Security Firm Symantec Analyzes the Profitability of the OSX.Flashback Botnet

Security firm Symantec previously estimated that the authors of the Flashback malware that affected hundreds of thousands of Macs at its peak could have been generating up to $10,000 per day by hijacking users' ad clicks. Further analysis from the company suggests that the developers may have only earned $14,000 over the three weeks the malware was active.

From our analysis we have seen that, for a three-week period starting in April, the botnet displayed over 10 million ads on compromised computers but only a small percentage of users who were shown ads actually clicked them, with close to 400,000 ads being clicked. These numbers earned the attackers $14,000 in these three weeks, although it is worth mentioning that earning the money is only one part of the puzzle—actually collecting that money is another, often more difficult, job. Many PPC providers employ anti-fraud measures and affiliate-verification processes before paying. Fortunately, the attackers in this instance appear to have been unable to complete the necessary steps to be paid.

It is estimated the actual ad-clicking component of Flashback was only installed on about 10,000 of the more than 600,000 infected machines. In other words, utilizing less than 2% of the entire botnet the attackers were able to generate $14,000 in three weeks, meaning that if the attackers were able to use the entire botnet, they could potentially have earned millions of dollars a year.

Symantec notes that the malware developers displayed more than 10 million hijacked ads and could have delivered many more if the developers had been more successful in their attacks.

Some security specialists have said that the Mac OS is "really vulnerable" to further infections, though these claims should perhaps be taken with a grain of salt -- those security specialists make their living off vulnerabilities and it is in their best interest to promote awareness of them.

Top Rated Comments

(View all)
Avatar
105 months ago

those security specialists make their living off vulnerabilities, and it is in their best interest to promote awareness of them.


I'll say. The more afraid we are, the more we'll pay for their placebo security software.

I say the best security is knowing how to avoid infections in the first place. If you can learn not to download mysterious files, you're half way there.
Score: 8 Votes (Like | Disagree)
Avatar
105 months ago

I wish I made $14,000 in 3 weeks :(

Your maths is wrong.

This isn't one person making $14,000 profit for three weeks of work. There is a lot more work than three weeks of hacking, with many more people involved, for a scheme that managed to produce $14,000 in revenue for three weeks and then fizzled out. A complex software project producing a total of $14,000 in revenue.

I did a quick calculation using the total annual revenue of my company and the number of developers employed, using a number of 230 working days, and I couldn't spend more than three or four days of work for one developer for $14,000 revenue.

I wouldn't be surprised if websites like macrumors did get more additional ad revenue due to people reading stories about flashback and clicking on ads on macrumors, than these hackers made.

PS. Seems at least one of those hackers was angry because I told them they are stupid and doing a lot of work for very little money.
Score: 6 Votes (Like | Disagree)
Avatar
105 months ago

Thanks StrikerShoot, I love a good infographics, but I have a good understanding of the threats Malware poses, and likewise the criminal mind behind a hacker. I'm thinking Godfather 3 style, going legit.

I was thinking without all the malicious aspects, voluntary opt-in Adnets where you technically farm all their clicks, think of it as an investment opportunity with micro returns. Micro input, micro returns. Still returns!

It sounds heaps like a scheme/existing web advertising but with the user opted-in, subscription based system.


A lot of malware / phishing scams are run by organized crime in Russia.
Score: 5 Votes (Like | Disagree)
Avatar
105 months ago
No way

It would be a cold day in hell before I would ever buy a Symantec product for mac. Their PC editions are resource killing crap. I would put MSE up against them any day.
Score: 4 Votes (Like | Disagree)
Avatar
105 months ago

This has got to be a business model right.

Ad-hijacking. Earn heaps through people clicking on Ads, invest, profit, repay people.


Considering how Flashback infects Macs, seems like a hackers' basic business model to me..

Score: 4 Votes (Like | Disagree)
Avatar
105 months ago

I'm waiting for the next story about how an antivirus software update goes bad and destroys the system. Those are always fun to hear about.


That was yesterday. Does that count as "the next story"? Headline: "'Catastrophic' Avira antivirus update bricks Windows PCs"

http://www.theregister.co.uk/2012/05/16/avira_update_snafu/

This "anti-virus" software thought it had found viruses in essential parts of Windows, that are actually signed by Microsoft. Someone commented "Either the bad guys cracked Microsoft's code signing; in that case we can just give up. Or they didn't, in that case the anti-virus software was wrong. In either case, the anti-virus software shouldn't touch anything that is code-signed by Microsoft".
Score: 3 Votes (Like | Disagree)

Top Stories

Apple's First MacBook Pro With a Retina Display Will Become 'Obsolete' in 30 Days

Monday June 1, 2020 7:50 am PDT by
If you are still hanging on to a Mid 2012 model of the 15-inch MacBook Pro with a Retina display, and require a new battery or other repairs, be sure to book an appointment with a service provider as soon as possible. In an internal memo today, obtained by MacRumors, Apple has indicated that this particular MacBook Pro model will be marked as "obsolete" worldwide on June 30, 2020, just over...

