Macs Infected by Flashback Trojan Drops to 140,000
By Alistair Charlton | April 19, 2012 2:00 AM EST
The number of Mac computer infected by the Flashback virus has fallen by almost half a million since a tool to fix the problem was released by Apple earlier this month.
The Flashback trojan first appeared back in 2007 and but earlier this month it emerged that it had infected more than 600,000 Macs before Apple came up with some software to identify the malware and remove it last week. In a matter of days the number of infected computers has fallen to around 140,000.
Targeting Macs that have older versions of Java Runtime installed, Flashback downloads itself to a compatible Apple laptop or desktop PC, then generates a list of botnet control servers and begins checking in with them.
Despite the large decline in infected Macs in just a few days, Norton Symantec had expected the number to be lower still. "Given the number of removal tools and Apple security updates now available, it was hoped that the decline would be greater at this point.
"There remains a significant number of Mac users who haven't followed the simple and necessary steps to bring the infection numbers down to zero," the security firm told Cult of Mac.
It was previously revealed that of the 600,000 Macs infected, 274 were located in Apple's hometown of Cupertino, California.
As security expert Graham Cluley explains, once Flashback is installed on a compromised Mac it does two things: "One is a data stealing trojan that attempts to steal passwords and banking information from Safari.
"The other appears to do search engine redirection, presumably to perform advertising fraud or direct victims to further malicious content."
Cluley continues: "First and foremost Mac users need to be sure they have installed the latest security patches from Apple. Second, Mac users can no longer rely on simply updating their computers. Preventative protection is an essential defense mechanism to detect and thwart future attacks."
The malware - which goes by the full name of Backdoor.OSX.SabPub.a - connects the infected Mac to a remote website and waits for instructions; these can include executing commands or taking screenshots. A group of these infected computers, called a botnet, can be used to devastating effect by the person in control.
To contact the editor, e-mail:
Most Popular Slideshows
- Taylor Swift Named Forbes' Second Highest Paid Country Musician [PHOTOS]
- Forever Lost: Indescribable Anguish for Malaysia Airlines MH17 Families, Remains of Some Victims May Never Be Found (PHOTOS)
- Lunch with the Gods: Pope Francis Eats with Vatican Workers in Cafeteria
- Celebrities Suffering From Lupus: Facts About the Disease
Join the Conversation
- iPhone 6 Release Date Relevance to iOS Newbies: Specs Meaning, Price Considerations
- Nexus 6 Likely Confirmed as Motorola 5.9-Inch Phablet on Release Date – Report
- Sony Xperia Z3: Release Date, Five Features to Expect from New Android Smart Phone
- Samsung Galaxy Mega 2 Reportedly Cleared by FCC: Five Fresh Features to Expect from Android Smart Phone
- Xiaomi Mi4 vs. OnePlus One—Specifications, Features, Release Date and Price Showdown
- Transfer News: In Demand Everton Midfielder Silence Speculations by Penning New Deal [VIDEO]
- True Blood Spoilers: Alcide Killed because Season 7 is Bill, Sookie’s Season
- Reebok Launches Bacon Line to Lure CrossFit and Paleo Diet Fans
- Transfer News: Star Midfielder Pledges Future with Manchester City [VIDEO]
- ACT Party's Demand to Re Consider Maoris Privileges Evokes Reprimand