Flashback Malware Still Affecting over 100,000 Macs

by

While Apple has pushed out several software updates to detect the Flashback malware and remove it from infected systems, Symantec noted late yesterday that over 100,000 machines remain afflicted by the issue as detected by their sinkhole operation to redirect server traffic.

flashback sinkhole infections
Symantec pegged the number at approximately 142,000 as of Monday, listing a rough estimate of "over 99,000" as yesterday's data was still coming in. Those numbers are down from a peak of over 600,000 machines two weeks ago, but a substantial number of machines are still infected by the malware.

The statistics from our sinkhole are showing declining numbers on a daily basis. However, we had originally believed that we would have seen a greater decline in infections at this point in time, but this has proven not to be the case. Currently, it appears that the number of infected computers has tapered off, but remains around the 140,000 mark.

As there have been tools released by Symantec and other vendors in the past few days concerning this threat, the infection numbers should have seen a dramatic decrease by now.

Symantec also takes a look at the domain name generator that allows infected machines to connect to their command-and-control servers to receive instructions. The generator uses a list of 14-character strings rotated each day, coupling each string with one of five top-level domains (.com, .net, .info, .in, or .kz) to find its instructions.

The report also claims that Flashback-infected systems can receive updated command-and-control server locations through Twitter, although no details on that process are provided. A similar claim was made for earlier versions of Flashback, although there has apparently been no demonstration of the Twitter delivery method actually being used.

Popular Stories

New Things Your iPhone Can Do in iOS 18

10 New Things Your iPhone Can Do in iOS 18.2

Thursday October 31, 2024 9:42 am PDT by
Apple is set to release iOS 18.2 in December, bringing the second round of Apple Intelligence features to iPhone 15 Pro and iPhone 16 models. This update brings several major advancements to Apple's AI integration, including completely new image generation tools and a range of Visual Intelligence-based enhancements. There are a handful of new non-AI related feature controls incoming as well. ...
Read Full Article46 comments
best early black friday deals

The Best Early Black Friday Apple Deals

Friday November 1, 2024 8:21 am PDT by
We're officially in the month of Black Friday, which will take place on Friday, November 29 in 2024. As always, this will be the best time of the year to shop for great deals, including popular Apple products like AirPods, iPad, Apple Watch, and more. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment,...
Read Full Article12 comments
M4 Pro on Blue

M4 Pro Chip Benchmark Results Reveal an Extremely Impressive Performance Feat

Thursday October 31, 2024 7:06 pm PDT by
The first Geekbench 6 benchmark results for the M4 Pro chip surfaced today. Impressively, the results that are available so far show that the highest-end M4 Pro chip is faster than the highest-end M2 Ultra chip in terms of peak multi-core CPU performance. Here is a comparison of the results: Mac mini with M4 Pro (14-core CPU): 22,094 multi-core score (average of 11 results) Mac Studio...
Read Full Article373 comments
Apple iPhone SE 4 5G Modem 1

iPhone SE 4 First to Get Apple-Designed 5G Modem, iPhone 17 Pro to Add Custom Wi-Fi 7 Chip

Friday November 1, 2024 4:04 am PDT by
The iPhone SE 4 that's set to come out early next year is expected to debut Apple's first in-house 5G modem, according to Jeff Pu, an analyst who covers companies within Apple's supply chain. In a research note this week with Hong Kong-based investment firm Haitong International Securities, Pu said Apple is expected to roll out its custom-made 5G modem starting with the next-generation...
Read Full Article31 comments
ios 18 2 chatgpt plus

iOS 18.2 Beta 2 Shows Siri ChatGPT Limit, Offers 'Plus' Upgrade Option

Monday November 4, 2024 10:54 am PST by
With the second beta of iOS 18.2 that's available for developers today, Apple has further fleshed out the ChatGPT integration that's available with Siri. In the Settings app, there's now a section that shows the ChatGPT daily limit, and offers an option to upgrade to the paid ChatGPT Plus plan. The beta includes an Advanced Capabilities section with a "Daily Limit" reading that shows up as...
Read Full Article85 comments
M3 Pro Max vs M4 Pro Max Feature

Here's How Much Faster M4 Pro/Max Are for Graphics vs. M3 Pro/Max

Friday November 1, 2024 8:04 am PDT by
Apple's new M4 Pro and M4 Max chips are impressively fast in terms of CPU performance, topping the M2 Ultra, but what about graphics performance? The first Geekbench 6 results for GPU performance are now available for the M4 Pro and M4 Max, and the Metal scores reveal some impressive year-over-year gains. Based on the Metal scores that are available so far, the M4 Pro and M4 Max are up to...
Read Full Article58 comments
imac video apple feature

