Apple Mac virus has more casualties than meets the eye and is costing Google up to $10,000 a day.
Click to enlarge |
Apple slowness (i,e six weeks later) in releasing a patch for the recent Mac virus outbreak, resulted in a “window of opportunity [that] helped the Flashback Trojan to infect Macs on a large scale,” warns security expert Symantec in a blog.
Creators of the dodgy Flashback program took advantage of the ‘gap’ by exploiting vulnerable websites, and once an unpatched Mac user visits a compromised site, Mac Trojan ‘SX.Flashback.K’ malware would be installed.
The browser is then directed to an exploit site hosting numerous Java exploits.
Ultimately there is a lucrative ad-clicking component to this malware fraud as “the end goal of this Trojan is revenue generation,” say Symantec.
Once the Flashback ad-clicking component is loaded into Chrome, Firefox, and Apple Safari browsers it can intercept all GET and POST requests from the browser.
Flashback targets search queries made on Google and redirects users to other sites of the attacker’s choosing, where they receive $0.08c revenue from each ad click, as opposed to Google.
The ad click component parses out requests resulting from a click on Google Search and determines if it is on a whitelist.
“This ultimately results in lost revenue for Google and untold sums of money for the Flashback gang,” warns the security expert.
Considering the number of Mac’s affected by Flashback Trojan (thought to be up to 600,000), lost Google revenue could amount to $10,000 per day.
Ad-clicking Trojans are nothing new and in a recent analysis a botnet (a collection of compromised computers) measuring round 25,000 infections could generate up to $450 per day for its creator.
This is “all the more reason to keep your Mac fully patched and virus definitions up to date” Symantec says.