?Flashfake? stages largest attack on Mac OS

Share on facebook
Share on twitter
Share on linkedin
Share on email

The botnet is being distributed via infected websites as a Java applet that pretends to be an update for the Adobe Flash Player. About 670,000 computers worldwide, 98 percent of them running Mac OS X, were infected by Flashfake. Kaspersky Lab said this is the largest Mac-based infection to date, with the largest number of victims targeting developed countries. The United States had the most infected computers (300,917) followed by Canada (94,625), the United Kingdom (47,109) and Australia (41,600). Infections also found in France (7,891), Italy (6,585), Mexico (5,747), Spain (4,304), Germany (4,021), Japan (3,864) and Philippines is among the countries that contribute the average count of 1- 2,547 said Kaspersky Lab security expert, Igor Soumenkov in his blog. Security expert Alexander Gostev also stated in his blog that they were able to reverse-engineer the Flashfake malware that enabled them to successfully analyze the communications between infected computers and the command and control (C&C) servers of Flashfake. ?After intercepting one of the domain names used by the Flashback/Flashfake Mac Trojan and setting up a special sinkhole server last Friday, April 6, we managed to gather stats on the scale and geographic distribution of the related botnet. We continued to intercept domain names after setting up the sinkhole server and we are currently still monitoring how big the botnet is. We have recorded a total of 670,000 unique bots. Over the weekend of April 7 to 8, we saw a significant fall in the number of connected bots,? added Gostev. Kaspersky Lab is also directing users to visit the website www.flashbackcheck.com, specifically made to determine if a computer is infected with the malware using a tool that looks into the device?s universal unique identifier (UUID). It also has instructions on how remove the malware if it is found.]]>

Facebook Comments

Latest Posts

Archives