Researchers Confirm 600K-Strong Flashback Botnet Is Mostly Mac

Kaspersky Lab researchers say that analysis of the Flashfake botnet confirms the size of the malicious network and that it consists mostly of Mac OS X machines.

Kaspersky Lab researchers say that analysis of the Flashfake botnet confirms the size of the malicious network and that it consists mostly of Mac OS X machines.

Researchers at Kaspersky wrote on Friday that they were able to reverse engineer the domain generation algorithm used by the botnet, then set up a fake domain that collected requests from infected bots. The logs collected by the researchers confirm that the botnet includes more than 600,000 unique systems , more than 50% located in the U.S. In addition, analysis of the traffic collected by Kaspersky suggests that most of the infected machines are, in fact, running Apple’s Mac OS X operating system.

The botnet, Flashback, is the largest malicious network of Mac machines, and an unwelcome wake-up call for Mac users that malware – once the province of Windows systems – is a growing problem on Macs, as well.

After the botnet was first identified by the Russian security firm Dr. Web there were questions both about the size of the malicious network, and about contentions that it was made up of Mac OS X systems

Read the entire post on Securelist, the Kaspersky Lab Research blog.

Suggested articles

Discussion

  • Anonymous on

    How do I tell if my MAC has been infected with flashback?

  • Randy Grein on

    Try installing sophos and scanning. While you're at it, install all current updates from Apple, which will block it.

    While this was a  major infection it's pretty simple to correct. Us mac users got off pretty easy this time, and need to start taking precautions - like using AV software. Still safer than PCs, but the free ride is over.

     

  • Anonymous on

    "Still safer than PCs"...I'm sure that's the same mantra repeated internally at Apple to help them rationalize waiting 6 weeks to fix an actively exploited vulnerability. Macs are not "safer", they're simply not targeted as much. That is a subtle, but very important difference.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.