Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Russian Cyber Criminal Unmasked As Creator of "Most Successful" Apple Malware

samzenpus posted about a year and a half ago | from the who's-to-blame dept.

Security 68

DavidGilbert99 writes "It was the malware which affected as many Apple computers as the Conficker worm affected Windows PCs and earned its creator up to $10,000 per day. Until now, no one know who was behind the Flashback Trojan which hit 650,000 computers last year, but security researcher Brian Krebs has managed to uncover the creator as a 30-year-old Russian cyber criminal."

Sorry! There are no comments related to the filter you selected.

apples response? (4, Funny)

Nyder (754090) | about a year and a half ago | (#43354999)

based on how they go after prototypes that get lost, you'd think they got an iDrone heading his way....

I wouldn't shed a tear (4, Interesting)

PapayaSF (721268) | about a year and a half ago | (#43355137)

I wouldn't shed a tear if malware authors and spammers started having fatal accidents. In fact, I'd love it if some tech billionaire had a private hit squad for just that purpose.

Re:I wouldn't shed a tear (3, Interesting)

Anonymous Coward | about a year and a half ago | (#43355155)

Well, if you ever have jury duty, I really hope you do try to get out of it. If all else fails, show them this comment and how you believe thats correct action.

Re:I wouldn't shed a tear (5, Funny)

srussia (884021) | about a year and a half ago | (#43355185)

In fact, I'd love it if some tech billionaire had a private hit squad for just that purpose.

"I don't need no stinkin' hit squad! -- John McAfee

Re:I wouldn't shed a tear (1)

santax (1541065) | about a year and a half ago | (#43355879)

Lol, if only I had modpoints :)

Re:I wouldn't shed a tear (0)

Anonymous Coward | about a year and a half ago | (#43357225)

In fact, I'd love it if some tech billionaire had a private hit squad for just that purpose.

"I don't need no stinkin' hit squad! -- John McAfee

Couldn't agree more. One day I will be this "tech billionaire" and will own this "hit squad". Thank you "Blackwater" for your future service.

Re:I wouldn't shed a tear (3, Funny)

tehcyder (746570) | about a year and a half ago | (#43355783)

I wouldn't shed a tear if malware authors and spammers started having fatal accidents. In fact, I'd love it if some tech billionaire had a private hit squad for just that purpose.

Indeed, I think they should being back public hanging (and disembowelling) for anyone caught stealing anything worth more than a loaf of bread. Those were the days! A nice family day out at Tyburn Tree, and if you were lucky they got the rope length wrong and someone's head was ripped clean off.

Proportionality is everything.

Re:I wouldn't shed a tear (4, Insightful)

benjfowler (239527) | about a year and a half ago | (#43355807)

The Chinese, the thugs that they are, are onto something.

Kill the chicken to warn the monkeys.

Wrong superior race (0)

Anonymous Coward | about a year and a half ago | (#43359485)

As far as I know, "thug" comes from the indian thuggies. Which is another reason for the superior races to deal with each other and afterwords we will see (I do not think it is a coincidence they both speak English amongst them). If even Apple can get malware is because anything may happen. Though I imagine it refers to the new BSD era.

Re:I wouldn't shed a tear (2)

PapayaSF (721268) | about a year and a half ago | (#43357809)

If it's one stolen loaf of bread or one burglarized home, I agree. But when the victims number in the millions, that changes the proportionality.

Re:I wouldn't shed a tear (1)

Doubting Sapien (2448658) | about a year and a half ago | (#43355867)

Well, that wouldn't be nearly as cool as assembling a posse of nerd Avengers and publicly humiliate the damn bastard in the most awesomely creative way possible. The guilty should live if for no other reason than to suffer the ridicule and retribution of those who've been harmed by said malware.

Re:I wouldn't shed a tear (1)

DarkOx (621550) | about a year and a half ago | (#43356297)

grief the griefers is at least a proportional response.

Re:I wouldn't shed a tear (2)

tqk (413719) | about a year and a half ago | (#43357081)

The guilty should live if for no other reason than to suffer the ridicule ...

Ridicule? $10,000/day and more than half a million computers pwned, he succeeded way beyond his wildest dreams! We can only dream about making a mark that big. No, I don't like malware and spam, but I do appreciate he did what he set out to do, spectacularly. Had I chosen that as a goal, I'd be beaming with pride right now.

Re:I wouldn't shed a tear (1)

ls671 (1122017) | about a year and a half ago | (#43355929)

Then, government agencies would tend to be the only game in town remaining and we may not hear about the need to patch our systems anymore.