Five Mac Apps Worth Checking Out - June 2020

Tuesday June 2, 2020 2:25 pm PDT by
Apps developed for the Mac often don't receive as much coverage as apps designed for iPhones and iPads, so we have a series at MacRumors that highlights interesting Mac apps that are worth taking a look at. This month's apps are designed to make working from home a little bit easier. Subscribe to the MacRumors YouTube channel for more videos. Meeter (Free) - Working from home often...

Apple Music Joins Music Industry's Blackout Tuesday Awareness Campaign

Tuesday June 2, 2020 1:31 am PDT by
Apple Music has cancelled its Beats 1 radio schedule for Blackout Tuesday and is suggesting that listeners tune in to a radio stream celebrating the best in black music. Blackout Tuesday is a campaign organized by the music industry to support Black Lives Matter after Minneapolis citizen George Floyd was killed by police in the course of his arrest. On launching Apple Music, many users...

Next Apple Pencil Could Be Released in Black

Tuesday June 2, 2020 10:25 am PDT by
The next iteration of the Apple Pencil could be available in black for the first time, according to leaker Mr. White who shared the tidbit on Twitter this morning. A mockup of an Apple Pencil in black We haven't heard rumors of a next-generation Apple Pencil and it's not clear when a new model might be released. Apple is rumored to be working on mini-LED versions of the iPad Pro, and it's...

iPad Pro With A14X Chip, 5G, and Mini-LED Display Expected in First Half of 2021

Wednesday June 3, 2020 6:22 am PDT by
Apple plans to launch new iPad Pro models with an A14X chip, 5G connectivity, and a Mini-LED display in the first or second quarter of 2021, according to the increasingly reliable Twitter account L0vetodream. The leaker claims that the new iPad Pro models will be equipped with Qualcomm's Snapdragon X55 modem, which supports both mmWave and sub-6GHz. mmWave is a set of 5G frequencies that...

Apple Releases macOS Catalina 10.15.5 Supplemental Update With Security Fix

Monday June 1, 2020 10:56 am PDT by
Apple today released a supplemental update for macOS Catalina 10.15.5, the fifth update to the macOS Catalina operating system that was released in October 2019. The supplemental update comes a week after the release of the macOS Catalina 10.15.5 update. ‌macOS Catalina‌ 10.15.5 is a free update that can be downloaded from the Mac App Store using the Update feature in the System...

Tim Cook Addresses George Floyd's Death and Ensuing Protests and Riots as Apple Temporarily Closes Some U.S. Stores

Sunday May 31, 2020 8:04 pm PDT by
Amid unrest in numerous U.S. cities following last week's killing of George Floyd by police in Minneapolis, Apple CEO Tim Cook has shared an internal memo with employees (via Bloomberg) addressing the pain that many are feeling and urging others to commit "to creating a better, more just world for everyone." Cook also announced that Apple is making donations to several groups challenging...

iCloud Down for Many Users, Causing 'The Application You Have Selected Does Not Exist' Error [Update: Fixed]

Tuesday June 2, 2020 4:44 pm PDT by
iCloud appears to be down for many people at the current time, based on complaints from MacRumors readers and Twitter users. Apple's system status page was not initially displaying an error when the problems started, but has been updated to confirm an issue with iCloud account sign ins. The support site says that some users may be unable to sign in to their iCloud accounts and may also be...

iOS 14 Again Said to Be Compatible With All iPhones Able to Run iOS 13

Monday June 1, 2020 2:08 pm PDT by
iOS 14 will be compatible with all iPhones and iPod touch models able to run iOS 13, according to information shared today by Israeli site The Verifier. The compatibility data was allegedly found in a leaked version of iOS 14 and confirmed by what The Verifier says is a "trusted source from the system development process." iOS 13 is compatible with the iPhone 6s and later, with a full...

iPhone 13 Prototype Mockup Depicts Notch-Free Design and USB-C Port

Thursday June 4, 2020 10:07 am PDT by
We still have a few months to go before Apple unveils the iPhone 12, but rumors about the iPhone 13, coming in fall 2021, are already circulating. Japanese site Mac Otakara today shared a rough 3D printed mockup of a 5.5-inch iPhone said to be coming in 2021, which is from "Alibaba sources." The model may be built on leaked specifications and rumors, but where the info comes from is unclear. ...