Researchers learn Flashback trojan is still infecting Apple computers

Share this article:
The Flashback trojan is still active and infecting computers, according to a post by Intego.
The Flashback trojan is still active and infecting computers, according to a post by Intego.

Although Apple has a good reputation for producing computers and other devices that are well-protected against malware, a trojan identified in 2011 is still active and infecting computers, according to a post by Mac security software company Intego.

OSX/Flashback.A, known simply as Flashback, originally popped up on the radar in 2011 and, by 2012, had ensnared up to 650,000 users in a botnet. The trojan is capable of a number of malevolent actions, including stealing data, hijacking search results and installing additional malware.

Apple quickly took measures to eliminate the threat, such as releasing two updates for Mac OS X to correct the vulnerability that was enabling Flashback to spread.

According to a Tuesday post by Arnaud Abbati, an Intego security researcher, the Apple-focused company purchased command-and-control server domain names earlier this year to monitor the Flashback threat. After five days, researchers recorded 22,000 infected machines and 14,248 unique identifiers of the latest Flashback variants, Abbati explained.

“By design, Flashback is versatile; it is a nasty little malware,” Abbati wrote. “It is self-encrypted, and with the UUID of the infected machine it sends unique information about the machine owner to its command and control server, so targeted variants could already be in the wild.”

There are several anti-virus programs available to scan for and remove Flashback. An Intego spokesperson did not respond to a SCMagazine.com request for comment.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Researchers observe more than a hundred connections to 'Backoff' sinkhole

Researchers with Kaspersky Lab were able to sinkhole two command-and-control servers used by certain Backoff point-of-sale malware samples.

Judge lifts stay but Microsoft won't hand over emails during appeal

A judge has lifted a suspension of a previous order compelling Microsoft to hand over customer emails stored on a server in Ireland.

Home Depot investigates possible payment card breach

Home Depot investigates possible payment card breach

Home Depot said on Tuesday that it is working with its banking partners and law enforcement to investigate a possible data breach.