Re:I wouldn't shed a tear (1)

Novogrudok (2486718) | about a year and a half ago | (#43356207)

You are sick if you equate minor inconvenience with your precious Mac computer and a loss of human life.

Re:I wouldn't shed a tear (1)

hawkinspeter (831501) | about a year and a half ago | (#43356387)

Unfortunately, most people will pay a lot more for Mac computers than they are prepared to pay to prevent human deaths across the world.

Re:I wouldn't shed a tear (1)

smooth wombat (796938) | about a year and a half ago | (#43356461)

If people like this make the conscious decision to annoy and possibly wreck other people's lives just for some cash, why should we care about them and what happens to them? Obviously they have made the choice to not live within the common bounds of society and instead have taken to theft and possibly destruction.

What harm can there be by getting rid of such people rather than having to constantly spend our time and money to undo what they have done?

Re:I wouldn't shed a tear (1)

tqk (413719) | about a year and a half ago | (#43357191)

What harm can there be by getting rid of such people rather than having to constantly spend our time and money to undo what they have done?

If you're constantly spending time and money undoing what they've done, you're doin' it wrong. You're saying the wall around the Walled Garden is one foot high. People like this are doing you a service showing you how vulnerable you really are.

Obviously they have made the choice to not live within the common bounds of society ...

Somebody needs to read Thoreau.

Re:I wouldn't shed a tear (1)

the_B0fh (208483) | about a year and a half ago | (#43357341)

You travel to work in a tank, and have a fully armored environmental suit on at all times right? Because anyone can walk up to you and show you how vulnerable you are at any time.

This has got to be one of the stupidest arguments against it.

Re:I wouldn't shed a tear (1)

tqk (413719) | about a year and a half ago | (#43357627)

You travel to work in a tank, and have a fully armored environmental suit on at all times right?

That's the best description of *nix I've seen in a while, thanks.

Because anyone can walk up to you and show you how vulnerable you are at any time.

I've no doubt they try. So far, so good. What'd you pay for that foot high walled garden you put your trust in?

Re:I wouldn't shed a tear (1)

operagost (62405) | about a year and a half ago | (#43362005)

Is your *nix "tank" one on this list? Mind you, this is just the vulnerabilities from one week. Enjoy!

