Security Firm Symantec Analyzes the Profitability of the OSX.Flashback Botnet
Security firm Symantec previously estimated that the authors of the Flashback malware that affected hundreds of thousands of Macs at its peak could have been generating up to $10,000 per day by hijacking users' ad clicks. Further analysis from the company suggests that the developers may have only earned $14,000 over the three weeks the malware was active.
From our analysis we have seen that, for a three-week period starting in April, the botnet displayed over 10 million ads on compromised computers but only a small percentage of users who were shown ads actually clicked them, with close to 400,000 ads being clicked. These numbers earned the attackers $14,000 in these three weeks, although it is worth mentioning that earning the money is only one part of the puzzle—actually collecting that money is another, often more difficult, job. Many PPC providers employ anti-fraud measures and affiliate-verification processes before paying. Fortunately, the attackers in this instance appear to have been unable to complete the necessary steps to be paid.
It is estimated the actual ad-clicking component of Flashback was only installed on about 10,000 of the more than 600,000 infected machines. In other words, utilizing less than 2% of the entire botnet the attackers were able to generate $14,000 in three weeks, meaning that if the attackers were able to use the entire botnet, they could potentially have earned millions of dollars a year.
Symantec notes that the malware developers displayed more than 10 million hijacked ads and could have delivered many more if the developers had been more successful in their attacks.
Some security specialists have said that the Mac OS is "really vulnerable" to further infections, though these claims should perhaps be taken with a grain of salt -- those security specialists make their living off vulnerabilities and it is in their best interest to promote awareness of them.
Popular Stories
Apple's second-generation AirPods Pro are finally nearing launch, with a release expected later this year. If you are considering upgrading to the new AirPods Pro once they are released, keep reading for a list of five new features to expect.
In addition to all-new features, the second-generation AirPods Pro will likely adopt some features added to the standard AirPods last year.
H2 Chip
...
There's just about a month to go until Apple holds its annual September event focusing on new iPhone and Apple Watch models. We thought we'd take a quick look at everything that's rumored for Apple's September event to give MacRumors readers a rundown on what to expect when the first fall event rolls around.
iPhone 14
The iPhone 14 can probably be described more as an "iPhone 13S" because...
Apple's rumored 10th-generation iPad is currently in production and will feature "major" design changes, according to a report from Taiwanese website DigiTimes.
A mockup of the potential 10th-generation iPad design by Renders By Shailesh The report did not provide any specific details about the 10th-generation iPad's new design, but rumors suggest the device will feature a larger 10.5-inch...
Apple today seeded the sixth betas of upcoming iOS 16 and iPadOS 16 updates to developers for testing purposes, with the updates coming a week after Apple released the fifth developer betas.
Registered developers can download the iOS and iPadOS 16 profiles from the Apple Developer Center, and once installed, the betas will be available over the air.
iOS 16 introduces a revamped Lock...
The Apple Watch SE was announced in September 2020 and has been a popular Apple Watch model for customers looking for their first smartwatch or an affordable Apple Watch. Apple Watch SE customers may be wondering, however, what's in store for them with the upcoming Apple Watch Series 8 and what new features they can expect. Continue reading to find out. Apple Watch SE vs. Apple Watch Series ...
Samsung today announced the launch of the Odyssey Ark, which the company says is the world's first 55-inch 4K curved display with a 165Hz refresh rate for improved gaming performance. Samsung first previewed the monitor at CES, but it is now available to order.
Subscribe to the MacRumors YouTube channel for more videos. Priced at $3,500, the Samsung Odyssey Ark features mini-LED technology...
This week brought some shocking news for iOS 16 beta testers, with Apple bringing back the iPhone battery percentage to the status bar after a number of years.
Other news and rumors this week included word that Apple has started recording portions of its media event planned for next month to introduce the iPhone 14 and Apple Watch Series 8, claims about iPhone 14 Pro pricing and Apple's...
Top Rated Comments
I'll say. The more afraid we are, the more we'll pay for their placebo security software.
I say the best security is knowing how to avoid infections in the first place. If you can learn not to download mysterious files, you're half way there.
This isn't one person making $14,000 profit for three weeks of work. There is a lot more work than three weeks of hacking, with many more people involved, for a scheme that managed to produce $14,000 in revenue for three weeks and then fizzled out. A complex software project producing a total of $14,000 in revenue.
I did a quick calculation using the total annual revenue of my company and the number of developers employed, using a number of 230 working days, and I couldn't spend more than three or four days of work for one developer for $14,000 revenue.
I wouldn't be surprised if websites like macrumors did get more additional ad revenue due to people reading stories about flashback and clicking on ads on macrumors, than these hackers made.
PS. Seems at least one of those hackers was angry because I told them they are stupid and doing a lot of work for very little money.
A lot of malware / phishing scams are run by organized crime in Russia.
It would be a cold day in hell before I would ever buy a Symantec product for mac. Their PC editions are resource killing crap. I would put MSE up against them any day.
Considering how Flashback infects Macs, seems like a hackers' basic business model to me..
That was yesterday. Does that count as "the next story"? Headline: "'Catastrophic' Avira antivirus update bricks Windows PCs"
http://www.theregister.co.uk/2012/05/16/avira_update_snafu/
This "anti-virus" software thought it had found viruses in essential parts of Windows, that are actually signed by Microsoft. Someone commented "Either the bad guys cracked Microsoft's code signing; in that case we can just give up. Or they didn't, in that case the anti-virus software was wrong. In either case, the anti-virus software shouldn't touch anything that is code-signed by Microsoft".