Click to Skip Ad
Closing in...

Security firm identifies origins of ‘Flashback’ Mac virus

Updated Dec 19th, 2018 8:23PM EST

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

The “Flashback” virus discovered to have infected more than 600,000 Mac computers earlier this month originated on a series of WordPress blogs, security experts have determined. According to Alexander Gostev, head of the global research and analysis team at Kaspersky, the virus began as a trojan hidden within a fake Adobe software update. In March, however, the malware’s creators repackaged the virus in a “drive-by attack” that infected users’ Apple computers when they visited one of thousands of compromised WordPress blogs. “Tens of thousands of sites powered by WordPress were compromised,” Gostev wrote on Kaspersky’s SecureList blog. “How this happened is unclear. The main theories are that bloggers were using a vulnerable version of WordPress or they had installed the ToolsPack plug-in.” Apple released a system update earlier this month that patched a Java vulnerability and removed most common iterations of the Flashback virus. As of the middle of last week, however, more than 140,000 Mac computers were still infected with the virus, which is capable of intercepting private data and transmitting it without a user’s knowledge.


Zach Epstein
Zach Epstein Executive Editor

Zach Epstein has been the Executive Editor at BGR for more than 10 years. He manages BGR’s editorial team and ensures that best practices are adhered to. He also oversees the Ecommerce team and directs the daily flow of all content. Zach first joined BGR in 2007 as a Staff Writer covering business, technology, and entertainment.

His work has been quoted by countless top news organizations, and he was recently named one of the world's top 10 “power mobile influencers” by Forbes. Prior to BGR, Zach worked as an executive in marketing and business development with two private telcos.