Doctor Web exposes 550 000 strong Mac botnet
(Publication) Google search: [1]
| Doctor Web exposes 550 000 strong Mac botnet | |
|---|---|
| |
| Botnet | Flashback |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / April 4, 2012 |
| Editor/Conference | Doctor Web |
| Link | http://news.drweb.com/show/?i=2341 (Archive copy) |
| Author | |
| Type | |
Abstract
“ Doctor Web—the Russian anti-virus vendor—conducted a research to determine the scale of spreading of Trojan BackDoor.Flashback that infects computers running Mac OS X. Now BackDoor.Flashback botnet encompasses more than 550 000 infected machines, most of which are located in the United States and Canada. This once again refutes claims by some experts that there are no cyber-threats to Mac OS X.
Systems get infected with BackDoor.Flashback.39 after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system. JavaScript code is used to load a Java-applet containing an exploit. Doctor Web's virus analysts discovered a large number of web-sites containing the code. The recently discovered ones include:
godofwar3.rr.nu ironmanvideo.rr.nu killaoftime.rr.nu gangstasparadise.rr.nu mystreamvideo.rr.nu bestustreamtv.rr.nu ustreambesttv.rr.nu ustreamtvonline.rr.nu ustream-tv.rr.nu ustream.rr.nu
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR978,
editor = {Doctor Web},
author = {},
title = {Doctor Web exposes 550 000 strong Mac botnet},
date = {04},
month = Apr,
year = {2012},
howpublished = {\url{http://news.drweb.com/show/?i=2341}},
}