[funsec] Russian AV company claims 600, 000 Macs infected by Flashback
Jeffrey Walton
noloader at gmail.com
Mon Apr 9 06:38:04 CDT 2012
http://h-online.com/-1517180
A Russian AV company, Dr. Web, says it has conducted research to
determine the spread of the Flashback trojan on systems running Mac OS
X and says that 550,000 systems are infected, mostly in the US and
Canada. A later update raised that number to 600,000 and claimed 274
infected systems in Cupertino, California.
Dr. Web says it employed a sinkhole technique to intercept the bot
installed by the newest Flashback trojan, and directed the bots to its
own servers where it could analyse the traffic. Each bot includes a
unique ID of the machine it has infected in the query string it sends
to the command and control server; it is these unique IDs that Dr. Web
has used to calculate the infection count. According to its estimates,
of the original 550,000 estimate, 56.6% of the systems were in the
United States, 19.8% in Canada, 12.8% in the United Kingdom and 6.1%
in Australia.
...
More information about the funsec
mailing list