Over 600,000 Macs Infected By BackDoor.Flashback.39

According to a report from Dr. Web, there are over 600,000 Macs affected with the BackDoor.Flashback.39 trojan, .

Systems get infected with BackDoor.Flashback.39 after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system. JavaScript code is used to load a Java-applet containing an exploit. Doctor Web’s virus analysts discovered a large number of web-sites containing the code.

The trojan contacts a control service. Once contact has been made it can download and run the payload on the infected machine. It can run any executable received from a server.

Over 550 000 infected machines running Mac OS X have been a part of the botnet on April 4. These only comprise a segment of the botnet set up by means of the particular BackDoor.Flashback modification. Most infected computers reside in the United States (56.6%, or 303,449 infected hosts), Canada comes second (19.8%, or 106,379 infected computers), the third place is taken by the United Kingdom (12.8% or 68,577 cases of infection) and Australia with 6.1% (32,527 infected hosts) is the fourth.

The 550,000 number has since been updated to 600,000. “At this moment botnet Flashback over 600k, include 274 bots from Cupertino”, tweeted Sorokin Ivan of Dr. Web.

Doctor Web recommends Mac users to download and install a security update released by Apple from support.apple.com/kb/HT5228 to prevent infection of their systems by BackDoor.Flashback.39.

F-Secure has instructions for detection and removal.

Read More

JOIN US NOW:You will Receive Each New Jailbreak & Technology Update In Your Email as Soon as It Is Published.

Enter your email address:

Delivered by FeedBurner

April 6th, 2012 by