What to Expect From Apple This November

Friday November 1, 2024 9:40 am PDT by
After a busy October in which Apple announced new Macs and Apple Intelligence launched, the calendar has now turned to November. Below, we outline what to expect from Apple this month as the slower-but-still-busy holiday season approaches. After seeding the first betas of iOS 18.2, iPadOS 18.2, and macOS Sequoia 15.2 with additional Apple Intelligence features last month, Apple will likely...
Read Full Article30 comments

Top Rated Comments

chrono1081 Avatar
chrono1081
164 months ago
I don't understand the concern everyone has. One trojan that infected 1% of Macs (thats right, 1%) and is easily fixed with an update compared to over a million known malware variants on Windows systems is nothing.
Score: 7 Votes (Like | Disagree)
Santabean2000 Avatar
Santabean2000
164 months ago
Seems like a lot, but I guess not as a percentage. Still, new threats, I fear, will soon become the norm.

It was good while it lasted.


I hope I'm wrong.
Score: 6 Votes (Like | Disagree)
Henriok Avatar
Henriok
164 months ago
As I installed today's Flash update, I thought to myself: how am I supposed to know if this is really Flash, or if this is actually a trojan?
Don't act on someone else's initiative. Act on your own.
If you see on some news site, or via some popup dialog, that Flash (or any other software) is updated, then go to the download site by yourself, or invoke the update process provided in the software.

Let's say that Software Update says that there's some software that needs to be updated. Read what the update is about and click [Cancel]. Then, you go to Software Update by your own action and run it. If it says the same thing as before, you go ahead and upgrade.

The first instance COULD've been a Trojan that just happens to mask itself as Software Update, or Flash updater, or some other updater/installer.
But, if you run through the process by your self manually, and according to standard procedure, you won't invoke any Trojan.

…probably. If you follow this, you won't get infected by ANY trojan that I know of and you won't get phished, or scammed by any email.
Score: 5 Votes (Like | Disagree)
caligomez Avatar
caligomez
164 months ago
Do we really need antivirus software for Macs? I mean, assuming the growth of the platform, and that more and more malicious programs will be written.. I consider myself pretty smart in avoiding infection, but it only takes one savy developer to trick you with some method you didn't anticipate..

I don't have any type of security software.. Should I? If so, which is the best for Mac?
Score: 5 Votes (Like | Disagree)
macsmurf Avatar
macsmurf
164 months ago
You know I don't like to spread conspiracy garbage. But on this topic every story says these are estimated numbers or a best guess. Even still 100,000 is less than 1% of Mac users. How is this even an outbreak or panic like the media is portraying? I've gone around and checked about 100 of the machines at my work not a single one of them was infected. None of my friends have been infected and none of my home machines have been infected. So I'm starting to believe this is all BS that the antivirus companies are putting out so that you purchase their software subscriptions. I just feel they really want to be in the Mac market and capture Windows switchers.
The starting number was around 600 000 or 1% of mac computers worldwide. That's on par with the Conficker outbreak which is the largest outbreak in the history of Windows, AFAIK. Of course, many more Windows machines were infected but taking the total number of Windows machines into account the percentage of infected machines was around 1%.

Conficker was a fairly sofisticated worm with implementations of quite a lot of different attacks. In that light, 1% for the comparatively much simpler Flashback malware is actually very widespread. The two month delay in releasing the fix was probably a big contributing factor along with the widespread belief that Macs don't get viruses.

It great to see that the number has gone down but 100 000 infected is still nothing to sneeze at (excuse the punnage).
Score: 4 Votes (Like | Disagree)
chrono1081 Avatar
chrono1081
164 months ago
1% who has reported the issue, which is about the amount of mac users who join forums.
The other 99% may be infected and may not know because they have been told the mac is "safe" and protected from such things.
No the 1% is the actual number of infected whether they know it or not.

http://www.redmondpie.com/apple-releases-standalone-flashback-malware-removal-tool-for-non-java-mac-users-download-now/ (http://www.redmondpie.com/apple-releases-standalone-flashback-malware-removal-tool-for-non-java-mac-users-download-now/)

They don't measure it by the amount of people reporting it, they measure it by seeing what the trojan is doing.
Score: 4 Votes (Like | Disagree)
Read All Comments