Q2 2012: Flashback infects 10% of Macs, Android malware up 300%

Q2 2012: Flashback infects 10% of Macs, Android malware up 300%

Summary: A new Q2 2012 report finds that the Flashback Trojan infected 10 percent of home networks with Mac computers during the month of April while Android malware numbers quadrupled during the quarter.

SHARE:
binary_malware

If I had two pick just two major malware stories for Q2 2012, I would have to go with the Flashback Trojan and the Android threat explosion. New information shows just how serious the former was (Apple has largely fixed the issue) and how serious the latter still is (Google seems to be fighting a losing battle).

Kindsight recently released its 12-page Malware Report for the last quarter (PDF). Here are the top three Q2 2012 highlights:

  • The Mac Flashback infection led the top 20 lists for four weeks in a row, infecting 10 percent of home networks with Mac computers during the month of April.
  • 14 percent of home networks were infected with malware in Q2 2012, up from 13 percent in the previous quarter. 0.7 percent of all devices on mobile networks were infected, including Android phones and laptops connected to the mobile network (this is a significant number since the total device count includes a large number of feature phones that are not targets for malware).
  • Android malware samples increased by 300 percent over the past three months.

The Android malware situation isn't too surprising, but the Flashback number should raise some eyebrows. Here's the corresponding part from the report:

For the first time ever, malware targeting the Macintosh platform was in the number one position on the Kindsight Security Labs home network infections list. Our detection statistics for the month of April show that 1.1% of homes were infected with this malware. Based on a Mac market share this translates into about 10% of homes with Mac computers being infected with this malware during the month of April. Security researchers at Symantec have discovered that in addition to stealing passwords, Flashback is also being use for ad-click fraud.

In other words, the security firm is specifically looking at home networks and Mac market share to extrapolate a more accurate number. Nevertheless, I find the 10 percent statistic a little hard to believe.

KindSight also commented on the p2p ZeroAccess botnet, which changed its C&C protocol and grew to over 1.2 million computers globally. The result is ad-click fraud that can consume the equivalent bandwidth of downloading as many as 45 full length movies per month per subscriber.

"In recent months, we've seen the ZeroAccess botnet update its command and control protocol and grow to infect more computers while connecting to over one million computers globally," Kevin McNamee, Kindsight Security Labs security architect and director, said in a statement. "The concern with ZeroAccess is that it is using the subscriber's bandwidth maliciously which will cost them money as they exceed bandwidth caps. And, once the computer is compromised, it can also spread additional malware or launch new attacks."

See also:

Topics: Security, Android, Apple, Google, Malware, Mobile OS, Operating Systems

Emil Protalinski

About Emil Protalinski

Emil is a freelance journalist writing for CNET and ZDNet. Over the years,
he has covered the tech industry for multiple publications, including Ars
Technica, Neowin, and TechSpot.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

36 comments
Log in or register to join the discussion
  • nothing new...

    let us know when OS X gets hit by viruses and worms that only plague the Windoze world. Now, remember it has nothing to do with market share...thanks to FreeBSD unlike crappy NT
    shellcodes_coder
    • This report is fake

      Flashback trojan (it is not virus, it can not self replicate and infect via "contact") never confirmed to control more than few hundred thousand Macs. It is a lot, but nothing to do with this nonsensical seven million claim.

      Also, while Android malware grows explosively, absolute figures are still tiny and those "up 300%" is not indication of real tendency. Maybe the tendency will be bad, but even if so absolute figures have to be higher and more mature to confirm or deny that.

      So this report is just tabloidish junk.
      DDERSSS
      • Ed Bott also endorsed this 10 percent OS X infection rate.

        Personally, I checked my system and I was not infected. But one would one think that on my unprotected system, I "should have been" infected since there was a 1 in ten chance that I would have come in contact with this trojan. Since my system didn't get infected, I also doubt this reported ten percent infection rate.

