Got a tip for us? Share it...

New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Flashback Malware Still Affecting over 100,000 Macs

While Apple has pushed out several software updates to detect the Flashback malware and remove it from infected systems, Symantec noted late yesterday that over 100,000 machines remain afflicted by the issue as detected by their sinkhole operation to redirect server traffic.


Symantec pegged the number at approximately 142,000 as of Monday, listing a rough estimate of "over 99,000" as yesterday's data was still coming in. Those numbers are down from a peak of over 600,000 machines two weeks ago, but a substantial number of machines are still infected by the malware.
The statistics from our sinkhole are showing declining numbers on a daily basis. However, we had originally believed that we would have seen a greater decline in infections at this point in time, but this has proven not to be the case. Currently, it appears that the number of infected computers has tapered off, but remains around the 140,000 mark.

As there have been tools released by Symantec and other vendors in the past few days concerning this threat, the infection numbers should have seen a dramatic decrease by now.
Symantec also takes a look at the domain name generator that allows infected machines to connect to their command-and-control servers to receive instructions. The generator uses a list of 14-character strings rotated each day, coupling each string with one of five top-level domains (.com, .net, .info, .in, or .kz) to find its instructions.

The report also claims that Flashback-infected systems can receive updated command-and-control server locations through Twitter, although no details on that process are provided. A similar claim was made for earlier versions of Flashback, although there has apparently been no demonstration of the Twitter delivery method actually being used.

Top Rated Comments

(View all)

30 months ago

Must be those people who are scared to death of any updates and wait 4 years before finally committing.


Ex-Windows Users?
Rating: 13 Votes
30 months ago
I don't understand the concern everyone has. One trojan that infected 1% of Macs (thats right, 1%) and is easily fixed with an update compared to over a million known malware variants on Windows systems is nothing.
Rating: 11 Votes
30 months ago
Seems like a lot, but I guess not as a percentage. Still, new threats, I fear, will soon become the norm.

It was good while it lasted.


I hope I'm wrong.
Rating: 8 Votes
30 months ago
Do we really need antivirus software for Macs? I mean, assuming the growth of the platform, and that more and more malicious programs will be written.. I consider myself pretty smart in avoiding infection, but it only takes one savy developer to trick you with some method you didn't anticipate..

I don't have any type of security software.. Should I? If so, which is the best for Mac?
Rating: 6 Votes
30 months ago

As I installed today's Flash update, I thought to myself: how am I supposed to know if this is really Flash, or if this is actually a trojan?

Don't act on someone else's initiative. Act on your own.
If you see on some news site, or via some popup dialog, that Flash (or any other software) is updated, then go to the download site by yourself, or invoke the update process provided in the software.

Let's say that Software Update says that there's some software that needs to be updated. Read what the update is about and click [Cancel]. Then, you go to Software Update by your own action and run it. If it says the same thing as before, you go ahead and upgrade.

The first instance COULD've been a Trojan that just happens to mask itself as Software Update, or Flash updater, or some other updater/installer.
But, if you run through the process by your self manually, and according to standard procedure, you won't invoke any Trojan.

…probably. If you follow this, you won't get infected by ANY trojan that I know of and you won't get phished, or scammed by any email.
Rating: 5 Votes
30 months ago
Must be those people who are scared to death of any updates and wait 4 years before finally committing.
Rating: 5 Votes
30 months ago

1% who has reported the issue, which is about the amount of mac users who join forums.
The other 99% may be infected and may not know because they have been told the mac is "safe" and protected from such things.


No the 1% is the actual number of infected whether they know it or not.

http://www.redmondpie.com/apple-releases-standalone-flashback-malware-removal-tool-for-non-java-mac-users-download-now/ (http://www.redmondpie.com/apple-releases-standalone-flashback-malware-removal-tool-for-non-java-mac-users-download-now/)

They don't measure it by the amount of people reporting it, they measure it by seeing what the trojan is doing.
Rating: 5 Votes
30 months ago
1. Macs are still the safest platform on the planet. 100k infections compared to millions of infected Windows systems is nothing, and this particular trojan is easily avoided. As usual, computer n00bs were/are the weak link.

2. Always run anti-virus software, but choose a product that's not going to kill system performance or constantly run in the background and do all kinds of unnecessary stuff. Even if your Mac won't be infected, you can store and pass along files laden with Windows viruses to friends and colleagues. Help keep them safe. I use ClamXav myself.

3. Keep your system updated. 'Nuf said.

4. MacOS has a built-in firewall. Use it. Will it keep everything out? No. Will it help? Yes.

5. Download/install apps/plugins/etc. only from reputable sources. When you update Flash, get it only from Adobe.com. For duh!

6. Pay attention to industry news. When malware such as this surfaces, someone usually detects it reasonably quick, and avoidance/repair measures are usually produced in short order.

7. Each new version of MacOS X becomes more secure. Keep up to date.

8. Yes, Apple could do a better job addressing malware.
Rating: 4 Votes
30 months ago


[*]Deactivate Java completely, you will never need it. And if you really are one in a million, who needs it, get familiar with the threats that come along with it.
[/LIST]



Like the millions who play Minecraft?
Rating: 4 Votes
30 months ago

I don't understand the concern everyone has. One trojan that infected 1% of Macs (thats right, 1%) and is easily fixed with an update compared to over a million known malware variants on Windows systems is nothing.

1% who has reported the issue, which is about the amount of mac users who join forums.
The other 99% may be infected and may not know because they have been told the mac is "safe" and protected from such things.
Rating: 4 Votes

[ Read All Comments ]