Mac OS X: Flashfake Trojan
One of these modules was known to generate fake search engine results. The reason the Flashfake outbreak was so significant was because the cyber criminals’ evolved their attack methods for mass-exploitation using exploits. Previous Mac OS X malware relied primarily on social engineering to infect computers but in March the Flashfake cyber criminals started using Java exploits, which did not require user-interaction to infect computers. The use of exploits dramatically accelerated Flashfake’s infection rate of Mac OS X computers and was much larger than any previous outbreaks of Mac malware.
In response, Kaspersky Lab created a verification website that allowed Mac OS X users to see if their computers were infected with Flashfake. If Flashfake was detected, Kaspersky Lab provided a free utility for users that disinfected their computers.
As Mac OS X marketshare continues to grow, the motivation for cyber criminals to target the platform will also increase, and we expect to see new types of attacks and malware. The myth of Mac OS X being invulnerable has been shattered, and as cyber criminals continue to evolve their attack methods, users should also evolve by taking the necessary steps to bolster their computers’ security for protection.
Flashback check online
Kaspersky Lab has discovered the operation algorithm of the malicious program, and created a dedicated server that imitates the C&C server that infected computers are supposed to connect to.
For several days, this server registered all the infected computers that communicated with it, and recorded their UUIDs in a dedicated database. Thus, we can check if your computer’s UUID is in this database; if so, your computer was (and may still be) infected with FlashBack.
Essential protection for your Mac
Kaspersky Anti-Virus 2011 for Mac gives you advanced, constantly updated security against Internet threats – without impacting on your computer’s performance. It protects all of your most valuable files: sensitive information, music, photos, and more against the increasing number of viruses aimed at your computer. It gives you peace of mind as you browse the Internet and use online banking, and it stops you passing on malware to other types of computers your friends and colleagues use.
With more than 30,000 new Internet threats identified every single day, your Mac – and more importantly the precious stuff you keep on it – is only ever one click away from a virus attack. Protect it all, simply and effectively, with Kaspersky Anti-Virus 2011 for Mac.
Flashfake in blogs
Be the first to know our news, follow Kaspersky Lab on Facebook and Twitter
Kaspersky Lab Unveils New Research For Latest Mac OS X Malware Outbreaks: “SabPub” Trojan and Flashback/Flashfake Botnet
During Lab Matters Live – Online Press Conference Kaspersky Lab expert Vicente Diaz presented a detailed analysis of the two latest Mac OS X malware outbreaks: the new “SabPub” Trojan and the Flashfake botnet. The session also provided an overview of the evolution of Mac malware and address the reasons behind the recent surge of Mac OS X threat.
Watch the video
Flashback - Zombie MAC
Download the infographics - PNG file, 435KB.
Ryan Naraine and Costin Raiu on Flashback and Mac Security
Dennis Fisher talks with Ryan Naraine and Costin Raiu about the Flashback Mac botnet, why Apple is reluctant to let third parties update software on Macs and the future outlook for the security of Macs.
Listen to the podcast - MP3 file, 20MB
Flashback in media
- Security Week Flashback Botnet Updated to Include Twitter as C&C, April 30, 2012
- PC World Infected WordPress Blogs Blamed for Mac Flashback Trojan, April 20, 2012
- CIO Infected Wordpress Blogs Blamed for Mac Flashback Trojan, April 20, 2012
- Mac World Mac Flashback Trojan spread through infected WordPress blogs, April 20, 2012
- ZDNet Kaspersky: Mac market share means more malware, April 19, 2012
- Handelsblatt, Kriminelle Hacker entdecken den Mac, April 19, 2012
- MSNBC Should you disable Java on your computer? , April 19, 2012
- SC Magazine WordPress sites served as launching pad for Flashback, April 19, 2012
- Dark Reading Apple Mac Attack Began With Infected WordPress Sites, April 19, 2012
Back to top