Fast-growing Flashback botnet includes over 600,000 Macs, experts say
Java-based attacks against Mac users resulted in over 600,000 Mac computers being infected with the Flashback Trojan horse
IDG News Service - More than 600,000 Macs have been infected with a new version of the Flashback Trojan horse that's being installed on people's computers with the help of Java exploits, security researchers from Russian antivirus vendor Doctor Web said on Wednesday.
Flashback is a family of Mac OS malware that appeared in September 2011. Older Flashback versions relied on social engineering tricks to infect computers, but the latest variants are distributed via Java exploits that don't require user interaction.
On Tuesday, Apple released a Java update in order to address a critical vulnerability that's being exploited to infect Mac computers with the Flashback Trojan horse.
However, a large number of users have already been affected by those attacks, Doctor Web said in a report issued on Wednesday. The company's researchers have managed to hijack a part of the Flashback botnet through a method known in the security community as sinkholing, and counted unique identifiers belonging to more than 550,000 Mac OS X systems infected with the Trojan horse.
Over 300,000 of the Flashback-infected Macs, or 56% of the total, are located in United States, while over 100,000 are located in Canada, Doctor Web said. The U.K. and Australia are next, with 68,000 and 32,000 infected Macs, respectively.
The botnet is growing at a rapid rate. Hours after Doctor Web issued its report, Ivan Sorokin, one of the company's malware analysts announced on Twitter that the botnet had grown to over 600,000 infected computers. He also said that 274 Macs infected with the new Flashback variant were located in Cupertino, the U.S. city where Apple has its headquarters.
F-Secure, the antivirus vendor that warned about the new Flashback attacks on Monday, couldn't confirm Doctor Web's estimate of the botnet's size. The company doesn't have good statistics on Mac malware, F-Secure's chief research officer Mikko Hypponen, said Wednesday on Twitter.
Doctor Web recommended that Mac users install the latest Java patch released by Apple, while other security companies went further, advising them to disable the Java plug-in in their browsers altogether if they don't use Java-based Web applications. Uninstalling Java from the system completely is also an option if it is not required for other desktop applications.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Preparing Your Infrastructure for the Hyperconvergence Era From cloud computing and virtualization to mobility and unified communications, an array of innovative technologies is transforming today's data centers.
- How WAN Optimization Helps Enterprises Reduce Costs If you wanted to break down innovation into a tidy equation, it might go something like this: Technology + Connectivity = Productivity. Productivity...
- Redefine Your IT Operations: Remote Office IT Has Never Been Simpler Join us to see why PC Pro named Dell PowerEdge VRTX the "2013 Server of the Year." PowerEdge VRTX may be just what...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources... All Hardware White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!