Macs Infected by Flashback Trojan Drops to 140,000
By Alistair Charlton | April 19, 2012 2:00 AM EST
The number of Mac computer infected by the Flashback virus has fallen by almost half a million since a tool to fix the problem was released by Apple earlier this month.
The Flashback trojan first appeared back in 2007 and but earlier this month it emerged that it had infected more than 600,000 Macs before Apple came up with some software to identify the malware and remove it last week. In a matter of days the number of infected computers has fallen to around 140,000.
Targeting Macs that have older versions of Java Runtime installed, Flashback downloads itself to a compatible Apple laptop or desktop PC, then generates a list of botnet control servers and begins checking in with them.
Despite the large decline in infected Macs in just a few days, Norton Symantec had expected the number to be lower still. "Given the number of removal tools and Apple security updates now available, it was hoped that the decline would be greater at this point.
"There remains a significant number of Mac users who haven't followed the simple and necessary steps to bring the infection numbers down to zero," the security firm told Cult of Mac.
It was previously revealed that of the 600,000 Macs infected, 274 were located in Apple's hometown of Cupertino, California.
As security expert Graham Cluley explains, once Flashback is installed on a compromised Mac it does two things: "One is a data stealing trojan that attempts to steal passwords and banking information from Safari.
"The other appears to do search engine redirection, presumably to perform advertising fraud or direct victims to further malicious content."
Cluley continues: "First and foremost Mac users need to be sure they have installed the latest security patches from Apple. Second, Mac users can no longer rely on simply updating their computers. Preventative protection is an essential defense mechanism to detect and thwart future attacks."
The malware - which goes by the full name of Backdoor.OSX.SabPub.a - connects the infected Mac to a remote website and waits for instructions; these can include executing commands or taking screenshots. A group of these infected computers, called a botnet, can be used to devastating effect by the person in control.
To contact the editor, e-mail:
Most Popular Slideshows
- NFL MNF: Washington Redskins 20, Dallas Cowboys 17 (OT) [PHOTOS]
- Emma Watson Gets 'Squished' In 'Colonia Dignidad' [PHOTOS]
- 2014 MLB World Series Game 6: Kansas City Royals 10, San Francisco Giants 0 [PHOTOS]
- San Francisco Giants Beat Kansas City Royals, 3-2 In Game 7, Wins 2014 MLB World Series [PHOTOS]
Join the Conversation
- Marvel Announces Release Dates Of 11 Upcoming Movies From 2015 To 2019
- Nokia Lumia 730 v. Sharp Aquos Crystal – Specifications, Features And Price Showdown
- Xiaomi Becomes World’s Third Largest Smartphone Manufacturer By Dethroning Huawei
- Entry Of Peshmerga Fighters From Iraq Boosts The Kobani Battle Against ISIS: Turkey Provides Transit
- Nexus 6, 9 Buyers on November Release Will Enjoy These 3 Killer Lollipop 5.0 Features First
- Apple iPhone 6 Plus vs Motorola Droid Turbo: Comparsion On Processor, Software And Battery
- Australia Special Forces Await 'Delayed' Iraqi Visas Before Joining ISIS Fight