Symantec: Flashback Trojan for Mac Generates $10,000/Day
May 1, 2012 1:46 PM
comment(s) - last by
Flashback appeared in March 2012, and by April, it had infected over 600,000 Macs
Security software company Symantec released a report today showing that the Flashback trojan, which is
infecting hundreds of thousands of Mac computers
, could be generating as much as $10,000 per day.
The Flashback trojan, also known as Flashfake, disguises itself as an install Java applet on hijacked sites. When the user approves it, the trojan runs a piece of code that exploits a flaw in Java to remove OS X's anti-malware abilities. It then has the ability to steal clicks from ads on Google's search engine next to regular search results. Flashback installs alternative control programs, which turns Macs into bots. Meanwhile, the cyber criminals reap the benefits from the ghost clicks, meaning ad clicks that are not performed by a human, but by a bot instead.
Flashback appeared in March 2012, and by April, it had
infected over 600,000 Macs
. Despite efforts to eliminate the trojan, hackers are still earning fraudulent revenue from Flashback daily.
Symantec offered an example of a code that hijacked an ad based on a search for the word "toys." While Google should be making money on this ad click, the code redirects the click elsewhere, and the hackers receive 8 cents for the ghost click instead.
"It's now well-known that the latest OSX.Flashback.K variant was being distributed using the
Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability
(CVE-2012-0507), which was patched by Oracle in February," said Symantec. "Unfortunately for Mac users, there was a large window of exposure since Apple’s patch for this vulnerability was not available for six weeks.
"This window of opportunity helped the Flashback Trojan to infect Macs on a large scale. The Flashback authors took advantage of the gap between Oracle and Apple's patches by exploiting vulnerable websites using Wordpress and Joomla to add malicious code snippets."
The Symantec report was unable to come up with a definite figure regarding how much the hackers were making, but estimated that cyber criminals using hundreds of thousands of Flashback trojan infections could be making up to $10,000 on a daily basis. It came to this conclusion by comparing Flashback infections to the 2011 W32.Xpaj.B botnet in 2011, which consisted of only 25,000 Windows PCs that generated $450 per day.
Just last month, computer security company Kaspersky Labs announced that
Apple is at least 10 years behind Microsoft when it comes to security
. With Apple selling more Macs year-over-year, cyber criminals are starting to notice these computers' popularity and target them with malware attacks.
This article is over a month old, voting and posting comments is disabled
The real issue Mac vs. Windows
5/5/2012 9:01:33 PM
When I switched from MS to Apple 11 years ago the difference in performance w/o problems was night (MS) and day (Apple) and things have gotten nothing but brighter since then. NOTHING ever goes wrong, since that time years ago no program has ever crashed save a rare problem on an internet site. AND with the time and hassle saved the question of a few extra dollars cost is absurd if you earn more than 50 cents per hour and if that argument isn't enough, over the last 6+ years, no one I know of at the Boston Mac Group (MIT) has purchased anti-virus software ($100 - 200/yr) as there is still no need for it. When a new OS comes out the price has averaged out to $20/yr; I use Apple's version of MS Office and paid 15% the cost and when after 3 years a new version was available, that was $35. If I don't know how to do anything involving my Mac or Apple software, I call for free support (after $350/3 years) and am talking to an expert in that topic in a total wait time of so far NEVER more than 3 minutes. Frankly, I have many better things to do with my life than waste time trying to become a software engineer like when MS was a miserable part of my life. And thems just for starters...
"Let's face it, we're not changing the world. We're building a product that helps people buy more crap - and watch porn." -- Seagate CEO Bill Watkins
Irate Former Symbian Chief Trashes Android, Nokia, Microsoft
April 26, 2012, 12:30 PM
Apple Responds to DOJ eBook Lawsuit; Penguin, Macmillan in for the Long Haul
April 12, 2012, 9:54 PM
Android Earnings Report Pt. I: Samsung Wins Big, HTC Plummets
April 6, 2012, 2:38 PM
Mozilla Promise Punctual Windows 10 Firefox Release, Teases at iOS Arrival
July 7, 2015, 3:08 PM
Netflix Announces 7-to-1 Stock Split, Eyes Explosive Overseas Growth
June 23, 2015, 8:18 PM
Sources: Hack on Fed. Database Lost 4.1M Social Security Numbers, Personal Info
June 11, 2015, 9:11 PM
The Big One: Chinese Hackers Steal Records of 4 Million U.S. Gov. Employees
June 4, 2015, 8:13 PM
Tutorial: Here's How to Force YouTube or Vimeo VIdeos to Embed as HTML5
June 3, 2015, 10:14 PM
Google Finally Fixes Maps Bug That Was Giving Racist, Profane Results
May 21, 2015, 1:43 PM
Most Popular Articles
F-16 Schools Trillion-Dollar F-35 in Mock Combat, Fleeing is Best Option Pilot Admits
July 1, 2015, 5:53 PM
Apple Music: The Money, The Launch Hiccups, and the Nitty Gritty Details
June 30, 2015, 5:09 PM
Apple iOS 8.4 Rolls Out w/ Fix to Crash-Causing Unicode Text
June 30, 2015, 3:24 PM
Windows XP, Vista Users Can Get Free Windows 10 Upgrade Thanks to Loophole
June 23, 2015, 2:23 PM
Quick Note: Lumia 940 XL "Cityman" Phablet Gets Teased Via Tests
June 29, 2015, 5:51 PM
Latest Blog Posts
Sceptre Airs 27", 120 Hz. 1080p Monitor/HDTV w/ 5 ms Response Time for $220
Dec 3, 2014, 10:32 PM
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
More Blog Posts
Copyright 2015 DailyTech LLC. -
Terms, Conditions & Privacy Information