Kaspersky cautions public on spreading botnet virus

CEBU, Philippines - Secure content and threat management solutions developer Kaspersky Lab has released a warning against the massive spread of Flashfake botnet that infected computers worldwide, mostly likely those running Mac OS X.

The botnet, the company warned is being distributed via infected websites as a Java applet that pretends to be an update for the Abode Flash Player.

In a statement, Kaspersky Lab reported that about 670,000 computers worldwide, or 98 perecnt of them running Mac OS X, were inflected by Flashfake. The company further attest that this is the largest Mac-based infection to date, with the largest number of victims targeting developed country.

The United States had the most infected computers (300,917), followed by Canada (94,625), the United Kingdom (47,109) and Australia (41,600).

According to the report, infections also sound in France with 7,891 computers affected, Mexico, Spain, Germany, and Japan.

The Philippines is among the countries that contribute the average count of one thousand to 2,547, said Kaspersky Lab security expert, Igo Soumenkov.

Likewise, security expert Alexander Gostev stated that they were able to reverse-engineer the Flashfake malware that enabled them to successfully analyze the communications between infected computers and the command and control (C&C) servers of Flashfake. 

“After intercepting one of the domain names used by the Flashback/Flashfake Mac Trojan and setting up a special sinkhole server last Friday, April 6, we managed to gather stats on the scale and geographic distribution of the related botnet. We continued to intercept domain names after setting up the sinkhole server and we are currently still monitoring how big the botnet is. We have recorded a total of 670,000 unique bots. Over the weekend of April 7 to 8, we saw a significant fall in the number of connected bots,” added Gostev.

Kaspersky Lab is also directing users to visit the website www.flashbackcheck.com, specifically made to determine if a computer is infected with the malware using a tool that looks into the device’s universal unique identifier (UUID). It also has instructions on how remove the malware if it is found. — (FREEMAN)