U.S. accounts for over half of Flashback-infected Macs

Share this article:

For once, Windows users are getting a break. In a rare botnet campaign targeting Macs, some 600,000 machines have been infected with a sophisticated trojan that can steal personal information, according to a Russian anti-virus firm.

Researchers began reporting this week about a new variant of the Flashback trojan actively exploiting a Java vulnerability in Mac OS X systems. Apple released a patch the following day, but apparently not quickly enough.

That's because Flasback already has poisoned nearly 600,000 machines globally, and more than half -- 303,440 -- are located in the United States, according to a report Wednesday from AV vendor Dr. Web,

A computer can become infected with the malware strain through a drive-by download, which involves nothing more than visiting a bogus web page. Once installed on the machine, Flashback appears capable of a number of malevolent actions, including stealing data, hijacking search results and installing additional malware.

Dr. Web researchers were able to “sinkhole” one of the botnet's command-and-control hubs so that traffic was redirected to their own servers, which allowed them to not only count the number of compromised machines, but also isolate their location down to the city.

For example, 274 Flashback-infected Macs were located in Cupertino, Calif., where Apple has its headquarters.

The 600,000 total number certainly may seem high, considering Macs have largely gone untouched by hackers, but so far no security vendors are challenging Dr. Web's findings.

“Infection numbers are kind of dicey because you have to rely on a whole series of vendors to say, ‘Well, we detected this many,'” Dave Marcus, director of advanced research at McAfee, told SCMagazine.com. “It's a significant amount of infected computers any way you look at it.”

Sean Sullivan, a security adviser at security firm F-Secure, agreed.

"We have no reason to doubt what they're reporting," Sullivan told SCMagazine.com in a Twitter message. "I can tell you that lots of samples -- more than average -- have been submitted to our support portal."

Although the Windows operating system seems to be the platform of choice for online miscreants, Marcus said this botnet fits right in with the trend of increasing malware attacks on the Mac platform.

“Functionality wise it's actually very similar to the stuff we run into on a PC platform,” he said. “What people need to be focusing on is the fact that Macs need to be protected just like any other hardware and any other operating system.”

An Apple spokesperson could not be reached for comment.
Share this article:

Sign up to our newsletters

More in News

Russian hacker Seleznev ordered to remain in custody

Roman Seleznev's attorneys requested that the hacker be released on bond, but their pleas were rejected this past week.

Bug in iOS Instagram app fixed, impacts Facebook accounts

The vulnerability comes into play when Instagram users search for Facebook friends to "follow."

AP denied security docs on HealthCare.gov, a risk to private information

AP denied security docs on HealthCare.gov, a risk ...

The Associated Press was denied a request made under the Freedom of Information Act for documents that contain security information on HealthCare.gov.