The Apple Mac–Flashback Trojan could have netted $10k per day for it’s creators.

Mac MalwareThe Flashback Trojan which has been one of the most talked about pieces of malware which has affected Apple’s OSX  Operating System, may have for the creators of this malware, netted them $10K per day, according to a report from security and anti-virus company Symantec.

“We’ve been busy in the labs reverse engineering the various components of OSX.Flashback.K to determine the true motivation behind the malware. Let’s take a look at this Mac Trojan in more detail.

The Infection
It’s now well-known that the latest OSX.Flashback.K variant was being distributed using the Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability (CVE-2012-0507), which  was patched by Oracle in February. Unfortunately for Mac users, there was a large window of exposure since Apple’s patch for this vulnerability was not available for six weeks.

Ad-clicking Trojans are nothing new and in an analysis of W32.Xpaj.B last August a botnet measuring in the region of 25,000 infections could generate the author up to $450 per day. Considering the Flashback Trojan measures in the hundreds of thousands, this figure could sharply rise to the order of $10000 per day.”

Read the full article at Symantec Security Blog HERE

2 thoughts on “The Apple Mac–Flashback Trojan could have netted $10k per day for it’s creators.

  1. My blog has been compromised and google chrome blocked it. I need to remove it but I don’t know where in all wordpress code the snippet is inserted. There was a suspicious file in .log/log1.txt with the list of possible domains to put in the snippet. I can’t find any info anywhere about it!

    Thanks

  2. For future reference, I’ve cleaned my blog this way:

    for p in `find -iname “*.php”`;do sed ‘s/^..php …. eval.base64_decode…….[^"]*……//’ “$p” -i;done