Kaspersky Lab security researchers claim the Flashback Trojan for Apple's Mac computers probably started from tens of thousands of hacked WordPress blogs. At its peak, the Flashback Trojan infected more than 600,000 Macs.
In March, the malware creators changed the way they wanted the Flashback exploit to spread, moving it from a Trojan horse that enticed users to click on it by masquerading as an Adobe update to a drive-by attack that infected the systems of users who clicked on compromised or malicious Websites, according to Alexander Gostev, head of the global research and analysis team at Kaspersky.
In a post on Kaspersky’s SecureList blog, Gostev said that sometime around the end of February and the beginning of March, “tens of thousands of sites powered by WordPress were compromised. How this happened is unclear. The main theories are that bloggers were using a vulnerable version of WordPress or they had installed the ToolsPack plug-in.”