QID Sev. Title
121024 V 3 Red Hat Update for krb5 (RHSA-2013... (CVE-2012-1016, RHSA-2...)
121021 V 3 Solaris Multiple Vulnerabili... (CVE-2012-2733, Solari...) [PCI]
121022 V 3 Solaris Multiple Vulnerabili... (CVE-2012-2807, Solari...) [PCI]
195324 V 4 Ubuntu Security Notification for L... (CVE-2012-4461, USN-16...)
195325 V 4 Ubuntu Security Notification... (CVE-2013-0743, USN-16...) [PCI]
195326 V 4 Ubuntu Security Notification... (CVE-2013-0743, USN-16...) [PCI]
195327 V 4 Ubuntu Security Notification... (CVE-2012-5668, USN-16...) [PCI]
195319 V 4 Ubuntu Security Notification... (CVE-2012-2783, USN-17...) [PCI]
195320 V 4 Ubuntu Security Notification... (CVE-2012-0572, USN-17...) [PCI]
195321 V 4 Ubuntu Security Notification... (CVE-2012-4429, USN-17...) [PCI]
195322 V 4 Ubuntu Security Notification... (CVE-2011-3378, USN-16...) [PCI]
195323 V 4 Ubuntu Security Notification... (CVE-2012-6075, USN-16...) [PCI]
195318 V 4 Ubuntu Security Notification for L... (CVE-2013-0176, USN-17...)
121023 V 3 Red Hat Update for pidgin (R... (CVE-2013-0272, RHSA-2...) [PCI]
195279 V 4 Ubuntu Security Notification for X... (CVE-2013-0241, USN-17...)
156533 V 3 Oracle Enterprise Linux Update for... (CVE-2012-3955, ELSA-2...)
156531 V 3 Oracle Enterprise Linux Upda... (CVE-2011-2504, ELSA-2...) [PCI]
156532 V 3 Oracle Enterprise Linux Upda... (CVE-2012-4450, ELSA-2...) [PCI]
156529 V 2 Oracle Enterprise Linux Upda... (CVE-2012-0862, ELSA-2...) [PCI]
156528 V 3 Oracle Enterprise Linux Upda... (CVE-2012-4508, ELSA-2...) [PCI]
156526 V 3 Oracle Enterprise Linux Upda... (CVE-2012-3411, ELSA-2...) [PCI]
156525 V 5 Oracle Enterprise Linux Upda... (CVE-2013-0169, ELSA-2...) [PCI]
156524 V 5 Oracle Enterprise Linux Upda... (CVE-2013-0169, ELSA-2...) [PCI]
156549 V 3 Oracle Enterprise Linux Upda... (CVE-2012-3386, ELSA-2...) [PCI]
156523 V 5 Oracle Enterprise Linux Upda... (CVE-2013-0169, ELSA-2...) [PCI]
156527 V 3 Oracle Enterprise Linux Update for... (CVE-2012-3411, ELSA-2...)
156522 V 5 Oracle Enterprise Linux Upda... (CVE-2013-0775, ELSA-2...) [PCI]
156521 V 5 Oracle Enterprise Linux Upda... (CVE-2013-0775, ELSA-2...) [PCI]
156554 V 4 Oracle Enterprise Linux Upda... (CVE-2012-5519, ELSA-2...) [PCI]
156552 V 4 Oracle Enterprise Linux Upda... (CVE-2013-0871, ELSA-2...) [PCI]
156553 V 4 Oracle Enterprise Linux Upda... (CVE-2013-0292, ELSA-2...) [PCI]
156551 V 3 Oracle Enterprise Linux Update for... (CVE-2012-5689, ELSA-2...)
156550 V 3 Oracle Enterprise Linux Upda... (CVE-2012-4546, ELSA-2...) [PCI]
156519 V 3 Oracle Enterprise Linux Upda... (CVE-2012-5784, ELSA-2...) [PCI]
156520 V 3 Oracle Enterprise Linux Upda... (CVE-2012-5783, ELSA-2...) [PCI]
195317 V 4 Ubuntu Security Notification... (CVE-2012-5656, USN-17...) [PCI]
156557 V 3 Oracle Enterprise Linux Update for... (CVE-2012-4398, ELSA-2...)
156558 V 3 Oracle Enterprise Linux Upda... (CVE-2012-4530, ELSA-2...) [PCI]
156555 V 3 Oracle Enterprise Linux Update for... (CVE-2013-0338, ELSA-2...)
156556 V 3 Oracle Enterprise Linux Update for... (CVE-2012-5643, ELSA-2...)
156518 V 3 Oracle Enterprise Linux Upda... (CVE-2012-4512, ELSA-2...) [PCI]
156530 V 1 Oracle Enterprise Linux Update for... (CVE-2011-2722, ELSA-2...)
195315 V 4 Ubuntu Security Notification for P... (CVE-2013-0255, USN-17...)
156547 V 2 Oracle Enterprise Linux Upda... (CVE-2010-4530, ELSA-2...) [PCI]
156548 V 3 Oracle Enterprise Linux Upda... (CVE-2010-4531, ELSA-2...) [PCI]
156534 V 5 Oracle Enterprise Linux Upda... (CVE-2012-1182, ELSA-2...) [PCI]
156535 V 3 Oracle Enterprise Linux Upda... (CVE-2013-0219, ELSA-2...) [PCI]
156536 V 3 Oracle Enterprise Linux Update for... (CVE-2012-4517, ELSA-2...)
156537 V 2 Oracle Enterprise Linux Upda... (CVE-2012-4543, ELSA-2...) [PCI]
156538 V 3 Oracle Enterprise Linux Upda... (CVE-2008-0455, ELSA-2...) [PCI]
156539 V 5 Oracle Enterprise Linux Upda... (CVE-2011-1398, ELSA-2...) [PCI]
156540 V 5 Oracle Enterprise Linux Upda... (CVE-2012-1182, ELSA-2...) [PCI]
