Symantec: Flashback Capable of Generating $10,000 Per Day at Peak

Flashback RevenueImage via Shutterstock.

The waves of Flashback malware that attacked Macs over the past two months could have netted its creators up to $10,000 per day during its peak, antivirus firm Symantec explained in a blog post late Monday. After analyzing infected code, Symantec revealed that the primary purpose of the malware was to intercept infected users’ Google searches and redirect them to hijacked advertisements that provided the cyber criminals with revenue.

“Flashback specifically targets search queries made on Google and, depending on the search query, may redirect users to another page of the attacker’s choosing, where they receive revenue from the click,” Symantec’s post stated. “This ultimately results in lost revenue for Google and untold sums of money for the Flashback gang.”

Infected Macs running Safari, Firefox, or Chrome were all impacted by the malware, and users on those machines unwittingly acted to provide Flashback’s creators with ad revenue until they were patched.

While malware designed to hijack users’ computers for the purpose of generating money is nothing new, Flashback marked the first time that such a technique was widely successful on Apple’s OS X platform.  

Flashback was able to infiltrate Macs via a security flaw in OS X’s implementation of Java. Apple has since patched Java to correct the vulnerability and has released tools to remove the infection. Mac OS X users who have yet to update their Macs are strongly encouraged to do so by running Software Update.