Mac Malware: Flashback Trojan Still Infects 22K Macs
Back in September 2012, the Fairer Platform reported that the FlashBack Trojan is [nearly] dead. Apparently, little has changed since then as security researcher Intego claims the most prolific Mac malware of the OS X era still lingers on tens of thousands of Macs.
In April 2012, the Mac world was stunned to learn that the Flashback Trojan had infected and enslaved more than 600,000 Macs. While PC botnets often include tens of millions of machines, Flashback created the largest Mac botnet ever recorded.
It took Apple months to recognize the severity of this Mac malware threat, which first appeared in the Fall of 2011. However, once the company awoke, it moved quickly to quash the threat with removal tools and a legal attack on the Russian servers that powered the malware network.
All’s well that ends well? Pretty much, but not entirely.
Flashback Trojan: Mac Malware Redux
Intego security researcher Arnaud Abbati claims that the Flashback Trojan is alive if not well and still infects over 22,000 Macs.
“Intego purchased some of the command and control (C&C) server domain names to monitor the Flashback threat that infected hundreds of thousands of Macs,” writes Abbati. “Beginning January 2, we studied those domains and our sinkhole servers recorded all connections from Macs where Flashback is still active and trying to contact the C&C servers.”
What is Flashback doing? Nothing. Apple and a number of antivirus makers, including Intego, own all of the internet domains used by the Mac Flashback Trojan variants found in the wild.
For the time being, at least, Flashback is functionality inert. Intego says the Flashback botnet is “adrift.” But that doesn’t mean hackers couldn’t retool this trojan and try once again to establish a Mac botnet or steal user information or just plain rain havoc on users.
How concerned are you about the malware threat to your Mac? Do you use Mac antivirus software?
Via Ars Technica
— What’s New in iOS 7.0.2: Security Content
— Lion, Snow Leopard Security Updates, Fresh Safari for Snow Leopard
— What’s New in OS X 10.8.5? Faster 802.11ac, Security, More
— Apple Developer Website: Slow Roasted for Security?
— Two thirds of FlashBack infected Macs running Snow Leopard