14 DAY TRIAL // At its peak, the notorious Flashback Trojan infected over 600,000 Macs. However, while the threat has been mostly neutralized, experts say there are still at least 22,000 infected devices.
Intego researchers have spotted 14,248 unique identifiers of the latest version of the threat that’s designed to allow cybercriminals to steal information from infected devices.
Apple has taken some steps to disrupt the Flashback botnet, including the release of a malware removal tool and the shutdown of the domains utilized by the malware.
Intego owns some of the command and control (C&C) servers used by the Trojan. The security firm says it has spotted connections from infected devices trying to contact the sinkhole servers.
For the time being, Apple and security outfits are closely monitoring the servers so it’s difficult to revive the botnet. However, experts warn that the malware author could buy the C&C domain names in the future.
Furthermore, if at one point they’re no longer supervised, the domains could fall into the hands of other cybercriminals.