Macs Infected by Flashback Trojan Drops to 140,000
The number of Mac computer infected by the Flashback virus has fallen by almost half a million since a tool to fix the problem was released by Apple earlier this month.
The Flashback trojan first appeared back in 2007 and but earlier this month it emerged that it had infected more than 600,000 Macs before Apple came up with some software to identify the malware and remove it last week. In a matter of days the number of infected computers has fallen to around 140,000.
Targeting Macs that have older versions of Java Runtime installed, Flashback downloads itself to a compatible Apple laptop or desktop PC, then generates a list of botnet control servers and begins checking in with them.
Despite the large decline in infected Macs in just a few days, Norton Symantec had expected the number to be lower still. "Given the number of removal tools and Apple security updates now available, it was hoped that the decline would be greater at this point.
- FOLLOW US
- Follow @ibtimesindia
"There remains a significant number of Mac users who haven't followed the simple and necessary steps to bring the infection numbers down to zero," the security firm told Cult of Mac.
It was previously revealed that of the 600,000 Macs infected, 274 were located in Apple's hometown of Cupertino, California.
As security expert Graham Cluley explains, once Flashback is installed on a compromised Mac it does two things: "One is a data stealing trojan that attempts to steal passwords and banking information from Safari.
"The other appears to do search engine redirection, presumably to perform advertising fraud or direct victims to further malicious content."
Cluley continues: "First and foremost Mac users need to be sure they have installed the latest security patches from Apple. Second, Mac users can no longer rely on simply updating their computers. Preventative protection is an essential defense mechanism to detect and thwart future attacks."
The malware - which goes by the full name of Backdoor.OSX.SabPub.a - connects the infected Mac to a remote website and waits for instructions; these can include executing commands or taking screenshots. A group of these infected computers, called a botnet, can be used to devastating effect by the person in control.
To contact the editor, e-mail:
- Vin Diesel on Paul Walker’s Death & Visiting Walker’s Family: 'It was I who needed their strength'
- Vin Diesel Pays Emotional Tribute to Paul Walker, Calls Him His Better Half
- Fast and Furious Star Vin Diesel Describes Emotional Meeting with Paul Walker's Mother
- GCHQ and NSA Join Forces to Hunt Paedophiles on 'Dark Net'
- Queen Elizabeth Will Not Attend Nelson Mandela Funeral
- Xbox One: Fake Backward Compatibility Trick Can Brick Your Console [VIDEO]
Android v4.4 KitKat May Roll out to Samsung Galaxy S4 Mini, S3 Mini, Core, Ace 3 and More Devices: Report