Flashback Trojan Infecting Snow Leopard Macs Most, Attacking Via Twitter

By Jonathan Charles | Apr 30, 2012 10:57 AM EDT

Share This Story

  • Print
  • Email

The Flashback Trojan continues to compromise Macs, according to a report by security firm Dr. Web. The Trojan can infect Macs with or without a user's permissions and is dominating Snow Leopard systems. The attacks seem to be directed via Twitter.

Follow us

The original version of the virus - which emerged around April 6 - was unsophisticated in comparison to its current variant/form. In its analysis, Dr. Web found that the malware is using an exploit in Java, which is configured with a list of servers through which it receives commands and configuration updates. The malware asks a user for permission, though installs regardless in the home directory.

"The download malignant program application interacts with two types of control servers. Servers belonging to the first category intercept web search traffic and redirect the user to malicious sites controlled by criminals. The second group issues commands to bots to perform backdoor tasks in the compromised system. Doctor Web analysts managed to take over control server domain names known to Backdoor. Flashback payload malware and analysed requests sent to bots by servers," Dr. Web reported.

Additionally, if the malware doesn't get a correct response from a server on its internally generated lists it will search Twitter for posts containing a string of text using the current date. The string serves as a hash tag in a search, using http://mobile.twitter.com/searches?q=.

"For example, some Trojans generated a string of the "rgdgkpshxeoa" format for the date 04.13.2012 ... If the Trojan manages to find a Twitter message containing bumpbegin and endbump tags enclosing a control server address, it will be used as a domain name," the firm added. Dr. Web took over domains of this category on April 13 to try and halt the hacker, but its Twitter account was blocked the following day.

63.4 percent of the infected Macs are running Snow Leopard, not the most recent version of OS X - Lion. Snow Leopard is the newest version of Apple's operating system that comes with Java. Snow Leopard also maintained the largest share of OS X last month, according to Net Applications.

Leopard is the second most-used Flashback-infected operating system, Dr. Web said, installed on 25.5 percent of the 90,000 infected Macs. OS X 10.5 released in Oct 2007.

(reported by Jonathan Charles, edited by Dave Clark)

 

Get the Most Popular Mobile&Apps Stories in a Weekly Newsletter

© 2014 Mobile & Apps All rights reserved. Do not reproduce without permission.

Join Our Conversation

Smartphones
Motorola invite for Nov. 5 event Droid Turbo global version launching on Nov. 5 as Moto Maxx?
Microsoft Band fitness tracker debuts alongside Microsoft Health service: Here's the deal (VIDEO)
Motorola Nexus 6 goes in and out of stock in no time on Google Play
Meet the new OPPO N3 and R5 smartphones – What you need to know
Tablet / Laptop / PC
Dell Venue 7 and Venue 8 Dell unveils Venue 7 and Venue 8 Android 4.3 Jelly Bean tablets
Retina iPad Mini facing delays, may not launch until early next year
Refurbished 128GB iPad with Retina Display now available on the Apple Online Store
Samsung Galaxy Note 10.1 – 2014 Edition: Pricing and availability now official
Gadgets
Amazon Logo Amazon reportedly to launch ‘Firetube’ set-top box before 2013 holidays
Samsung Galaxy Note 3 and Galaxy Gear India launch: Pricing and availability
Samsung Galaxy Gear Android smartwatch now up for pre-order in Canada
Samsung Galaxy Gear 2 reportedly in the works already, may debut at CES or MWC 2014
OS / Software
HTC Logo HTC reportedly considering Android/Windows Phone dual-booting smartphone as Microsoft pushes for deeper Windows mobile integration
iOS 7 Chrome Incognito mode leaks private searches due to bug
Sprint HTC One Android 4.3 Jelly Bean already rolling out, AT&T, T-Mobile & Verizon to follow
Microsoft Windows 8.1 now available for pre-order
Internet / Social Media
Google Downtime Google blacks out for two minutes, causes 40 percent drop in world’s Internet traffic
Xbox Music web player is live and ready for Xbox Music Pass subscribers
Facebook Android app collected phone numbers even if users never logged in
Firefox 22 brings support for web video calls, 3D gaming, and Unreal Engine 3
What's App
Flipboard for Windows Phone Flipboard for Windows Phone finally available, but requires 1GB of RAM (VIDEO)
Vine gets major update, lets you upload previously-shot videos & more (VIDEO)
BlackBerry Messenger (BBM) finally hits Windows Phone – Available as a free download now
Instagram releases Bolt ephemeral messaging app in select markets to challenge Snapchat
Copyright © 2014 Mobile & Apps All rights reserved. mobilenapps
Real Time Analytics