Fast-growing Flashback botnet includes over 600,000 Macs, experts say
Java-based attacks against Mac users resulted in over 600,000 Mac computers being infected with the Flashback Trojan horse
IDG News Service - More than 600,000 Macs have been infected with a new version of the Flashback Trojan horse that's being installed on people's computers with the help of Java exploits, security researchers from Russian antivirus vendor Doctor Web said on Wednesday.
Flashback is a family of Mac OS malware that appeared in September 2011. Older Flashback versions relied on social engineering tricks to infect computers, but the latest variants are distributed via Java exploits that don't require user interaction.
On Tuesday, Apple released a Java update in order to address a critical vulnerability that's being exploited to infect Mac computers with the Flashback Trojan horse.
However, a large number of users have already been affected by those attacks, Doctor Web said in a report issued on Wednesday. The company's researchers have managed to hijack a part of the Flashback botnet through a method known in the security community as sinkholing, and counted unique identifiers belonging to more than 550,000 Mac OS X systems infected with the Trojan horse.
Over 300,000 of the Flashback-infected Macs, or 56% of the total, are located in United States, while over 100,000 are located in Canada, Doctor Web said. The U.K. and Australia are next, with 68,000 and 32,000 infected Macs, respectively.
The botnet is growing at a rapid rate. Hours after Doctor Web issued its report, Ivan Sorokin, one of the company's malware analysts announced on Twitter that the botnet had grown to over 600,000 infected computers. He also said that 274 Macs infected with the new Flashback variant were located in Cupertino, the U.S. city where Apple has its headquarters.
F-Secure, the antivirus vendor that warned about the new Flashback attacks on Monday, couldn't confirm Doctor Web's estimate of the botnet's size. The company doesn't have good statistics on Mac malware, F-Secure's chief research officer Mikko Hypponen, said Wednesday on Twitter.
Doctor Web recommended that Mac users install the latest Java patch released by Apple, while other security companies went further, advising them to disable the Java plug-in in their browsers altogether if they don't use Java-based Web applications. Uninstalling Java from the system completely is also an option if it is not required for other desktop applications.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- 4 Customers who never have to refresh their PCs again This paper illustrates a common theme: the combination of desktop virtualization and thin client computing helps organizations deliver an up-to-date user experience more...
- Mobile Devices: The New Thin Clients Get essential guidance for understanding the role thin clients plus virtual desktops play in the enterprise today.
- Taking Windows Mobile on Any Device Taking Windows applications mobile has many advantages, but the process of identifying a solution is complex. Learn how to solve this complex problem...
- PaaS - Powering a New Era of Business IT Why PaaS has suddenly become relevant and irresistible to many organizations. Dive into the opportunities and considerations associated with using PaaS from an...
- Redefine Your IT Operations: Remote Office IT Has Never Been Simpler Join us to see why PC Pro named Dell PowerEdge VRTX the "2013 Server of the Year." PowerEdge VRTX may be just what...
- Four Myths of High-Productivity App Dev Debunked Debunk the main myths surrounding high-productivity application development and how both platforms have overcome them. All Hardware White Papers | Webcasts