Flashback OS X malware

Broderick Aquilino F-Secure

Windows has been the target of malware for decades. This has resulted in a more hardened system and a better user awareness. On the other hand, OS X has not really needed to go through all the troubles of crime fighting until recently. Now, with its growing market share and lower user awareness, it is clear that OS X is becoming more and more attractive to malware authors.

OS X was bombarded by several malware families and variants last year. Towards the end of the year, there was almost always a new malware family or variant being discovered every week. Each one is more sophisticated than the previous one. It seems that OS X malware has entered a state of accelerated evolution. At the forefront of all these was the Flashback malware.

Flashback is the most advanced OS X malware ever seen. It boasts a series of firsts for its kind. It is the first to be VMware-aware, the first to disable the built-in malware protection program of OS X, and the first to propagate via exploits. In terms of sophistication, it is stealthy to inject its code into processes of browsers. This paper will present a technical analysis of the Flashback malware family.

 del.icio.us  digg this! digg this

Quick Links

Poll
Should software vendors extend support for their products on Windows XP beyond the end-of-life of the operating system?
Yes - it keeps their users secure
No - it encourages users to continue to use a less secure OS
I don't know
Leave a comment
View 23 comments

SMI Oil and Gas Cyber Security 2014

Malware Prevalence
Adware-misc |##########|
Java-Exploit |########|
Autorun |#####|
BHO/Toolbar-misc |####|
Conficker/Downadup |###|
 View this month's full report

Virus Bulletin currently has 231,293 registered users.