Fast-growing Flashback botnet includes over 600,000 Macs, experts say
Java-based attacks against Mac users resulted in over 600,000 Mac computers being infected with the Flashback Trojan horse
IDG News Service - More than 600,000 Macs have been infected with a new version of the Flashback Trojan horse that's being installed on people's computers with the help of Java exploits, security researchers from Russian antivirus vendor Doctor Web said on Wednesday.
Flashback is a family of Mac OS malware that appeared in September 2011. Older Flashback versions relied on social engineering tricks to infect computers, but the latest variants are distributed via Java exploits that don't require user interaction.
On Tuesday, Apple released a Java update in order to address a critical vulnerability that's being exploited to infect Mac computers with the Flashback Trojan horse.
However, a large number of users have already been affected by those attacks, Doctor Web said in a report issued on Wednesday. The company's researchers have managed to hijack a part of the Flashback botnet through a method known in the security community as sinkholing, and counted unique identifiers belonging to more than 550,000 Mac OS X systems infected with the Trojan horse.
Over 300,000 of the Flashback-infected Macs, or 56% of the total, are located in United States, while over 100,000 are located in Canada, Doctor Web said. The U.K. and Australia are next, with 68,000 and 32,000 infected Macs, respectively.
The botnet is growing at a rapid rate. Hours after Doctor Web issued its report, Ivan Sorokin, one of the company's malware analysts announced on Twitter that the botnet had grown to over 600,000 infected computers. He also said that 274 Macs infected with the new Flashback variant were located in Cupertino, the U.S. city where Apple has its headquarters.
F-Secure, the antivirus vendor that warned about the new Flashback attacks on Monday, couldn't confirm Doctor Web's estimate of the botnet's size. The company doesn't have good statistics on Mac malware, F-Secure's chief research officer Mikko Hypponen, said Wednesday on Twitter.
Doctor Web recommended that Mac users install the latest Java patch released by Apple, while other security companies went further, advising them to disable the Java plug-in in their browsers altogether if they don't use Java-based Web applications. Uninstalling Java from the system completely is also an option if it is not required for other desktop applications.
- An Insightful Approach to Optimizing Mainframe MLC Spend This paper discusses how you can penetrate the complexity of IBM mainframe MLC products and the MLC price model to gain insight into...
- Meeting the Exploding Demand for New IT Services In this eBook, explore the top trends driving the New IT for IT Service Management, and how leading organizations are evolving to focus...
- Hybrid IT-A Low-Risk Path from On-Premise to ITaaS This white paper provides a strategy to move part or all of your ITSM suite to the cloud as a stepping stone to...
- Paving the Windows XP Migration Path to Success Support for Windows XP has ended, leaving organizations with three choices: Windows 8, Windows 7 or a combination. With the right planning and...
- Increase Your Data Center IQ Discover how to improve network efficiency, lower IT costs and more proactively manage your physical, virtual and cloud environments.
- Optimize Data Center Resources and Plan for the Future Eliminate over-provisioning and capacity shortfalls with pro-active capacity optimization. Join us in the evolution from capacity monitoring to capacity optimization in your data... All Hardware White Papers | Webcasts