Despite a fix offered by Apple, Symantec reports that there are still around 140,000 Macs infected with the OSX.Flashback.K malware. To some degree, that's actually good news, as approximately 600,000 Macs were infected as of April 9. Only 380,000 machines had the Flashback/Flashfake malware the next day, and 323,000 the day thereafter. But by Tuesday less than 99,000 were expected to still be infected, yet the number still hovered around the 140,000 mark on Wednesday.
"We had originally believed that we would have seen a greater decline in infections at this point in time, but this has proven not to be the case," Symantec reports. "Currently, it appears that the number of infected computers has tapered off, but remains around the 140,000 mark. As there have been tools released by Symantec and other vendors in the past few days concerning this threat, the infection numbers should have seen a dramatic decrease by now."
The security firm added that the recent Oracle Java SE Remote Java Runtime Environment Denial Of Service Vulnerability used to distribute the Flashback Trojan has been spotted distributing another Mac threat called OSX.Sabpab. This trojan has been used in targeted attacks distributed with malicious Word documents exploiting the Microsoft Word Record Parsing Buffer Overflow Vulnerability.
As for Flashback/Flashfake, the company has uncovered new information about its domain name generator (DNG) algorithm. According to the company, it does not limit itself to using ".com" as the top level domain (TLD), but chooses between five domain names. As an example, it can reach out to eeejudpyefmsnd.net or bwincdwtyxsorh.info.
Naturally Symantec suggests that Mac users have the latest antivirus signatures installed and have applied the latest available patches for both the operating system and third-party applications. A free detection and removal tool for the OSX.Flashback.K issue, "Norton Flashback Detection and Removal Tool," is also freely available for download.
Last week Kaspersky Lab also launched its own Flashfake removal tool, but later pulled it over a bug that caused an erroneous removal of certain user settings including auto-start configurations, user configurations in browsers, and file sharing data.
Mac users concerned that they might be infected with Flashback/Flashfake can still use Kaspersky's online tool to scan their system. This dedicated site is safe for users to visit and enter their computer’s UUID, which will be checked in Kaspersky Lab’s Flashfake database of infected computers (instructions for entering user UUIDs are included as well). If the UUID is found in Kaspersky's database, then infected Mac users will need to download and run the fixed removal tool when it becomes available.
Stay on the Cutting Edge
Join the experts who read Tom's Hardware for the inside track on enthusiast PC tech news — and have for over 25 years. We'll send breaking news and in-depth reviews of CPUs, GPUs, AI, maker hardware and more straight to your inbox.
Ok umm and the purpose of this article is? I hope its not to make dumb people think that macs are still in god mode.Reply
^The purpose of the article obviously is to get us to look at that girl in the picture XDReply
mightymaxio^The purpose of the article obviously is to get us to look at that girl in the picture XD+1Reply
Should we remember everyone that these numbers are actually the number of computers that are trying to reach the command domain? That it does not mean these machines are no longer infected? Nah... let's not mention that.Reply
Hello OsX welcome to the mainstream!Reply
We have Viruses, Malware, Anti-Virus, and Anti-Malware!
You ready for the kicker? Sometimes they're all the same thing!
So enjoy your stay and prepare for several more viruses just like this one!
mightymaxio^The purpose of the article obviously is to get us to look at that girl in the picture XDReply
There was an article?
I'd freaking buy a dozen Macs if SHE came with 'em.Reply
So much more important news to be read. Why are sophisticated readers being subjected to such irrelevant news?Reply
Hello OsX welcome to the mainstream! We have Viruses, Malware, Anti-Virus, and Anti-Malware!
Ummm, a senior citizen told me that someone at the Apple store had told him a few weeks ago that Apple computers were so magical that they could never be infected by viri and that he could open any link and file without worrying. Imagine.
I can only read Mac OS X, Apple and IPODReply