Antivirus firm Symantec has published a new blog post examining how the Flashback malware affecting hundreds of thousand of Macs has been generating revenue for its authors by hijacking users' ad clicks.
From MacRumors:
From MacRumors:
According to the report, the widespread nature of the infection means that malware authors could have been generating up to 10,000 per day from the scheme at its peak based on previous analysis of malware click redirection.The Flashback ad-clicking component is loaded into Chrome, Firefox, and Safari where it can intercept all GET and POST requests from the browser. Flashback specifically targets search queries made on Google and, depending on the search query, may redirect users to another page of the attacker's choosing, where they receive revenue from the click . (Google never receives the intended ad click.)Symantec's work on the ad-click hijacking aspect of Flashback comes after Russian firm Dr. Web, which was responsible for the initial publicity about the malware, published its own report examining some of the early data on infected computers seeking to connect to command-and-control servers.Flashback Malware's Ad-Click Hijacking Detailed, Could Reap $10,000/Day