Flashback Malware Still Affecting over 100,000 Macs

While Apple has pushed out several software updates to detect the Flashback malware and remove it from infected systems, Symantec noted late yesterday that over 100,000 machines remain afflicted by the issue as detected by their sinkhole operation to redirect server traffic.

flashback sinkhole infections
Symantec pegged the number at approximately 142,000 as of Monday, listing a rough estimate of "over 99,000" as yesterday's data was still coming in. Those numbers are down from a peak of over 600,000 machines two weeks ago, but a substantial number of machines are still infected by the malware.

The statistics from our sinkhole are showing declining numbers on a daily basis. However, we had originally believed that we would have seen a greater decline in infections at this point in time, but this has proven not to be the case. Currently, it appears that the number of infected computers has tapered off, but remains around the 140,000 mark.

As there have been tools released by Symantec and other vendors in the past few days concerning this threat, the infection numbers should have seen a dramatic decrease by now.

Symantec also takes a look at the domain name generator that allows infected machines to connect to their command-and-control servers to receive instructions. The generator uses a list of 14-character strings rotated each day, coupling each string with one of five top-level domains (.com, .net, .info, .in, or .kz) to find its instructions.

The report also claims that Flashback-infected systems can receive updated command-and-control server locations through Twitter, although no details on that process are provided. A similar claim was made for earlier versions of Flashback, although there has apparently been no demonstration of the Twitter delivery method actually being used.

Popular Stories

iPhone 17 Slim Feature Single Camera 1 Redux

'iPhone 17 Air' Launching Later This Year With These 10 New Features

Wednesday January 15, 2025 7:16 am PST by
While the so-called "iPhone 17 Air" is not expected to launch until September, there are already plenty of rumors about the "ultra-thin" device. Overall, the "iPhone 17 Air" is shaping up to be a mixed bag. Due to its thinness, the device is expected to have some limited specifications compared to the iPhone 17 Pro models, including only a single rear camera, only a single speaker, no SIM...
new magsafe charger

Apple Releases Updated MagSafe Charger Firmware

Tuesday January 14, 2025 11:30 am PST by
Apple today released new firmware designed for the 25W MagSafe Charger that is compatible with the iPhone 12 and later and the latest AirPods and Apple Watch models. The updated firmware is version 2A143, up from the 2A138 firmware that the accessory shipped with. In the Settings app, you'll see a different version number than the internal firmware number. The 2024 MagSafe charger was...
Generic iOS 18

iOS 18.3 Coming Soon: Here's What's New

Monday January 13, 2025 5:33 am PST by
iOS 18.3 is currently in beta for developers and public beta testers. So far, the upcoming iPhone software update is very minor in scope. Below, we outline what is new in iOS 18.3 so far. The only potential new feature coming to iPhones with iOS 18.3 so far is robot vacuum support in the Home app, but this functionality is not yet live. Apple is laying the groundwork for the feature,...
2024 iPhone Boxes Feature

Apple Changes Trade-In Values for iPhones, iPads, Macs, and More

Thursday January 16, 2025 6:45 am PST by
Apple today adjusted estimated trade-in values for select iPhone, iPad, Mac, and Apple Watch models in the U.S., according to its website. Some values increased, while others decreased. The changes were not too significant, with most values rising or dropping by $5 to $50. We have outlined some examples below: Device New Value Old Value iPhone 15 Pro Max Up to $630 U ...
iPhone 17 Pro Dual Tone Feature 1

iPhone 17 Pro Launching Later This Year With These 8 New Features

Thursday January 9, 2025 5:45 am PST by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. iPhone 17 Pro concept based on rumors Below, we recap key changes rumored for the iPhone 17 Pro models as of January 2025: More aluminum: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models ...
severance new york promo 1

Apple Promotes Severance Season 2 Premiere With Lumon Industries Pop-Up and Visits From Actors

Tuesday January 14, 2025 3:47 pm PST by
Ahead of the season two premiere of hit TV show Severance, Apple is marketing the show with a fun Severance pop-up at the Grand Central Terminal in New York City. Apple has assembled a glass cube with workstations that are identical to the setups that Lumon employees use on the show, complete with employees "working," doing yoga, playing catch, throwing paper airplanes, sipping coffee, and...
airpods pro 2 gradient

AirPods Pro 3 Expected This Year: Here's What We Know

Wednesday January 8, 2025 7:05 am PST by
Despite being released over two years ago, Apple's AirPods Pro 2 continue to dominate the wireless earbud market. However, with the AirPods Pro 3 expected to launch sometime in 2025, anyone thinking of buying Apple's premium earbuds may be wondering if the next generation is worth holding out for. Apart from their audio and noise-canceling performance, which are generally regarded as...
MacBook Air 15 Inch Feature Blue

