Posts Tagged Anti-Virus

Antivirus Researchers Confirm: Flashback Still Infects More Than 500,000 Macs – Forbes


Andy Greenberg

Andy Greenberg 

4/20/2012

Antivirus Researchers Confirm: Flashback Still Infects More Than 500,000 Macs

 

Dr. Web’s count of Macs actively running Flashback over the last weeks, showing more than half a million machines still infected.

 

On Wednesday, I wrote that antivirus firms disagreed by enormous margins on how many Macs remain infected by the Flashback trojan, with Kaspersky reporting as few as 30,000 machines still infected and Dr. Web, the Russian security company that first spotted the botnet, counting well over half a million Macs still running the Flashback malware.

Now Symantec has revised its findings, and they don’t look good. The antivirus firm, which earlier reported that only 140,000 machines were infected, now agrees with Dr. Web that the number is probably closer to four times that many.

Dr. Web released new statistics Friday showing that the process of eliminating Flashback from Macs is proceeding much slower than expected: On Friday, the Russian firm released new data showing that 566,000 active infected machines were counted Thursday and 610,000 counted Wednesday. (See chart above.)

Apple released a tool to remove Flashback from Macs late last week, along with several updates to Java over the last month designed to block Flashback’s method of infecting users who visit rigged WordPress blogs that exploited a vulnerability in the plugin. But the slow cleanup rate that Dr. Web has reported implies that only a fraction of users have run Apple’s cleanup program. “There are millions of people who still believe Mac is safe,” Dr. Web chief executive Boris Sharov told me when I spoke with him about his firm’s numbers Wednesday. “They don’t care. Plenty of people are not updating their Java. They say ‘I’m too busy, let’s wait until I have time.’”

Antivirus firms have been tracking the volume of Flashback’s infections by creating false command and control servers–known as sinkholes–to watch how many infected machines phone home to the spoofed machines.  Sharov told Wednesday that the other antivirus firms were underestimating the volume of Flashback’s remaining infections because they didn’t have as many command control domains registered as Dr. Web. But Symantec initially disagreed with Dr. Web’s assessment, arguing that all the malware currently cycles through all domains, so any sinkhole should give the count.

But on Friday Symantec updated its blog post to say that in fact, Dr. Web was right. An error in the malware was causing it to “hang” on certain domains and preventing them from registering on Symantec’s sinkhole.

“We were trying to understand the huge discrepancy between our numbers and Dr. Web’s. After reading Dr. Web’s blog, we now believe that between where we were measuring and they were measuring, a server was holding connections” preventing Symantec’s sinkhole from accurately measuring the botnet, Symantec’s Liam O Murchu says. “We’re now confident that what they’re seeing is accurate.”

So far, Flashback has been used only for click fraud, though like any Trojan it’s capable of updating itself for other nasty activities like credit card theft or denial of service attacks.

Apple’s Flashback removal tool can be found here.

 Antivirus Researchers Confirm: Flashback Still Infects More Than 500,000 Macs – Forbes.

, , , , , , ,

Leave a comment

SATIRE NATION

Off the charts...

Thoughtfully Prepping

My Scribblings about Prepping and Survivalism

Derek's Blog

Personal Blog about nothing

Zany Zach's Blog

Amateur blog for mostly Film/CD/Book/TV reviews .........

The Better Man Project

A man in progress. One day at a time.

Don Charisma

because anything is possible with Charisma

∙ tenderheartmusings ∙

we were born naked onto the page of existence; with nothing but the pen of our soul to write ourselves into eternal ecstasy ~ DreamingBear Baraka Kanaan

The Wine Wankers

Smile :) You’re at the best wine blog ever! Scroll down to read our fun stories, and join our journey as we fight through the wine jargon in search of a good glass of wine. Wine blogs; the best place to read about wine online! We're rated as one of the most infuential wine people on the net by Klout and Kred. Contact: winewankers@hotmail.com

Good Time Stories

Inspiring and Heartwarming Stories

musings from a musical mind

60's flowerchild,herbalist,dreamer, seeker of truth

retireediary

The Diary of a Retiree

AirportsMadeSimple

Your Interactive Travel Magazine~Showcasing a Variety of Authors

oasisbidari

A fine WordPress.com site

NoWorksSalvationApocalypseNow

Finishing Lifes Race Strong

Deep Shit Media

Alternative Sovereign Communications

38 Years

Perspective from the middle ages of life

Bookgirl

A great WordPress.com site

Chastisement 2013

Watch and Be Ready

Direct From The Street - Stuff We And People Share

Photos, Videos, Articles - Business, Social Media, Marketing, Entertainment, Fashion, Sports, Life

Follow

Get every new post delivered to your Inbox.

Join 364 other followers

%d bloggers like this: