Security firm identifies origins of ‘Flashback’ Mac virus

WSJ: Apple is ‘surprised’ that it may have bankrupted its own sapphire supplier

The “Flashback” virus discovered to have infected more than 600,000 Mac computers earlier this month originated on a series of Wordpress blogs, security experts have determined. According to Alexander Gostev, head of the global research and analysis team at Kaspersky, the virus began as a trojan hidden within a fake Adobe software update. In March, however, the malware’s creators repackaged the virus in a “drive-by attack” that infected users’ Apple computers when they visited one of thousands of compromised Wordpress blogs. ”Tens of thousands of sites powered by WordPress were compromised,” Gostev wrote on Kaspersky’s SecureList blog. “How this happened is unclear. The main theories are that bloggers were using a vulnerable version of WordPress or they had installed the ToolsPack plug-in.” Apple released a system update earlier this month that patched a Java vulnerability and removed most common iterations of the Flashback virus. As of the middle of last week, however, more than 140,000 Mac computers were still infected with the virus, which is capable of intercepting private data and transmitting it without a user’s knowledge.


Related stories

140,000 Mac computers still infected by ‘Flashback’ trojan, firm says

‘Flashback’ trojan virus found to affect 600,000 Macs

Second Mac trojan discovered, also exploits Java vulnerability

Get more from Follow us on Twitter, Facebook