• Share
• Tweet

A recent study 550 000 Mac would be infected with a Trojan, mainly in the United States and Canada.

That report was made by Doctor Web, a Russian antivirus. The team has analyzed the deployment of a trojan called BackDoor.Flashback.  “Once again this contradicts the statements of some that there is no cyber threat on Mac OS X,” explains the company. Hackers have exploited two vulnerabilities (CVE-2011-3544 and CVE-2008-5353), respectively corrected by Apple on March 16 and April 3.

This first massive attack against the Mac is mainly due to a market share ever increasing Apple computers in homes and businesses. The Apple brand will now change its advertising that promises a “immunized against the virus” machine.

The victim machine is infected after visiting a malicious site that contains JavaScript loading itself a Java applet. Once installed BackDoor.Flashback.39 scans the Mac in search of security applications such as Little Snitch, Virus Barrier, avast! or iAntiVirus then established communication with the remote control servers.

Among the sites containing the code would end up godofwar3.rr.nu, ironmanvideo.rr.nu, killaoftime.rr.nu, gangstasparadise.rr.nu, mystreamvideo.rr.nu, bestustreamtv.rr.nu, ustreambesttv.rr.nu, ustreamtvonline.rr.nu, ustream-tv.rr.nu or ustream.rr.nu. Some Apple users also mention dlink.com site. At the end of March more than 4 million infected pages were found through Google’s index. 56.6% of infected computers (303,449) are located in the United States, 19.8% are located in Canada, Great Britain (12.8%) and Australia with (6.1%).

• Share
• Tweet