Skip to comments.Fast-growing Flashback Botnet Includes Over 600,000 Macs, Malware Experts Say
Posted on 04/05/2012 5:45:29 AM PDT by iowamark
More than 600,000 Macs have been infected with a new version of the Flashback Trojan horse that's being installed on people's computers with the help of Java exploits, security researchers from Russian antivirus vendor Doctor Web said on Wednesday.
Flashback is a family of Mac OS malware that appeared in September 2011. Older Flashback versions relied on social engineering tricks to infect computers, but the latest variants are distributed via Java exploits that don't require user interaction.
On Tuesday, Apple released a Java update in order to address a critical vulnerability that's being exploited to infect Mac computers with the Flashback Trojan horse.
However, a large number of users have already been affected by those attacks, Doctor Web said in a report issued on Wednesday. The company's researchers have managed to hijack a part of the Flashback botnet through a method known in the security community as sinkholing, and counted unique identifiers belonging to more than 550,000 Mac OS X systems infected with the Trojan horse.
Over 300,000 of the Flashback-infected Macs, or 56 percent of the total, are located in United States, while over 100,000 are located in Canada, Doctor Web said. The U.K. and Australia are next, with 68,000 and 32,000 infected Macs, respectively.
The botnet is growing at a rapid rate. Hours after Doctor Web issued its report, Ivan Sorokin, one of the company's malware analysts announced on Twitter that the botnet had grown to over 600,000 infected computers. He also said that 274 Macs infected with the new Flashback variant were located in Cupertino, the U.S. city where Apple has its headquarters.
F-Secure, the antivirus vendor that warned about the new Flashback attacks on Monday, couldn't confirm Doctor Web's estimate of the botnet's size...
(Excerpt) Read more at pcworld.com ...
Thanks for the reminder not to touch Apple products with a ten foot pole. Let the gays, the tragically hip, the vain, the young skulls full of mush buy those overpriced ridiculousities
So I can run Java on my homebuilt quad-core w 8GB ram PC and Apple users cannot? I spent a grand total of $160 last Christmas on memory, motherboard and CPU while Apple buyers (read suckers) pay thousands for machines that will get infected if they run Java. What a scam
There are undoubtedly SOME infected machines. Might be in the hundreds or even thousands. Over half a million? How is that number generated? By Russian anti-virus "Doctor Web"'s Marketing Department with a dart board, most likely.
Is there a botnet? Well, let's wait a little while and see.
I doubt it. I think this is another case of typical anti-virus bullshit marketing, taking a known small problem and trumpeting it as though it's the End Of The World As We Know It.
In a month or two, we'll know. The Apple Haters can show me the headlines... THEN. Until then, I call FUD too.
> "the gays, the tragically hip, the vain, the young skulls full of mush"
> "Apple buyers (read suckers)"
You're entitled to your opinion. But hurling personal insults at other FReepers is not permitted. Why not cool it and just discuss the topic, instead of trolling? It's not like you're making your point any better for all the crap names you throw around.
Exactly. This 600,000 number is more inflated than Obama's "jobs created" numbers. Anyone buying into this handwringing probably also believe NBC's Zimmerman tape is the real deal.
The conditions that have to be in place for an infection to even be possible, might apply to a small fraction of users. And because the non-Admin variant causes so much system instability it would be discovered quickly and takes mere seconds to eradicate.
Now that Apple is the overwhelming machine of choice, at some point we might actually get a bug to worry about, but this ain't it.
Make that 59,999,999.
Yep, unlike your machine which is totally invulnerable, in fact you can run millions of free viri and trojans at no extra cost to you. Sigh..... if only I could do that on my Mac.
So after seven months Flashback, the first ever successful Mac trojan (which we all admitted was going to come eventually), has managed to infect 600,000 Macs, and that's a reason not to get a Mac.
Let's see how it has been in your world. It only took about a week for Code Red to hit almost 400,000 Windows machines running IIS -- and IIS wasn't even very popular back then, on a few million servers at most.
Over the last decade, it's been far safer to run a Mac.