Flashback Malware's Ad-Click Hijacking Detailed, Could Reap $10,000/Day
Antivirus firm Symantec has published a new blog post examining how the Flashback malware affecting hundreds of thousand of Macs has been generating revenue for its authors by hijacking users' ad clicks. According to the report, the widespread nature of the infection means that malware authors could have been generating up to $10,000 per day from the scheme at its peak based on previous analysis of malware click redirection.
The Flashback ad-clicking component is loaded into Chrome, Firefox, and Safari where it can intercept all GET and POST requests from the browser. Flashback specifically targets search queries made on Google and, depending on the search query, may redirect users to another page of the attacker's choosing, where they receive revenue from the click . (Google never receives the intended ad click.)
Symantec's work on the ad-click hijacking aspect of Flashback comes after Russian firm Dr. Web, which was responsible for the initial publicity about the malware, published its own report examining some of the early data on infected computers seeking to connect to command-and-control servers.
The report looks at nearly 100,000 connections that came in on April 13, finding that close to two-thirds of the infected machines identified themselves as running Mac OS X Snow Leopard, which was the last version of OS X to ship with Java enabled by default. OS X Lion does not include Java by default, and thus was responsible for only 11% of infections seen during the survey period.
Flashback infection share vs. operating system usage share (Data via Dr. Web, Chart via Computerworld)As
noted by Computerworld, OS X Lion represents nearly 40% of OS X copies currently in use, suggesting that Apple's decision to remove Java from the default Lion install is indeed helping to limit infections on Apple's newest machines.
[W]hile Snow Leopard's and Leopard's infection rates are higher than their usage shares, the opposite's true of OS X 10.7, or Lion. The 2011 OS accounted for 39.6% of all copies of OS X used last month, yet represented only 11.2% of the Flashback-compromised Macs.
Dr. Web's data on OS kernel versions being reported from infected Macs also demonstrates that many Mac users do not keep their systems up-to-date, with roughly 25% of Snow Leopard and Lion systems seen in the survey reporting themselves as at least one version behind Apple's most recent updates (10.6.8 for Snow Leopard and 10.7.3 for Lion).
Popular Stories
Apple today released firmware updates for both AirPods 4 models (version number 7B20) and the AirPods Pro 2 with both Lightning and USB-C charging cases (version number 7B21). All of these AirPods models were previously on firmware version 7B19.
It is not immediately clear what new features or changes are included in firmware versions 7B20 and 7B21, but we will update this story if we find...
Apple is set to release iOS 18.2 next month, bringing the second round of Apple Intelligence features to iPhone 15 Pro and iPhone 16 models. This update brings several major advancements to Apple's AI integration, including completely new image generation tools and a range of Visual Intelligence-based enhancements. There are a handful of new non-AI related feature controls incoming as well....
Apple's camera module supplier for the upcoming iPhone SE 4 is set to begin mass production of the components in December, according to a new report coming out of Korea.
Economic newspaper Ajunews reports that LG Innotek will supply the front camera module for the budget-friendly fourth-generation device. Final tests are now said to be underway, with mass production of the module following...
Next year's iPhone 17 "Air" model may not be as thin as Apple planned, according to a rumor originating in Korea.
According to the news aggregator account "yeux1122" on Naver, citing industry sources, Apple has run into problems making the new iPhone 17 model sufficiently thin. The device's reduced thickness is apparently dependent on manufacturing a battery with a thinner substrate, but...
Black Friday is getting closer, and prices on MacBook Pro, MacBook Air, iMac, and Mac mini computers have started to drop as the shopping holiday nears. These deals include the latest models of the M4 MacBook Pro and iMac.
Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site...
Apple seeded the third betas of iOS 18.2 and iPadOS 18.2 to developers for testing today. While the third betas of each update are minor relative to the first two betas, there are still a handful of changes across the Photos app, TV app, and more.
A corresponding iOS 18.2 public beta with these changes will likely be released later this week, and Apple previously confirmed that the software...
In its announcement video for the new Mac mini last month, Apple teased an "upcoming" version of Final Cut Pro for the Mac. Apple will likely announce the update during the annual Final Cut Pro Creative Summit, which begins this Wednesday. The conference is held in association with Apple, and attendees will be visiting Apple Park on the first day.
Apple already teased four new features...
Apple is planning to launch an AI-powered smart home display as soon as March 2025, according to Bloomberg's Mark Gurman. The display will measure in at approximately six inches, and while it is similar to an iPad, it is square rather than rectangular and it has thick bezels around the edges. There is a camera at the top front so that it can be used for FaceTime, plus there are internal speakers...
