NetGuide NZ - Flashback infections not declining: discoverers

Warning: This story was published more than a year ago.
Dr_Web.jpg

Flashback infections not declining: discoverers

The Russian web security firm that initially drew attention to the troublesome Mac trojan known as Flashback says reports that infections are dropping are incorrect.



The trojan was revealed to be installed on around 600,000 Mac computers at the beginning of this month, forming a large botnet that many have called the worst the Mac platform has ever seen.



Both Symantec and Kaspersky stated last week that infections were declining as a result of new security measures, the former putting the figure at 140,000 and the latter at just 30,000.



However, according to Russian company Dr Web the number is still around 650,000.



The reason for the discrepancy is that a server with which the bots communicate is not closing the TCP handshake after the communication has ended. This causes the bots to switch to standby mode and cease communicating with other command centres, including those registered by the security vendors.



"At the same time infected computers that have not been registered on the [Flashback] network before join the botnet every day’, Dr Web says in a blog post.



Apple has released a security update to combat the trojan as well as a specific Flashback removal tool.

Interested in this topic?
We can put you in touch with an expert.

Follow Us

Featured

next-story-thumb Scroll down to read: