Mac Flashback infections started at hijacked WordPress sites

Posted on Monday, April 23 2012 @ 15:52 CEST by Thomas De Maesschalck
Kaspersky Lab security researchers claim the Flashback Trojan for Apple's Mac computers probably started from tens of thousands of hacked WordPress blogs. At its peak, the Flashback Trojan infected more than 600,000 Macs.
In March, the malware creators changed the way they wanted the Flashback exploit to spread, moving it from a Trojan horse that enticed users to click on it by masquerading as an Adobe update to a drive-by attack that infected the systems of users who clicked on compromised or malicious Websites, according to Alexander Gostev, head of the global research and analysis team at Kaspersky.

In a post on Kaspersky’s SecureList blog, Gostev said that sometime around the end of February and the beginning of March, “tens of thousands of sites powered by WordPress were compromised. How this happened is unclear. The main theories are that bloggers were using a vulnerable version of WordPress or they had installed the ToolsPack plug-in.”


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments