Security firm identifies origins of ‘Flashback’ Mac virus

The “Flashback” virus discovered to have infected more than 600,000 Mac computers earlier this month originated on a series of WordPress blogs, security experts have determined. According to Alexander Gostev, head of the global research and analysis team at Kaspersky, the virus began as a trojan hidden within a fake Adobe software update. In March, however, the malware’s creators repackaged the virus in a “drive-by attack” that infected users’ Apple computers when they visited one of thousands of compromised WordPress blogs.¬†“Tens of thousands of sites powered by WordPress were compromised,” Gostev wrote on Kaspersky’s SecureList blog. “How this happened is unclear. The main theories are that bloggers were using a vulnerable version of WordPress or they had installed the ToolsPack plug-in.” Apple released a system update earlier this month that patched a Java vulnerability and removed most common iterations of the Flashback virus. As of the middle of last week, however, more than 140,000 Mac computers were still infected with the virus, which is capable of intercepting private data and transmitting it without a user’s knowledge.

Read

blog comments powered by Disqus