Flashback Trojan Yields around $10,000 through Ad-click Component
According to Symantec, the Flashback Trojan, which has contaminated a massive number of Mac PCs, is likely yielding over $10,000 or EUR 7,600 daily to the creators of the malware.
The researchers, at Symantec, in an attempt to estimate this yield, did a comparative analysis between Flashback and the W32.Xpaj.B malware commonly utilized in ad-click schemes and which spread in the wild during August 2011.
According to them, considering the revenue for Xpaj, which has been $450 (EUR 342)-or-so from a 25,000 zombie-accumulated botnet, it doesn't sound impossible for the 650,000 computers, which the Flashback took control of during its maximum activity, to yield beyond $10,000.
Symantec, which showed a code snippet, indicated that an ad-click site that had been compromised when an end-user was hunting toys online was capable of yielding $0.008 for every click. Thus it followed that a thousand click-frauds yielded the fraudster $8, and ten thousand clicks an increased $80.
Principal Security Response Manager Vikram Thakur at Symantec said that such fraudulent earnings continued to yield to the Flashback creators despite Symantec along with more anti-virus firms sink-holing the Trojan's botnet. Pcworld.com published this dated May 1, 2012.
Symantec noted that Flashback, which had a spyware feature, made its ad-clicking operation suitable during browsing sessions inside Apple's Safari, Mozilla's Firefox, and Google's Chrome Web-browsers. The security company reported this on May1, 2012.
Specifically, Flashback preferred attacking online searches done on Google, while at times it diverted users onto a different website that the attacker wished. This website was the ad-click site, the researchers stated, adding that Google wasn't a beneficiary from it.
Symantec, meanwhile, holds Apple responsible for Flashback's successful infection on Mac computers. The company attributes this to Oracle's development of a particular Java patch during February 2012 followed with a huge time-gap till April 2012 when Apple actually issued it, thus widely exposing Mac users to attack.
Eventually, security agencies remark about malware as a huge business that cyber-criminals will in no way abandon from exploiting; therefore computer-owners can best safeguard themselves by ensuring their software applications are properly patched and effective anti-virus, loaded.
Related article: FlexJobs Alerts Jobseekers Regarding New E-mail Scam
» SPAMfighter News - 11-05-2012