[ISN] Infected WordPress blogs blamed for Mac Flashback Trojan

From: InfoSec News <alerts_at_private>
Date: Fri, 20 Apr 2012 01:27:07 -0500 (CDT)
http://news.techworld.com/security/3352463/infected-wordpress-blogs-blamed-for-mac-flashback-trojan/

By John E Dunn
Techworld
19 April 2012

The source of the Apple Mac Flashback Trojan was probably a large clutch 
of compromised US-based WordPress blog websites hijacked to push 
visitors to malware hosts, Kaspersky Lab research has revealed.

As has previously been established by various sources, between September 
2011 and February of this year, the malware was distributed using social 
engineering attacks that asked users to download a bogus Adobe Flash 
Player plugin.

By late February this strategy changed thanks to a new partner program 
which distributed the malware as a drive-by attack hitting three common 
Java vulnerabilities via compromised websites.

The change in tack paid off handsomely, infecting 744,000 OS X users 
according to Kaspersky numbers culled from individual IP addresses 
connecting to its Flaskback (or ‘Flashflake’) sinkhole.

[...]


_______________________________________________
LayerOne Security Conference
May 26-27, Clarion Hotel, Anaheim, CA
http://www.layerone.org
Received on Thu Apr 19 2012 - 23:27:07 PDT

This archive was generated by hypermail 2.2.0 : Thu Apr 19 2012 - 23:30:28 PDT