156541 V 3 Oracle Enterprise Linux Upda... (CVE-2011-3201, ELSA-2...) [PCI]
156542 V 3 Oracle Enterprise Linux Upda... (CVE-2013-0157, ELSA-2...) [PCI]
156543 V 3 Oracle Enterprise Linux Upda... (CVE-2012-5536, ELSA-2...) [PCI]
156544 V 3 Oracle Enterprise Linux Upda... (CVE-2011-2166, ELSA-2...) [PCI]
156545 V 3 Oracle Enterprise Linux Upda... (CVE-2011-3148, ELSA-2...) [PCI]
156546 V 3 Oracle Enterprise Linux Upda... (CVE-2011-4355, ELSA-2...) [PCI]
156559 V 3 Oracle Enterprise Linux Upda... (CVE-2012-4929, ELSA-2...) [PCI]
156560 V 3 Oracle Enterprise Linux Upda... (CVE-2013-1619, ELSA-2...) [PCI]
156561 V 3 Oracle Enterprise Linux Upda... (CVE-2013-0308, ELSA-2...) [PCI]
156562 V 3 Oracle Enterprise Linux Upda... (CVE-2013-0288, ELSA-2...) [PCI]
156563 V 4 Oracle Enterprise Linux Upda... (CVE-2012-3400, ELSA-2...) [PCI]
156564 V 5 Oracle Enterprise Linux Upda... (CVE-2012-6075, ELSA-2...) [PCI]
156565 V 5 Oracle Enterprise Linux Upda... (CVE-2013-0809, ELSA-2...) [PCI]
156566 V 5 Oracle Enterprise Linux Upda... (CVE-2013-0809, ELSA-2...) [PCI]
156567 V 5 Oracle Enterprise Linux Upda... (CVE-2013-0809, ELSA-2...) [PCI]
156568 V 5 Oracle Enterprise Linux Upda... (CVE-2013-0809, ELSA-2...) [PCI]
156569 V 5 Oracle Enterprise Linux Upda... (CVE-2012-6075, ELSA-2...) [PCI]
156570 V 5 Oracle Enterprise Linux Upda... (CVE-2012-6075, ELSA-2...) [PCI]
156571 V 3 Oracle Enterprise Linux Update for... (CVE-2013-1821, ELSA-2...)
156572 V 3 Oracle Enterprise Linux Update for... (CVE-2012-4481, ELSA-2...)
156573 V 3 Oracle Enterprise Linux Upda... (CVE-2013-0787, ELSA-2...) [PCI]
156574 V 4 Oracle Enterprise Linux Update for... (CVE-2013-0268, ELSA-2...)
156575 V 3 Oracle Enterprise Linux Update for... (CVE-2012-3546, ELSA-2...)
156576 V 3 Oracle Enterprise Linux Upda... (CVE-2013-0787, ELSA-2...) [PCI]
156577 V 3 Oracle Enterprise Linux Update for... (CVE-2013-0312, ELSA-2...)
156578 V 3 Oracle Enterprise Linux Upda... (CVE-2013-0228, ELSA-2...) [PCI]
156579 V 3 Oracle Enterprise Linux Upda... (CVE-2012-3546, ELSA-2...) [PCI]
156580 V 3 Oracle Enterprise Linux Upda... (CVE-2013-0272, ELSA-2...) [PCI]
156581 V 3 Oracle Enterprise Linux Update for... (CVE-2012-1016, ELSA-2...)
195328 V 4 Ubuntu Security Notification... (CVE-2012-3546, USN-16...) [PCI]
195329 V 4 Ubuntu Security Notification for L... (CVE-2012-4530, USN-16...)
195330 V 4 Ubuntu Security Notification for L... (CVE-2012-4530, USN-16...)
195331 V 4 Ubuntu Security Notification... (CVE-2012-6085, USN-16...) [PCI]
195332 V 4 Ubuntu Security Notification for Firefox Re... (USN-16...) [PCI]
195333 V 4 Ubuntu Security Notification for Firefox Re... (USN-16...) [PCI]
195334 V 4 Ubuntu Security Notification... (CVE-2012-5829, USN-16...) [PCI]
195335 V 4 Ubuntu Security Notification... (CVE-2012-5829, USN-16...) [PCI]
195336 V 4 Ubuntu Security Notification for Moin Vulne... (USN-16...) [PCI]
195337 V 4 Ubuntu Security Notification for L... (CVE-2012-5517, USN-16...)
195338 V 4 Ubuntu Security Notification... (CVE-2012-2777, USN-16...) [PCI]
195339 V 4 Ubuntu Security Notification for Apport Update (U... (USN-16...)
195340 V 4 Ubuntu Security Notification... (CVE-2012-5468, USN-16...) [PCI]
195341 V 4 Ubuntu Security Notification... (CVE-2012-4444, USN-16...) [PCI]
195342 V 4 Ubuntu Security Notification... (CVE-2012-4444, USN-16...) [PCI]
195343 V 4 Ubuntu Security Notification... (CVE-2012-5576, USN-16...) [PCI]
195344 V 4 Ubuntu Security Notification... (CVE-2012-5611, USN-16...) [PCI]
195345 V 4 Ubuntu Security Notification... (CVE-2012-5134, USN-16...) [PCI]
195346 V 4 Ubuntu Security Notification... (CVE-2012-5581, USN-16...) [PCI]
195347 V 4 Ubuntu Security Notification... (CVE-2012-5519, USN-16...) [PCI]
195348 V 5 Ubuntu Security Notification... (CVE-2012-4565, USN-16...) [PCI]
195349 V 3 Ubuntu Security Notification for L... (CVE-2012-0957, USN-16...)
195350 V 4 Ubuntu Security Notification... (CVE-2012-4565, USN-16...) [PCI]
195351 V 3 Ubuntu Security Notification for L... (CVE-2012-4565, USN-16...)

