Researchers learn Flashback trojan is still infecting Apple computers

Share this article:
The Flashback trojan is still active and infecting computers, according to a post by Intego.
The Flashback trojan is still active and infecting computers, according to a post by Intego.

Although Apple has a good reputation for producing computers and other devices that are well-protected against malware, a trojan identified in 2011 is still active and infecting computers, according to a post by Mac security software company Intego.

OSX/Flashback.A, known simply as Flashback, originally popped up on the radar in 2011 and, by 2012, had ensnared up to 650,000 users in a botnet. The trojan is capable of a number of malevolent actions, including stealing data, hijacking search results and installing additional malware.

Apple quickly took measures to eliminate the threat, such as releasing two updates for Mac OS X to correct the vulnerability that was enabling Flashback to spread.

According to a Tuesday post by Arnaud Abbati, an Intego security researcher, the Apple-focused company purchased command-and-control server domain names earlier this year to monitor the Flashback threat. After five days, researchers recorded 22,000 infected machines and 14,248 unique identifiers of the latest Flashback variants, Abbati explained.

“By design, Flashback is versatile; it is a nasty little malware,” Abbati wrote. “It is self-encrypted, and with the UUID of the infected machine it sends unique information about the machine owner to its command and control server, so targeted variants could already be in the wild.”

There are several anti-virus programs available to scan for and remove Flashback. An Intego spokesperson did not respond to a SCMagazine.com request for comment.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Federal Trade Commission appoints new chief technologist

The government agency has announced Ashkan Soltani as its new chief technologist, according to a release.

Cybercriminals continue to piggyback on Ebola news

Email samples discovered by researchers at Trustwave reveal how attackers are infecting users with the DarkComet Remote Access Trojan.

ISA president urges state AGs to expand understanding of cybercrime

Speaking at a National Association of State Attorneys General conference, ISA's Larry Clinton asked the AGs to step up efforts to get more resources.