glasgowwired
Technology
Flashback 'hijacked' Google keyword searches
Published: 1st May 2012 11:27:07
The Flashback Trojan that infected Apple Mac computers could have made more than $10,000 (£6,200) a day for its creators, suggests research.
Analysis of the malicious software by security firm Symantec showed it was built to hijack Google searches.
On infected machines the malware watched for specific keywords.
When they were spotted, the Trojan re-directed users to sites that its creators were being paid to funnel people towards.
In early April, it was revealed that up to 500,000 Apple Mac computers had been infected by malicious software called Flashback.
The malware targeted a vulnerability in the Java software that is used in Windows machines, Apple computers and many others.
Macs were the biggest victims because Apple did not patch the loophole in its version of Java for several weeks after the vulnerability became known.
The Symantec analysis has revealed why the malware was created and how much cash it might have generated for its creators.
By reverse engineering the software, Symantec has discovered that it lurked on infected machines waiting until a user searched on Google for certain words such as "toys".
If a user clicked on an advert related to that search, they would never reach the site they wanted but were re-directed to others showing ads and links.
Symantec engineers found that Flashback's creators would be paid 0.008 cents every time a user was re-directed. Other malicious programs that managed to infect 25,000 victims have been seen to generate about $450 per day for their creators.
"Considering the Flashback Trojan measures in the hundreds of thousands, this figure could sharply rise to the order of $10,000 per day," wrote the Symantec researchers.
Further analysis of Flashback by Russian security firm Dr Web, which sounded the alarm about the malware, has revealed how it was controlled.
Its creators seem to have used Twitter as the command-and-control system for the huge number of machines that it infected.
Compromised machines were programmed to regularly search Twitter for messages containing particular strings of letters. These would direct infected machines to visit particular websites to get updates or receive further instructions.
Harvard Citation
BBC News, 2012. Flashback 'hijacked' Google keyword searches. [Online] (Updated 01 May 2012)Available at: http://www.glasgowwired.co.uk/news.php/1425708-Flashback-hijacked-Google-keyword-searches [Accessed 20th June 2013]
Latest News
-
At 05:01:25 in Other
Middlesbrough 'claims' designer Christopher Dresser
The "father of industrial design" is being honoured in the Teesside town where he aimed to set up an art industry colony.... -
At 04:58:12 in Other
Webcams taken over by hackers, charity warns
Webcams should be covered when not in use because hackers could be using them to spy on people, a charity advises.... -
At 00:01:54 in Other
Glasgow major events website aims to cash-in on tourism
A new website will be launched later to help businesses in Glasgow benefit from major events taking place in the city.... -
At 14:22:05 in Other
New Subway 'Bramble' smartcard prompts price changes
Prices for multiple-journey tickets on Glasgow's Subway system have had to be revised to cope with the introduction of new smartcard te... -
At 13:42:22 in Other
Tory leader Ruth Davidson knocked back by barman
The leader of the Scottish Conservatives was refused alcohol at a Bruce Springsteen concert - because the barman did not believe she was ove... -
At 13:25:07 in Other
Sheriff criticises 'confusing' anti-bigotry laws
A sheriff has described controversial legislation aimed at tackling bigotry at football matches as "confusing".... -
At 13:17:48 in Other
A lost Mackintosh cabinet returns to Glasgow
A long lost music cabinet designed by Charles Rennie Mackintosh is coming back to Glasgow.... -
At 12:03:25 in Other
Man slashed in attempted murder at Greenock flat
A man is being treated for slash wounds to his face, chest and abdomen after a fight at a flat in Inverclyde.... -
At 11:15:33 in Other
Woman stabbed in neck in attempted murder in Glasgow
Police are treating an attack on a woman who was stabbed in the neck in Glasgow as attempted murder.... -
At 00:03:47 in Other
Glasgow and Dundee researchers study why people go missing
Recommendations have been drawn up to improve support for people who have previously gone missing....
News In Other Categories
-
School librarian finds fake Blake poem
A school librarian has discovered that a poem widely attributed to William Blake, including in school reading lists, was not really written ... -
M62 hen party crash victim Bethany Jones's funeral due
The funeral of a teenager who was killed when a hen party's minibus crashed will take place later.... -
Serena Williams apologises for Steubenville rape quotes
World tennis number one Serena Williams has apologised after reportedly appearing to criticise the victim in a high-profile US rape case.... -
Patricia Quinn: 40 years in the Rocky Horror Show 'circus'
To celebrate the 40th anniversary of the Rocky Horror Show opening in London's Royal Court theatre, fans of the show from across the wo... -
Silver 'boost to antibiotic success'
Adding silver to antibiotics makes them 10 to 1,000 times more effective at fighting infections, research suggests.... -
UK banks need to plug £27bn capital hole, says PRA
UK banks need to raise billions more in capital to cover their risks, according to the financial regulator....
- Home
- Sitemap
- Publishers
- Advertisers
- Contact
-
Any copyright/incorrect article details issues should be addressed to us 'here'.
© 2010 All Rights Reserved.