Some 659K Macs are Still Infected by Flashback Malware

Some 659K Macs are Still Infected by Flashback Malware.

Whoops: Symantec was wrong, some 650K Macs still infected with Flashback

21ST APRIL 2012 by MATTHEW PANZARINO

After a report Wednesday from security company Symantec put the number of Macs affected by the Flashback malware at just 140k, it appeared that Apple’s Java patch was working to reduce infections. But today the discoverer of the Flashback malware, Dr. Web, has produced new numbers that show some 650K Macs still infected by it.

Now, Symantec has recanted, as has Russian firm Kaspersky, in the face of new evidence from Dr. Web about the scope of the infection, reports Computerworld. The numbers that Dr. Web dropped today show that there are still around 550,000 computers that connect to the servers controlled by the botnet on a daily basis.

The number is falling, but there are still new machines, which had never connected to the network before, being recorded. This indicates that the malware is still infecting new computers.

The Flashback malware had spread to some 600,000+ infected systems as of last week, by taking advantage of a security flaw in Java which had been discovered in February. The security of Mac computers at large was obviously in question, so it’s good to see Apple take decisive action, although it would have been nice to see it a bit sooner, as this was a known vulnerability.

The Flashback program installs on an un-patched machine and attempts to harvest web browsing activity, usernames and passwords. It then sends that information to its network of computers across the internet. It is what’s known as a ‘drive-by’ infection because it can install itself on your machine after just a visit to an infected page, without any administrator passwords or installation procedures necessary.

Apple has said that it is working to attack the botnet that is spreading the infection. It has already released a patch to Java and a standalone removal tool to take care of infections.

The fact that the numbers are not dropping as dramatically as it first seemed isn’t anything crazy to worry about, but it does show that Apple still has a lot of work to do to contain Flashback. All of this even as a new threat, in the SabPub backdoor infection, rears its head.

Hello world!

Welcome to WordPress.com. After you read this, you should delete and write your own post, with a new title above. Or hit Add New on the left (of the admin dashboard) to start a fresh post.

Here are some suggestions for your first post.

1. You can find new ideas for what to blog about by reading the Daily Post.
2. Add PressThis to your browser. It creates a new blog post for you about any interesting  page you read on the web.
3. Make some changes to this page, and then hit preview on the right. You can always preview any post or edit it before you share it to the world.