        One in ten OS X systems infected? Really, that doesn't seem right.
        kenosha77a
        • I've never had malware on my Windows machine

          Guess that means there is no Windows malware. If anyone dares throw out silly things like numbers, I'll simply respond with "Huh, that doesn't seem right to me. QED."
          toddbottom3
          • Good comeback, Todd. I never stated that it was an incorrect statement

            regarding the 10 percent infection rate. My opinion was just that - an opinion. Would you have preferred that I used the phrase - It's hard to believe - rather than - that doesn't seem right?

            You are trying too hard to demonize persons or opinions. Perhaps your horns are growing on you.
            kenosha77a
          • Hey, no skin off my back

            I find it hard to believe there is any Windows malware because I've never gotten infected by any. Hey, that's just my opinion.

            I'm glad to hear that you are open to the idea that maybe your sample of 1 could lead to some pretty uninformed opinions.
            toddbottom3
          • I find it hard to believe

            the claims of ANY Windows user when they say they've NEVER been infected by any stripe of viruses or malware, especially when going back a decade or more.

            How long have you been on the Internet?
            klumper
          • Why do you find it hard to believe?

            Just curious what rationale you use to determine that it is pretty much impossible to use Windows without ever getting infected by anything.
            toddbottom3
          • I'm a big Mac fan, but I'm with tb3 on this one.

            I use Mac at home, but also use Windows extensively in business and (less and less) at home. I haven't had any Windows malware infections or any Windows BSODs that weren't caused by faulty hardware since 1998. My sister-in-law gets Windows malware all the time, but that's because she and my nephew do dumb shit all the time.
            RationalGuy
          • I agree

            I am a big Mac Fan these days, 100% Mac user at home, and I even use a Macbook at work but I am RDP'ed into my Windows 7 VDI for everything that is Windows only (ADUC, SCCM, SCOM, SCVMM...etc).

            Both Windows 7 and Mac are super stable, no Blue or grey screens of deaths in years, no malware either. I recently updated my sisters Windows 7 computer for her and when it rebooted it threw a blue screen, (bad new updated driver) but when it rebooted it automatically rolled that particular driver back....pretty dam cool.
            JeveSobs
          • Mac fanbois believe that all Windows systems are infected

            Steve told them so...
            honeymonster
          • Windows flunkies

            ... would have you believe that all people who use Macs are mindless hippies with no grounding in tech, with lots of disposable cash an little sense, who just want to show off their conspicuous consumption, and have no real work to do, other than read e-mail (as if there aren't real jobs that aren't almost totally conducted over e-mail) and surf YouTube.
            I.e. Windows fanboys don't know crap.

            And FTR, none of my Windows boxes have ever been infected either (and that goes back to Windows 1.0) even with little or no A/V. Big deal.
            And also irrelevant.
            .DeusExMachina.
          • i have NEVER been infected

            running Windows since 3.1. Believe it or not.
            honeymonster
          • Windoze usr since 98 - no virus

            Yep, since them dark days of 98 (pre SE), no viruses, Trojans (of the computer type...or horses either actually), no wabbits, nuthin. Just danged dust bunnies.

            Yep, I know lots of Windoze zombies that got them a virus, but I guess I'm one of them lucky wunz.
            Raid60
          • Considering the mountain of data evincing your innumeracy

            you are really in no position to be calling anyone out on math.
            .DeusExMachina.
          • do you have xcode or ms office on your mac?

            that would explain it
            honeymonster
          • Explain what, exactly?

            How does having either XCode or MS Office explain his lack of Mac malware?!?
            Or if you are trying to imply the reverse (which evinces very poor logical reasoning skills, and even poorer English) how on earth are you claiming XCode is a vector for anything?
            .DeusExMachina.
          • That seems to be the mentality

            If it doesn't happen to you then it's not real. Mac people have lots of cash, so when sensitive information gets stolen it's no big deal. At least it's not a virus or worm...
            SteveWojo
          • Thanks for making it clear

            that you don't know what you are talking about. Many mac users most certainly do NOT have a lot of money.
            .DeusExMachina.
          • Just used ComboFix a couple of months ago

            For an infected Windows 7 Home Premium machine that my brother was using.

            Sure, no Windoze malware.... lol...

            And I'm sure these folks would beg to disagree with todd's bottom

            http://www.bleepingcomputer.com/forums/forum167.html
            CaviarBlack