Re:I wouldn't shed a tear (1)

Plumpaquatsch (2701653) | about a year and a half ago | (#43367029)

You travel to work in a tank, and have a fully armored environmental suit on at all times right?

That's the best description of *nix I've seen in a while, thanks.

Because anyone can walk up to you and show you how vulnerable you are at any time.

I've no doubt they try. So far, so good. What'd you pay for that foot high walled garden you put your trust in?

I don't know what is more facepalmier about your post, that fact that you seem to be ignorant to the fact that Mac OS X is *nix, or that you think that thanks to *nix you are safe from harm despite the fact that several people have been "doing you a service showing you how vulnerable you really are", as you put it.

Then again, the second is certainly it. The smugness of a Linux user proclaiming how smug Mac users are about security just can't be beaten.

Re:I wouldn't shed a tear (2)

monzie (729782) | about a year and a half ago | (#43356505)

Surely you don't want human beings DYING for spamming. I hate spam and spammers but that does sound a bit over the top.

Re:I wouldn't shed a tear (0)

Anonymous Coward | about a year and a half ago | (#43356987)

He won't be extradited - Russia won't do that. (Which is how every country should be).

Re:apples response? (1)

affenhund (1371117) | about a year and a half ago | (#43355605)

based on how they go after prototypes that get lost, you'd think they got an iDrone heading his way....

In this case there was no prototype "lost" by the marketing department.

Re:apples response? (1)

mwvdlee (775178) | about a year and a half ago | (#43355763)

Why? Unlike the lost prototypes, this malware has no positive marketing value, so no need for Apple to bring it to the public attention any more.

Re:apples response? (1)

ahabswhale (1189519) | about a year and a half ago | (#43358933)

They have to be that way otherwise Samsung will just rip them off that much faster.

Cyber criminal (4, Funny)

fustakrakich (1673220) | about a year and a half ago | (#43355003)

Does this mean we won't hear the word 'hacker' anymore?

Re:Cyber criminal (1)

Antiocheian (859870) | about a year and a half ago | (#43355169)

What about Cyberiminal ?

GOOD! (1)

Anonymous Coward | about a year and a half ago | (#43355215)

As much as I HATE "cyber" I'm for anything that replaces the abuse "hacker" has taken.

Re:GOOD! (0)

Anonymous Coward | about a year and a half ago | (#43356343)

Cyberhacker!

Re:Cyber criminal (0)

Anonymous Coward | about a year and a half ago | (#43355283)

No, it means we're all cyber pirates now, arrrr!

Re:Cyber criminal (1)

ButchDeLoria (2772751) | about a year and a half ago | (#43355353)

No, the general public will start using the word cyberhacker.

Re:Cyber criminal (0)

Anonymous Coward | about a year and a half ago | (#43355921)

If you put malware on an Apple computer, does it then work better?

Re:Cyber criminal - PC Term (1)

uslurper (459546) | about a year and a half ago | (#43358889)

Thats the PC term now. We dont want those humans feeling targeted by a bias.
So the term "Cyber Criminal" is used instead which is inclusive of bots, ai's, aliens, lawl cats, etc.

Russian spam (3, Funny)

slackware 3.6 (2524328) | about a year and a half ago | (#43355023)

I had this nice Russian fellow spoofing my email to spam others when I discovered this (thanks to an email from an ISP admin in Denmark) I figured out who he was through his ISP in the Ukraine. I then proceded to phone him at 3am his time every day for weeks. It was awesome. Then after his wife stopped answering the phone and some complaints to his Ukraine ISP his internet service was canceled.

