We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Symantec: Flashback malware netted upwards of $10,000 a day

The malware that plagued Apple Macs is engineered to fraudulently click ads

Symantec said on Tuesday the Flashback malware that attacked Apple Mac computers could have netted its authors up to US$10,000 a day.

The company reverse engineered one version of the malware, called "Flashback.K," which it said deprives Google of advertising revenue. Flashback is believed to be the largest-ever malware campaign that has targeted Apple's operating system so far.

"Flashback specifically targets search queries made on Google and, depending on the search query, may redirect users to another page of the attacker's choosing, where they receive revenue from the click," according to a Symantec blog post.

When a person using an infected computer clicks on a Google advertisement, Flashback analyzes the request and substitutes the web site paying for the advertisement with its own.

Flashback also uses a specially crafted user-agent string, which comprises information about a computer accessing a website, in "an effort to thwart 'unknown' parties from investigating the URL with unrecognized user agents," Symantec wrote.

The company looked at what happened when a user clicked on an ad for toys. The click for the ad, worth $.08, is redirected to the a website affiliated with the attackers.

"This ultimately results in lost revenue for Google and untold sums of money for the Flashback gang," Symantec wrote. Since Flashback infected hundreds of thousands of users, "this figure could sharply rise to the order of $10,000 per day," Symantec wrote.

Flashback infected Apple computers using a critical vulnerability in Java, which Apple patched in early April about seven weeks after the issue was disclosed. In the interim, upwards of 800,000 computers were believed to have been infected. Apple released a special Flashback removal tool on April 13.

Send news tips and comments to [email protected]


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

LED vs Halogen: Why now could be the right time to invest in LED bulbs

IDG UK Sites

Christmas' best ads: See great festive spots studios have created to promote themselves and clients

IDG UK Sites

Stop running out of cellular data on your iPhone, see which apps use the most data