iTnews

Mac Flashback made $600, not $10k a day

By Liam Tung on May 18, 2012 6:54AM
Mac Flashback made $600, not $10k a day

But it could have, Symantec says.

Symantec has slashed its own estimate for how much the Mac Flashback botnet was earning its controllers from US$10,000 a day to US$600. 

The security vendor’s previous claim about Flashback’s earning potential was based on a prior analysis of a Windows 32-bit ad-clicking trojan that netted 25,000 infections -- roughly five percent of the 600,000 Macs taken by Flashback -- that could generate its author up to US$450 a day. 

Flashback made money for its controllers through a single advertising component that manipulated Google searchers in the Chrome, Firefox and Safari browsers.

A Google search was potentially hijacked and depending on the search query could  lead the Mac victim to a page of the trojan controller’s choosing.   

Symantec appears to have initially assumed that all Flashback infections contained the ad component of the trojan, but on Thursday clarified that only two percent of around 600,000 infected machines were actually installed with the critical ad component. 

“[I]f the attackers were able to use the entire botnet, they could have earned millions”, said Symantec in an update, but as it was the campaign netted the controllers about US$14,000 in three weeks from the beginning of April or US$666 per day through click fraud.

“Had the attackers been more successful in installing the final payload they could have been earning considerably more than that, which makes this a profitable model for the attackers,” said Symantec. 

Still, the Flashback trojan controllers served over 10 million ads in three weeks, said Symantec. 

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
click flashback fraud mac osx security symantec trojan

Partner Content

What conversations should executives be having about cyber security?
Partner Content What conversations should executives be having about cyber security?
Resetting cyber security for the new threat landscape
Partner Content Resetting cyber security for the new threat landscape
Why companies fail at picking cloud modernisation partners
Promoted Content Why companies fail at picking cloud modernisation partners
COVID puts agile IT under the microscope
Promoted Content COVID puts agile IT under the microscope

Sponsored Whitepapers

Is the technology refresh dead?
Is the technology refresh dead?
DevSecOps: A framework for digital innovation
DevSecOps: A framework for digital innovation
Encryption: Protect your most critical data
Encryption: Protect your most critical data
Overcoming data security challenges in a hybrid, multicloud world
Overcoming data security challenges in a hybrid, multicloud world
Move beyond passwords
Move beyond passwords

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
  • [Webinar] - Transformation versus compliance – a guide for CXOs
  • Masters of Microsoft Licensing
By Liam Tung
May 18 2012
6:54AM
0 Comments

Related Articles

  • ATO to keep JobMaker businesses honest with data matching
  • BOQ tries to pin BEC blame on a branch manager
  • New Raindrop malware used in SolarWinds hack found
  • Melbourne man charged over myGov fraud
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Vodafone hit by nationwide 4G outage

Vodafone hit by nationwide 4G outage

Virgin Australia rebuilds its IT leadership team

Virgin Australia rebuilds its IT leadership team

NAB's chief data officer Glenda Crisp leaves bank

NAB's chief data officer Glenda Crisp leaves bank

Westpac to offer smartphone-based identity verification group-wide

Westpac to offer smartphone-based identity verification group-wide

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.