Symantec: Flashback Trojan for Mac Generates $10,000/Day
May 1, 2012 1:46 PM
comment(s) - last by
Flashback appeared in March 2012, and by April, it had infected over 600,000 Macs
Security software company Symantec released a report today showing that the Flashback trojan, which is
infecting hundreds of thousands of Mac computers
, could be generating as much as $10,000 per day.
The Flashback trojan, also known as Flashfake, disguises itself as an install Java applet on hijacked sites. When the user approves it, the trojan runs a piece of code that exploits a flaw in Java to remove OS X's anti-malware abilities. It then has the ability to steal clicks from ads on Google's search engine next to regular search results. Flashback installs alternative control programs, which turns Macs into bots. Meanwhile, the cyber criminals reap the benefits from the ghost clicks, meaning ad clicks that are not performed by a human, but by a bot instead.
Flashback appeared in March 2012, and by April, it had
infected over 600,000 Macs
. Despite efforts to eliminate the trojan, hackers are still earning fraudulent revenue from Flashback daily.
Symantec offered an example of a code that hijacked an ad based on a search for the word "toys." While Google should be making money on this ad click, the code redirects the click elsewhere, and the hackers receive 8 cents for the ghost click instead.
"It's now well-known that the latest OSX.Flashback.K variant was being distributed using the
Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability
(CVE-2012-0507), which was patched by Oracle in February," said Symantec. "Unfortunately for Mac users, there was a large window of exposure since Apple’s patch for this vulnerability was not available for six weeks.
"This window of opportunity helped the Flashback Trojan to infect Macs on a large scale. The Flashback authors took advantage of the gap between Oracle and Apple's patches by exploiting vulnerable websites using Wordpress and Joomla to add malicious code snippets."
The Symantec report was unable to come up with a definite figure regarding how much the hackers were making, but estimated that cyber criminals using hundreds of thousands of Flashback trojan infections could be making up to $10,000 on a daily basis. It came to this conclusion by comparing Flashback infections to the 2011 W32.Xpaj.B botnet in 2011, which consisted of only 25,000 Windows PCs that generated $450 per day.
Just last month, computer security company Kaspersky Labs announced that
Apple is at least 10 years behind Microsoft when it comes to security
. With Apple selling more Macs year-over-year, cyber criminals are starting to notice these computers' popularity and target them with malware attacks.
This article is over a month old, voting and posting comments is disabled
The real issue Mac vs. Windows
5/5/2012 9:01:33 PM
When I switched from MS to Apple 11 years ago the difference in performance w/o problems was night (MS) and day (Apple) and things have gotten nothing but brighter since then. NOTHING ever goes wrong, since that time years ago no program has ever crashed save a rare problem on an internet site. AND with the time and hassle saved the question of a few extra dollars cost is absurd if you earn more than 50 cents per hour and if that argument isn't enough, over the last 6+ years, no one I know of at the Boston Mac Group (MIT) has purchased anti-virus software ($100 - 200/yr) as there is still no need for it. When a new OS comes out the price has averaged out to $20/yr; I use Apple's version of MS Office and paid 15% the cost and when after 3 years a new version was available, that was $35. If I don't know how to do anything involving my Mac or Apple software, I call for free support (after $350/3 years) and am talking to an expert in that topic in a total wait time of so far NEVER more than 3 minutes. Frankly, I have many better things to do with my life than waste time trying to become a software engineer like when MS was a miserable part of my life. And thems just for starters...
"We’re Apple. We don’t wear suits. We don’t even own suits." -- Apple CEO Steve Jobs
Kaspersky Labs: Apple's Security 10 Years Behind Microsoft
April 26, 2012, 7:39 AM
Apple Admits Its Macs Have a Malware Problem
April 12, 2012, 12:07 PM
Malware Authors Get Boost from Apple's Sluggish Updates, Infect 600K Macs
April 6, 2012, 8:40 AM
Quick Note: Verizon May Become Canada's Fourth Major Carrier
June 18, 2013, 2:15 PM
BMI Files Lawsuit Against Pandora Over Royalty Fees, Radio Station "Stunt"
June 14, 2013, 1:28 PM
Ukranian-Led Cybertheft Ring Busted, Six East Coast Residents Arrested
June 13, 2013, 10:38 AM
Rep. Peter King (R) on NSA Leaks: Prosecute the Journalists
June 12, 2013, 4:00 PM
Comcast to Turn Customers Modems Into Quasi-Public Wi-Fi, Raises Legal Risks
June 10, 2013, 8:02 PM
Report: Google to Drop $1.3B for Waze Navigation Software
June 10, 2013, 7:43 AM
Most Popular Articles
Source: Don't Worry, NSA Spies on "99 Percent" of Americans' Locations, Call Records
June 14, 2013, 3:57 PM
Xbox Chief: If You Can't Get Online, Don't Buy an Xbox One
June 12, 2013, 9:57 AM
GigaHertz Wars 2.0? AMD Releases World's First 5.0 GHz FX Processor
June 11, 2013, 3:16 PM
Former Palm CEO: Selling Palm to HP was a Waste
June 12, 2013, 10:19 AM
Report: Apple to Release Larger iPhone Screens, Cheaper iPhone for $99
June 13, 2013, 9:41 AM
Latest Blog Posts
Lumosity: Does it Work?
May 22, 2013, 8:20 PM
Quick Note: Sony "Teases" PS4 Ahead of Xbox Reveal in New Video
May 20, 2013, 12:33 PM
Nokia Introduces Instagram-Like App of Its Own to Help Lumia Sales
May 20, 2013, 7:10 AM
Parents of Pre-Teen Drivers Commonly Practice Distracted Driving Says Study
May 9, 2013, 7:16 AM
Apple's iOS 7 Running Into Internal Delays Due to Massive Overhaul
May 1, 2013, 4:26 PM
More Blog Posts
Copyright 2013 DailyTech LLC. -
Terms, Conditions & Privacy Information