Flashback Malware's Ad-Click Hijacking Detailed, Could Reap $10,000/Day
Antivirus firm Symantec has published a new blog post examining how the Flashback malware affecting hundreds of thousand of Macs has been generating revenue for its authors by hijacking users' ad clicks. According to the report, the widespread nature of the infection means that malware authors could have been generating up to $10,000 per day from the scheme at its peak based on previous analysis of malware click redirection.
The Flashback ad-clicking component is loaded into Chrome, Firefox, and Safari where it can intercept all GET and POST requests from the browser. Flashback specifically targets search queries made on Google and, depending on the search query, may redirect users to another page of the attacker's choosing, where they receive revenue from the click . (Google never receives the intended ad click.)
Symantec's work on the ad-click hijacking aspect of Flashback comes after Russian firm Dr. Web, which was responsible for the initial publicity about the malware, published its own report examining some of the early data on infected computers seeking to connect to command-and-control servers.
The report looks at nearly 100,000 connections that came in on April 13, finding that close to two-thirds of the infected machines identified themselves as running Mac OS X Snow Leopard, which was the last version of OS X to ship with Java enabled by default. OS X Lion does not include Java by default, and thus was responsible for only 11% of infections seen during the survey period.
Flashback infection share vs. operating system usage share (Data via Dr. Web, Chart via Computerworld) As
noted by Computerworld, OS X Lion represents nearly 40% of OS X copies currently in use, suggesting that Apple's decision to remove Java from the default Lion install is indeed helping to limit infections on Apple's newest machines.
[W]hile Snow Leopard's and Leopard's infection rates are higher than their usage shares, the opposite's true of OS X 10.7, or Lion. The 2011 OS accounted for 39.6% of all copies of OS X used last month, yet represented only 11.2% of the Flashback-compromised Macs.
Dr. Web's data on OS kernel versions being reported from infected Macs also demonstrates that many Mac users do not keep their systems up-to-date, with roughly 25% of Snow Leopard and Lion systems seen in the survey reporting themselves as at least one version behind Apple's most recent updates (10.6.8 for Snow Leopard and 10.7.3 for Lion).
Popular Stories
iOS 19 will not drop support for any iPhone models, according to French website iPhoneSoft.fr. The report cites a source within Apple.
The report said that iOS 19 will be compatible with any iPhone that is capable of running iOS 18, which would mean the following models:
iPhone 16
iPhone 16 Plus
iPhone 16 Pro
iPhone 16 Pro Max
iPhone 15
iPhone 15 Plus
iPhone 15 Pro
...
It's looking like 2025 is going to be an important year for Apple, with the company planning to revamp the iPhone, push further into smart home products, and improve Apple Intelligence. There are tons of new products rumored for 2025, including new iPhones, M4 Macs, a smart home command center, and much more.
We've highlighted the top five Apple products that will have the biggest impact in...
Apple earlier this month released macOS 15.2, and in doing so it accidentally confirmed new MacBook Air models coming next year.
Apple accidentally released macOS 15.2 restore files for unreleased "MacBook Air (13-inch, M4, 2025)" and "MacBook Air (15-inch, M4, 2025)" models. While it no surprise that the 13-inch and 15-inch MacBook Air models were going to be updated with the M4 ...
Apple appears to be internally testing iOS 18.2.1 for the iPhone, based on evidence of the software update in our website's analytic logs this week. The logs have accurately revealed many iOS versions before they were released.
iOS 18.2.1 should be a minor update that fixes bugs and/or addresses security vulnerabilities, but it is unclear which specific issues might be resolved. The update...
Apple plans to release a new "HomePod" with a 7-inch LCD display, an A18 chip, and Apple Intelligence support in 2025, according to DigiTimes.
Google's Nest Hub
It is unclear how much the screen-equipped HomePod would cost, but Apple is seemingly aiming for a reasonable price. In a paywalled report this week, the supply chain publication said Apple has selected China-based manufacturer Tianma ...
Apple launched the controversial "trashcan" Mac Pro eleven years ago today, introducing one of its most criticized designs that persisted through a period of widespread discontentment with the Mac lineup.
The redesign took the Mac Pro in an entirely new direction, spearheaded by a polished aluminum cylindrical design that became unofficially dubbed the "trashcan" in the Mac community. All of ...
The current Apple TV 4K was released more than two years ago, so the streaming device is becoming due for a hardware upgrade soon. Fortunately, it was recently rumored that a new Apple TV will launch at some point next year.
Below, we recap rumors about the next-generation Apple TV.
Bloomberg's Mark Gurman last week reported that Apple has been working on its own combined Wi-Fi and...
On this week's episode of The MacRumors Show, we take a look ahead to all of Apple's expected hardware announcements for 2025.
Subscribe to The MacRumors Show YouTube channel for more videos
Rumors and reports from a range of reliable sources suggest that Apple will release at least 22 new products in 2025, with a series of minor to major updates and refreshes planned for the iPhone, iPads,...