Apple Event: May 7th at 7 am PT

Learn more

Add to your calendar 

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: raymondfromvista
raymondfromvista Author
User level: Level 1
8 points

What does Flashback malware do once it is installed on my machine?

Hi, Just read HT5244 About Flashback malware, and I still don't know what it does once it installs on my machine. Anone know?


Thanks.

You can call me Ray

Mac OS X (10.7.3)

Posted on Apr 12, 2012 10:28 PM

Reply
Question marked as Best reply
User profile for user: X423424X
X423424X
User level: Level 6
14,265 points

Posted on Apr 12, 2012 10:40 PM

It's not clear to anyone what it is doing at this point.


Here's a general MacWorld article about the trojans:


What you need to know about the Flashback trojan

View in context
5 replies
User profile for user: John Galt
John Galt
User level: Level 10
141,210 points

Apr 12, 2012 10:47 PM in response to raymondfromvista

Hi Ray,


Since it allows potentially malicious Java code to run on your computer, the possibilities are many. The most serious concern is a suspicion (though unverified) that Flashback and its variants could mine confidential information from your computer and upload it to whomever is collecting the data for whatever purpose it intends. A somewhat lesser but still significant concern is that it could simply cause random crashes, slowdowns, data loss and other annoyances.


To alleviate the first concern there is a tool called Little Snitch that alerts you to any outgoing network requests. It requires some knowledge of what requests are legitimate and what are suspicious, but allows you to block requests that you believe are malicious attempts to steal your information, or simple invasions of your computing privacy. It has been established that - in an attempt to conceal its existence - the malware you reference will not install itself on a computer running Little Snitch as well as a number of other third party utilities.


Little Snitch is not for everyone. If you were to use it to block all outgoing network requests, for instance, many normal and required functions would fail.

Reply
User profile for user: MadMacs0
MadMacs0
User level: Level 5
5,221 points

Apr 13, 2012 12:57 AM in response to raymondfromvista

Well, it causes crashes, but that's not on purpose and they're getting better at preventing that.


Many users report being redirected suddenly to ad sites, which is apparently how this gang gets compensated. Intego seems certain that username/password pairs are being harvested and tweeted out, but I'm only aware of one person who reported credit card fraud occurring soon after infection.


But this is back door malware, meaning they can update an infected machine at any time to attempt something else.


Why do you ask?

Reply
User profile for user: nerowolfe
nerowolfe
User level: Level 6
13,090 points

Apr 14, 2012 12:03 PM in response to raymondfromvista

With malware of any type, it is best to assume the worst - ID theft, credit card number theft, keystroke monitoring of everything you access online, etc.


In today's world, something like LifeLock Ultimate or equivalent is no longer an option, for online users, but a necessity. And no, I have no pecuniary interests with LifeLock.


Most malware today is for making money, and ID theft is one of the top priorities of these evil thugs.

Reply

What does Flashback malware do once it is installed on my machine?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up