MacBook Air Likely Apple's First Product Update of 2025: What to Expect

Wednesday January 15, 2025 8:49 am PST by
There is a good chance that Apple's first product announcement of 2025 will be updated 13-inch and 15-inch MacBook Air models with the M4 chip. Last month, Apple released macOS Sequoia 15.2, and in doing so it accidentally confirmed new MacBook Air models are coming this year (unsurprisingly). Bloomberg's Mark Gurman said the new MacBook Air models will be announced "earlier" than some...
Apple Card iPhone 16 Pro Feature

Three Companies Are Now in the Running to Take Over the Apple Card

Thursday January 16, 2025 8:18 am PST by
Apple is in talks with Barclays and Synchrony about becoming its new financial partner for the Apple Card, according to Reuters sources. The report today added that Apple has also been holding discussions with Chase Bank owner JPMorgan since last year, so there are at least three potential companies in the running to take over the Apple Card from current partner Goldman Sachs. Goldman...

Top Rated Comments

chrono1081 Avatar
166 months ago
I don't understand the concern everyone has. One trojan that infected 1% of Macs (thats right, 1%) and is easily fixed with an update compared to over a million known malware variants on Windows systems is nothing.
Score: 7 Votes (Like | Disagree)
Santabean2000 Avatar
166 months ago
Seems like a lot, but I guess not as a percentage. Still, new threats, I fear, will soon become the norm.

It was good while it lasted.


I hope I'm wrong.
Score: 6 Votes (Like | Disagree)
Henriok Avatar
166 months ago
As I installed today's Flash update, I thought to myself: how am I supposed to know if this is really Flash, or if this is actually a trojan?
Don't act on someone else's initiative. Act on your own.
If you see on some news site, or via some popup dialog, that Flash (or any other software) is updated, then go to the download site by yourself, or invoke the update process provided in the software.

Let's say that Software Update says that there's some software that needs to be updated. Read what the update is about and click [Cancel]. Then, you go to Software Update by your own action and run it. If it says the same thing as before, you go ahead and upgrade.

The first instance COULD've been a Trojan that just happens to mask itself as Software Update, or Flash updater, or some other updater/installer.
But, if you run through the process by your self manually, and according to standard procedure, you won't invoke any Trojan.

…probably. If you follow this, you won't get infected by ANY trojan that I know of and you won't get phished, or scammed by any email.
Score: 5 Votes (Like | Disagree)
caligomez Avatar
166 months ago
Do we really need antivirus software for Macs? I mean, assuming the growth of the platform, and that more and more malicious programs will be written.. I consider myself pretty smart in avoiding infection, but it only takes one savy developer to trick you with some method you didn't anticipate..

I don't have any type of security software.. Should I? If so, which is the best for Mac?
Score: 5 Votes (Like | Disagree)
macsmurf Avatar
166 months ago
You know I don't like to spread conspiracy garbage. But on this topic every story says these are estimated numbers or a best guess. Even still 100,000 is less than 1% of Mac users. How is this even an outbreak or panic like the media is portraying? I've gone around and checked about 100 of the machines at my work not a single one of them was infected. None of my friends have been infected and none of my home machines have been infected. So I'm starting to believe this is all BS that the antivirus companies are putting out so that you purchase their software subscriptions. I just feel they really want to be in the Mac market and capture Windows switchers.
The starting number was around 600 000 or 1% of mac computers worldwide. That's on par with the Conficker outbreak which is the largest outbreak in the history of Windows, AFAIK. Of course, many more Windows machines were infected but taking the total number of Windows machines into account the percentage of infected machines was around 1%.

Conficker was a fairly sofisticated worm with implementations of quite a lot of different attacks. In that light, 1% for the comparatively much simpler Flashback malware is actually very widespread. The two month delay in releasing the fix was probably a big contributing factor along with the widespread belief that Macs don't get viruses.

It great to see that the number has gone down but 100 000 infected is still nothing to sneeze at (excuse the punnage).
Score: 4 Votes (Like | Disagree)
chrono1081 Avatar
166 months ago
1% who has reported the issue, which is about the amount of mac users who join forums.
The other 99% may be infected and may not know because they have been told the mac is "safe" and protected from such things.
No the 1% is the actual number of infected whether they know it or not.

http://www.redmondpie.com/apple-releases-standalone-flashback-malware-removal-tool-for-non-java-mac-users-download-now/ (http://www.redmondpie.com/apple-releases-standalone-flashback-malware-removal-tool-for-non-java-mac-users-download-now/)

They don't measure it by the amount of people reporting it, they measure it by seeing what the trojan is doing.
Score: 4 Votes (Like | Disagree)