Security Firm Symantec Analyzes the Profitability of the OSX.Flashback Botnet

Discussion in 'MacRumors.com News Discussion' started by MacRumors, May 16, 2012.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    [​IMG]

    Security firm Symantec previously estimated that the authors of the Flashback malware that affected hundreds of thousands of Macs at its peak could have been generating up to $10,000 per day by hijacking users' ad clicks. Further analysis from the company suggests that the developers may have only earned $14,000 over the three weeks the malware was active.
    Symantec notes that the malware developers displayed more than 10 million hijacked ads and could have delivered many more if the developers had been more successful in their attacks.

    Some security specialists have said that the Mac OS is "really vulnerable" to further infections, though these claims should perhaps be taken with a grain of salt -- those security specialists make their living off vulnerabilities and it is in their best interest to promote awareness of them.

    Article Link: Security Firm Symantec Analyzes the Profitability of the OSX.Flashback Botnet
     
  2. DavidTheExpert macrumors regular

    Joined:
    Apr 20, 2012
    #2
    I'll say. The more afraid we are, the more we'll pay for their placebo security software.

    I say the best security is knowing how to avoid infections in the first place. If you can learn not to download mysterious files, you're half way there.
     
  3. munkery, May 16, 2012
    Last edited: May 16, 2012

    munkery macrumors 68020

    munkery

    Joined:
    Dec 18, 2006
    #3
    So, basically, only 10000 users entered their admin passwords to allow Safari to be successfully infected.

    The other 590000 infections were incomplete due to this malware requiring some user interaction for successful infection.

    What fraction of 1% of the Mac user base does 10000 represent?
     
  4. lifeinhd macrumors 65816

    lifeinhd

    Joined:
    Mar 26, 2008
    Location:
    127.0.0.1
    #4
    Sounds like it. Some malware :rolleyes:
     
  5. munkery macrumors 68020

    munkery

    Joined:
    Dec 18, 2006
    #5
    All that media hype for just another relatively unsuccessful Mac trojan.
     
  6. macaddict06 macrumors regular

    Joined:
    Jan 17, 2006
    Location:
    about 3 meters from here. *points*
    #6
    I'd estimate the OS X install base at ~50M, so 10k/50M is 0.02%. Using common sense, 0.02% infection does not an susceptible OS make, but remember, there's always money in fear.
     
  7. thisrocks macrumors regular

    thisrocks

    Joined:
    Sep 6, 2008
    Location:
    Melbourne Australia
    #7
    This has got to be a business model right.

    Ad-hijacking. Earn heaps through people clicking on Ads, invest, profit, repay people.

    Every time I see news about flashback, I get $$ in my eyes, and spend some time admiring their enterprising attitudes. Sure they were stealing that money from ad organizations, which a lot of people will rightfully object to.

    There's got to be a legit way to do this, if only everyone didn't hate ads so much...or is that what is going to be so revolutionary with Apple's new TV? Interfacing/Interacting with ads is something that we've only really got to do through TiVo (fast forward) and YouTube...a traditional remote interface doesn't lend itself to that and stepping away from that requires a Universal remote which again, really only exists to serve to replicate the function of existing remotes, they can't add new features to TVs. I feel a new signature coming along.

    Anyone that thinks Siri is going to be how you control a TV is not a religious 30 Rock viewer.
     
  8. StrikerShoot macrumors newbie

    Joined:
    Feb 17, 2012
    Location:
    Seattle
    #8
    Considering how Flashback infects Macs, seems like a hackers' basic business model to me..

    [​IMG]
     
  9. thisrocks, May 17, 2012
    Last edited: May 17, 2012

    thisrocks macrumors regular

    thisrocks

    Joined:
    Sep 6, 2008
    Location:
    Melbourne Australia
    #9
    Thanks StrikerShoot, I love a good infographics, but I have a good understanding of the threats Malware poses, and likewise the criminal mind behind a hacker. I'm thinking Godfather 3 style, going legit.

    I was thinking without all the malicious aspects, voluntary opt-in Adnets where you technically farm all their clicks, think of it as an investment opportunity with micro returns. Micro input, micro returns. Still returns!

    It sounds heaps like a scheme/existing web advertising but with the user opted-in, subscription based system.
     
  10. Reeebo macrumors newbie

    Joined:
    Aug 21, 2010
  11. tatonka macrumors 6502a

    tatonka

    Joined:
    Aug 25, 2009
    #11
    Well there is two sides to this story. One is that the actual thread and profits where relatively small for this particular malware, but it also does show that the professional botnet operators are trying out new things. The Mac is certainly moving into the focus and that is only logical after the success the Mac has seen in recent years. For the time being we are still being relatively safe on the Mac though.

    T.
     
  12. gnasher729 macrumors P6

    gnasher729

    Joined:
    Nov 25, 2005
    #12
    If this made $14,000, shared among god-knows-how-many people, that means these malware writers should try and get a proper job instead. Crime doesn't pay - quite literally in this case.
     
  13. Mr. Dee macrumors 68000

    Mr. Dee

    Joined:
    Dec 4, 2003
    Location:
    Jamaica
    #13
    Some security specialists have said that the Mac OS is "really vulnerable" to further infections, though these claims should perhaps be taken with a grain of salt -- those security specialists make their living off vulnerabilities and it is in their best interest to promote awareness of them.

