Flashback Trojan Persists for Macs, Contaminating Unabatedly
According to Intego the security company, Trojan Flashback, which during its peak activity infected more than 500,000 Mac computers, continues to run, tainting approximately 22,000 computers over the past few days.
It's been seen that the hijacked Macs linked up with command-and-control (C&C) infrastructures, which Intego's security analysts sinkholed i.e. pulled into their fold to do research alternatively sanitize for security.
Researcher Arnaud Abbati for Intego posted on the company blog that between January 2 and January 7, 2014, twenty two thousand Flashback-contaminated PCs communicated with server domains that the security company lately obtained. Those PCs were vulnerable to control by any malicious user that could access a domain name from the several incorporated into Flashback's algorithm, on the presumption that the person knew the way the malware's parts functioned. Arstechnica.com published this dated January 10, 2014.
Moreover, it was in 2011 that Flashback became evident for the first time. At that time it compromised computers after pretending to be Adobe media player Flash's true installer. And when 2012 started, Flashback merged into a threat characterized with drive-by assaults, abandoning being one characterized with performing social engineering. In the former case the malware exploited security flaws within the Java software of Oracle.
Flashback has the capacity to do several malicious actions, from compromising search results to filching data as also loading more malware.
According to Abbati, Flashback's design is variedly adaptable thus being extremely nasty. It encrypts itself on the host, and reading the host machine's Universal Unique Identifier (UUID), it transmits and uploads distinct details about the PC operator onto the malware's C&C infrastructure. SCMagazine.com published this dated January 10, 2014.
Presently Apple, with certain quick measures, is attempting at dismantling Flashback built botnet, implementing one malware-elimination program, as well as deactivating the domains Flashback uses.
Nevertheless, given the Trojan still victimizing users, Intego highly recommends Mac owners towards checking their systems aren't contaminated with Flashback. There is first-rate anti-virus software obtainable online for Mac users in particular which detects and removes Flashback variants, besides doing the same for any other malicious programs potentially residing on the Mac machines.
» SPAMfighter News - 23-01-2014