Kaspersky Lab researchers say that analysis of the Flashfake botnet confirms the size of the malicious network and that it consists mostly of Mac OS X machines.
Researchers at Kaspersky wrote on Friday that they were able to reverse engineer the domain generation algorithm used by the botnet, then set up a fake domain that collected requests from infected bots. The logs collected by the researchers confirm that the botnet includes more than 600,000 unique systems , more than 50% located in the U.S. In addition, analysis of the traffic collected by Kaspersky suggests that most of the infected machines are, in fact, running Apple’s Mac OS X operating system.
The botnet, Flashback, is the largest malicious network of Mac machines, and an unwelcome wake-up call for Mac users that malware – once the province of Windows systems – is a growing problem on Macs, as well.
After the botnet was first identified by the Russian security firm Dr. Web there were questions both about the size of the malicious network, and about contentions that it was made up of Mac OS X systems.
Read the entire post on Securelist, the Kaspersky Lab Research blog.