Security Market Segment LS
Monday, 23 April 2012 11:46

Flashback infections still in the hundreds of thousands

By

One security vendor is bucking the trend, suggesting there has only been a modest reduction in the number of computers infected with the Flashback malware.
Last week, security vendors were claiming that the number of Macs infected with the Flashback maiware had fallen to around 30,000, but that may not be the case.

According to Doctor Web, the Russian security vendor that was the first to provide an estimate of the number of infected systems, over 550,000 Macs may still be infected.

As of last Thursday, the company's count was 566,773.

Doctor Web officials explain the discrepancy in terms of the way infected computers attempt to communicate with the command and control servers. We already knew that the malware uses an algorithm to determine the domain names used on particular days, and these have been 'sinkholed' by Doctor Web and other companies.

But after attempting to communicate with those servers, the malware falls back to contacting a server at the IP address 74.207.249.7 ("controlled by an unidentified third party") and then goes into a standby mode in which they no longer attempt to communicate with other C&C servers.

That suggests there is no definite way of distinguishing from outside the computers that are in this standby mode and those that were infected but have now been cleaned. One possibility - not raised by Doctor Web - is that when an infected Mac is rebooted the malware once again attempts to communicate with the 'server of the day' before checking in with the C&C server at that fixed address. Mac owners commonly do not restart their computers for weeks or months on end, and that could cloud the statistics.

Read 3373 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here




IDC WHITE PAPER: The Business Value of Aiven Data Cloud Solutions

According to IDC, Aiven enables your teams to perform more efficiently, reduce direct infrastructure costs, and provide improved database performance, agility and scalability.

Find out how Aiven makes teams 48% more efficient, allowing staff to focus on high-value activities that drive real business results:

340% 3-year ROI – break even in 5 months (average)

37% lower 3-year cost of operations

78% reduction in staff time for database deployments

Download the IDC White Paper now

DOWNLOAD WHITE PAPER!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Published in Security
Tagged under
Stephen Withers

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

Latest from Stephen Withers

Related items

More in this category: « Flashback infections down to 30,000 Smaller organisations falling victim to targeted attacks »
Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top

Subscribe to Newsletter

*  Enter the security code shown:

WEBINARS & EVENTS

CYBERSECURITY

PEOPLE MOVES

GUEST ARTICLES

Guest Opinion

ITWIRETV & INTERVIEWS

RESEARCH & CASE STUDIES

Channel News

Comments