    Would this not be true of Windows too?
     
  14. OLDCODGER macrumors 6502a

    Joined:
    Jul 27, 2011
    Location:
    Lucky Country
    #14
    If you try to farm my ad-clicks, you'll starve! I don't allow ads. :)
     
  15. Nostromo macrumors 65816

    Nostromo

    Joined:
    Dec 26, 2009
    Location:
    Deep Space
    #15
    Break into people's computer to commit click fraud.

    What a business model.

    Digital parasites.
     
  16. Dr McKay macrumors 68040

    Dr McKay

    Joined:
    Aug 11, 2010
    Location:
    Kirkland
    #16
    I wish I made $14,000 in 3 weeks :(
     
  17. gnasher729, May 17, 2012
    Last edited: May 17, 2012

    gnasher729 macrumors P6

    gnasher729

    Joined:
    Nov 25, 2005
    #17
    Your maths is wrong.

    This isn't one person making $14,000 profit for three weeks of work. There is a lot more work than three weeks of hacking, with many more people involved, for a scheme that managed to produce $14,000 in revenue for three weeks and then fizzled out. A complex software project producing a total of $14,000 in revenue.

    I did a quick calculation using the total annual revenue of my company and the number of developers employed, using a number of 230 working days, and I couldn't spend more than three or four days of work for one developer for $14,000 revenue.

    I wouldn't be surprised if websites like macrumors did get more additional ad revenue due to people reading stories about flashback and clicking on ads on macrumors, than these hackers made.

    PS. Seems at least one of those hackers was angry because I told them they are stupid and doing a lot of work for very little money.
     
  18. Ynot macrumors member

    Joined:
    Jan 14, 2006
    #18
    who really writes the Malware

    Actually where are the Numbers from the Anti Virus companies that are making a mint through the new threat model. It must be good enough that Norton which was absent form the Mac Market for close to 10 years to come back with new version of there cross compile crap.
    I wish there were some independent oversight, to see who is behind the malware and if there is some cross funding going on. Or maybe find that the malware hunters are breeding the malware producers or are in real life the same entity. :eek:
     
  19. AliClifton, May 17, 2012
    Last edited: May 17, 2012

    AliClifton macrumors member

    Joined:
    Jul 6, 2008
    #19
    My completely non scientific maths says that if 0.02% of mac-users were stupid enough (maybe a bit harsh-lets say 'not savvy enough') to install this malware then around 0.02% were probably also susceptible enough to believe all the scare mongering and go and download Norton for mac or some such equally terrible software.
    Makes you think about the conspiracies people throw around, like are anti-virus companies as responsible for the original viruses as they are for the solutions.
    Either way, it's a clever self-fulfilling business model...makes you think someone must have tried it

    these numbers earned the attackers $14,000 in these three weeks, although it is worth mentioning that earning the money is only one part of the puzzle--actually collecting that money is another, often more difficult, job.

    tell me about it, Google still owes me tons of ad revenue that they are refusing to pay out because multiple clicks came from a shared ip (its called a university network you b@£%&*s) that's why I switched to renting out ad-space rather than getting revenue for impressions/clicks - i get far less, but at least i actually get it.
     
  20. Piggie macrumors G3

    Piggie

    Joined:
    Feb 23, 2010
    #20
    Yes, and we can all stay locked up indoors at home, as well.
    If we take the risk to venture outside out homes then we could get shot, run over, trip over the kerb, who knows.....

    Best just to do as we are told, never take any risks and stay safe all our lives, that way we will never be in any danger.
     
  21. gnasher729 macrumors P6

    gnasher729

    Joined:
    Nov 25, 2005
    #21
    If you think staying at home is safe, you have another think coming:

    http://www.nationmaster.com/graph/mor_fal_inv_bed-mortality-fall-involving-bed
     
  22. zzLZHzz macrumors 6502

    Joined:
    Mar 9, 2012
    #22
    human stupidity can't be cure with world best anti-virus software.
     
  23. NAG macrumors 68030

    NAG

    Joined:
    Aug 6, 2003
    Location:
    /usr/local/apps/nag
    #23
    I'm waiting for the next story about how an antivirus software update goes bad and destroys the system. Those are always fun to hear about.
     
  24. Mac Kiwi macrumors 6502a

    Joined:
    Apr 29, 2003
    Location:
    New Zealand
    #24
    I wonder how much extra money the AV companies made over the period....and whether they made as much as they thought they would.
     
  25. gnasher729 macrumors P6

    gnasher729

    Joined:
    Nov 25, 2005
    #25
    That was yesterday. Does that count as "the next story"? Headline: "'Catastrophic' Avira antivirus update bricks Windows PCs"

    http://www.theregister.co.uk/2012/05/16/avira_update_snafu/

    This "anti-virus" software thought it had found viruses in essential parts of Windows, that are actually signed by Microsoft. Someone commented "Either the bad guys cracked Microsoft's code signing; in that case we can just give up. Or they didn't, in that case the anti-virus software was wrong. In either case, the anti-virus software shouldn't touch anything that is code-signed by Microsoft".
     

Share This Page