Security Experts Say Flashback Malware is Still at Large

Flashback Security Experts Say Flashback Malware is Still at Large

Security experts at Dr. Web argue that, despite recent reports alleging a major decrease in infected machines, a large number of Macintosh computers are still infected by the Flashback malware. Computer security company Kaspersky Lab agrees.

Security experts at Dr. Web argue that, despite recent reports alleging a major decrease in infected machines, a large number of Macintosh computers are still infected by the Flashback malware. Computer security company Kaspersky Lab agrees.

Flashback Security Experts Say Flashback Malware is Still at Large

The Flashback malware has represented what many experts think is the singularly largest Mac infection in history. Having infected over 600,000 machines, the malware was distributed to over one percent of all Macs in use.

Last week, multiple companies released free software to detect and remove the Flashback malware, including Apple itself. Earlier, Apple also released updates to fix the vulnerability that Flashback had exploited in the first place. After this slough of arsenal was released, it might have been tempting to say that Flashback was a much lesser threat.

Based on their operation “sinkhole”, Symantec estimated that the number of infected machines had dropped dramatically, to about 140,000. Kaspersky gave an even smaller estimate at just a little over 30,000, which is about twenty times less than the original number of infected machines.

But security experts at Dr. Web disagree with all of these uplifting estimates. In a blog post, the Russian antivirus company said that “The botnet statistics acquired by Doctor Web contradicts recently published reports indicating a decrease in the number of Macs infected by BackDoor.Flashback.39 The number is still around 650,000.”

Liam O Murchu, manager of operations at Symantec's security response center, said to ComputerWorld April 20, that it seemed Dr. Web was actually correct, after having discussed the issue with Dr. Web’s security experts.

According to Dr. Web officials, and officials at Intego, the inconsistencies with Flashback estimates are due to the way the malware finds and communicates with command-and-control (C&C) servers, the servers which end up sending commands to the infected Macs.

Despite all the tools to combat Flashback, it isn’t quite time for Mac owners to breathe easy. According to officials at Intego, Flashback is not only still on many Macs, but likely continues to infect them even now.

Source: eWeek.com

Brandon is an A+ certified technician and freelance writer living in East Tennessee. He loves God, writing, science (especially technology) and philosophy. He is currently preparing to enter the field of information security.