Flashback malware generated $10k per day in fraudulent ad clicks

By on May 2, 2012, 2:00 PM

People usually speculate as to why someone would create a virus or piece of malware that seemingly does nothing more than cause harm to someone they don’t even know. Are these social outcasts, still living in their mother’s basement with nothing better to do than complicate other people’s lives, or is there more to it?

If you selected the second option, you win. As it turns out, the real motivation behind most malware and viruses is money. In the case of the recent Flashback malware that affected hundreds of thousands of Macs worldwide, an ad-clicking component was also installed that would hijack clicks that Google should have received. This resulted in lost revenue for the search giant and a massive payday for the person(s) behind Flashback.

Symantec highlights an analysis of the W32.Xpaj.B botnet from last year that generated roughly 25,000 infections. The security team concluded that this botnet was likely able to generate around $450 per day in ad revenue for the author. Considering more than 600,000 Macs were infected with Flashback during its peak, it’s easy to see how this figure could rise to as much as $10,000 daily for the creator(s).

Flashback was distributed through a Java vulnerability that Oracle patched in February for PC users. Those running Macs, on the other hand, didn’t get the patch for another six weeks which was plenty of time for the malware to spread to the level it ultimately reached.




User Comments: 12

Got something to say? Post a comment
Guest said:

Thus i do not understand why apple continue this trend of only allowing these updates to 0 day vunerablities to be patched when apple sees fit to do so, my friend has an apple he uses for work we wanted to play minecraft one day on my server and i asked him to grab a newer java client as the one he had was causing issues for him witht he minecraft client and he said "sorry i cannot i have to wait on apple to update it before i can use it in my OS.."

I then was thinking, what about the 0 day status of security fixes what does an person using Apple OS do about that and since his machine is a buisness machine wouldn't it make more sense to have the option of administrating patches yourself rather than cross ones fingers and hope apple authorise the patch among other runtimes java is just one i really thought some OEM companys were bad the wayt ehy handle service packs with windows enviroment i know see why i dont use OEM machines or apple after this insight.

Guest said:

at 10k a day (even if only $450 a day) theys guys ARE NOT living in their moms basement.

SNGX1275 SNGX1275, TS Forces Special, said:

Thus i do not understand why apple continue this trend of only allowing these updates to 0 day vunerablities to be patched when apple sees fit to do so, my friend has an apple he uses for work we wanted to play minecraft one day on my server and i asked him to grab a newer java client as the one he had was causing issues for him witht he minecraft client and he said "sorry i cannot i have to wait on apple to update it before i can use it in my OS.."

I then was thinking, what about the 0 day status of security fixes what does an person using Apple OS do about that and since his machine is a buisness machine wouldn't it make more sense to have the option of administrating patches yourself rather than cross ones fingers and hope apple authorise the patch among other runtimes java is just one i really thought some OEM companys were bad the wayt ehy handle service packs with windows enviroment i know see why i dont use OEM machines or apple after this insight.

Lion doesn't come with Java by default. But it is still managed by Apple - so delays in patches. With Mountain Lion, Apple no longer controls Java, it will have to be dled from Oracle and will have to be patched by Oracle. So while the way it is handled now sucks, it is being remedied soon.

bexwhitt said:

Java is old tech, I don't install it on new builds, there is no point

Guest said:

The memory leaks from java are insane I only run 1 java app and that's minecraft on my windows PC and it instantly gets to 1GB of ram and its like how is that possible? latest updates etc and still buggy as hell come on.

Staff
Rick Rick, TechSpot Staff, said:

The memory leaks from java are insane I only run 1 java app and that's minecraft on my windows PC and it instantly gets to 1GB of ram and its like how is that possible? latest updates etc and still buggy as hell come on.

Java doesn't "leak memory" like crazy... It's just the nature of its garbage collection methods. If you do experience a memory leak, it is almost certainly the application you're using and not Java's fault.

An intro to garbage collection:

[link]

treetops treetops said:

Well my first computer was destroyed by some sort of virus that made my hd fill up then my computer over heat and die. At least I suspected it was a virus. I couldn't delete anything. I understand greed but not randomly damaging property. Its like walking up to a random persons house and throwing a brick through a window.

Timonius Timonius said:

at 10k a day (even if only $450 a day) theys guys ARE NOT living in their moms basement.

Actually yes they are. How else are they going to keep a low profile? They just built a secret batcave underneath the basement that mommy dear doesn't know about :P

Guest said:

This article is so brainless. It acuses apple for doing wrong when in fact its java that sucks. I had my mac for 3 years now and never used java aps at all. I don't even use flash on it. I have windows in a virtual machine so I only use add ons in windows. When windows gets infected I just delete the vm file and recopy the original instal file and restart. Wala windows roll back. So no need for me to run anti virus. Mac I never have problems since the browser runs without any add ons and the directory is locked. App firewall is good too. I have 5 firewalls with port forwarding. Yeah I know i am over doing it in that area but you can never be too careful. My ccnp helps a lot.

Guest said:

Whoa. I need to learn how to do that kinda stuff just to hijack clicks LOL

Guest said:

ROFL 5 firewalls, you serious?

SNGX1275 SNGX1275, TS Forces Special, said:

Sounded like an elaborate trolling to me.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.