" Windows 7 Path After Windows 8 Flop
May 13, 2013, 9:50 AM
Bill Gates Gets Teary-Eyed While Discussing Steve Jobs, Shows Off Life-Saving Tech on 60 Minutes
May 13, 2013, 12:30 PM
Windows 8.1 Will Be Free; Microsoft Holds Onto Struggling ARM Variant
May 14, 2013, 2:57 PM
Google Announces "Pure" Galaxy Nexus S4 for $649, Android Updates
May 15, 2013, 1:42 PM
U.S. Federal Traffic Board Wants to Make Drunk Driving Threshold Far Harsher
May 15, 2013, 11:32 AM
Latest Blog Posts
Parents of Pre-Teen Drivers Commonly Practice Distracted Driving Says Study
May 9, 2013, 7:16 AM
Apple's iOS 7 Running Into Internal Delays Due to Massive Overhaul
May 1, 2013, 4:26 PM
Elon Musk Willing to Spend More Money on Widening of 405 Freeway
Apr 26, 2013, 7:28 PM
New $100 Bill Due in October
Apr 24, 2013, 11:52 PM
Volkswagen Shows off iBeetle in Shanghai
Apr 22, 2013, 9:29 PM
More Blog Posts
Copyright 2013 DailyTech LLC. -
Terms, Conditions & Privacy Information