Re:Russian spam (1)

noh8rz10 (2716597) | about a year and a half ago | (#43355181)

For realsies? That is really impressive.

Re:Russian spam (1)

Anonymous Coward | about a year and a half ago | (#43355293)

Are you sure his computer was not cracked or part of a botnet?

Re:Russian spam (1)

slackware 3.6 (2524328) | about a year and a half ago | (#43355379)

If it was than I did him a favour and notifed him his identity was being used the register several questionable domain names.

Re:Russian spam (1)

qaz123 (2841887) | about a year and a half ago | (#43355621)

If he is in the Ukraine, why do you call him Russian?

Re:Russian spam (0)

Anonymous Coward | about a year and a half ago | (#43355707)

Russians are allowed to live in the Ukraine you know.

Besides, since Ukrainians decided to hand their nation back to puppets of Russia last election they may as well be called Russians themselves anyway as it seems they're quite happy being a puppet state given that they opted for that rather than to run with the opportunity to be truly free and independent like other ex-soviet states did.

Re:Russian spam (1)

monzie (729782) | about a year and a half ago | (#43356511)

probably because the story isn't true.

Re:Russian spam (1)

slackware 3.6 (2524328) | about a year and a half ago | (#43357491)

I didn't know all wires stop at the Russian border.
I live in Canada and I used to get my dial-up from the US back in 9600 baud days. You see some areas didn't have ISP's that were in the local calling area back then.

Re:Russian spam (1)

slackware 3.6 (2524328) | about a year and a half ago | (#43357223)

His ISP was in the Ukraine. I got his information from his ISP and he lived in Russia.

Re:Russian spam (1)

m1ndcrash (2158084) | about a year and a half ago | (#43358885)

Forgive me, but it still sounds stupid.

Re:Russian spam (1)

Anonymous Coward | about a year and a half ago | (#43355717)

If possible pretend you're his gf/mistress when speaking to his wife...

But if you do that you'd better cover your tracks - coz he might get extremely upset ;).

Re:Russian spam (1)

roman_mir (125474) | about a year and a half ago | (#43356513)

Ronaiah Tuiasosopo, is that you?

Re:Russian spam (1)

slackware 3.6 (2524328) | about a year and a half ago | (#43357577)

I assume it was his wife. Could have been his mom. She would get mad and start yelling then put the dude on the phone and I would yell at him. There was a language barrier. They spoke bad English and i can only speak words and phrases in Ukraine. Also this was years ago when the internet was way different.

Krebs managed to gain access to a private chat (1)

fustakrakich (1673220) | about a year and a half ago | (#43355041)

Mavook was seeking access to an English-language cyber-crime forum....Uh huh...

Ah yes, operator, can you connect me with the nearest English-language cyber-crime forum please?... One ringy-dingy, two ringy-dingy, three ringy-dingy..... "You have reached the FBI central call center, All our operators are with another client right now. If you wait on the line, your call will taken in the order received".. click...

The whole thing sounds like a cheap novel.

Bad summary (5, Informative)

Macman408 (1308925) | about a year and a half ago | (#43355075)

The summary says: "It was the malware which affected as many Apple computers as the Conficker worm affected Windows PCs..."
This is obviously inaccurately rewritten from what Krebs said, which is "...Flashback [was] roughly as common for Macs as the Conficker Worm was for Windows PCs."

Those are not equivalent statements. The summary is equating raw numbers, while TFA is equating percentages.

Sorry, I just read that sentence and thought "no way in hell is that true." As confirmation, Wikipedia says Flashback hit 600,000 Macs [wikipedia.org] , while Conficker infected between 9 and 15 million PCs [wikipedia.org] .

Re:Bad summary (0)

Anonymous Coward | about a year and a half ago | (#43355153)

Oh yeah?! Well until now, no one know that!

Re:Bad summary (2)

Plumpaquatsch (2701653) | about a year and a half ago | (#43355897)

The summary says: "It was the malware which affected as many Apple computers as the Conficker worm affected Windows PCs..."
This is obviously inaccurately rewritten from what Krebs said, which is "...Flashback [was] roughly as common for Macs as the Conficker Worm was for Windows PCs."

Those are not equivalent statements. The summary is equating raw numbers, while TFA is equating percentages.

Sorry, I just read that sentence and thought "no way in hell is that true." As confirmation, Wikipedia says Flashback hit 600,000 Macs [wikipedia.org] , while Conficker infected between 9 and 15 million PCs [wikipedia.org] .

It should also be noted that Conficker wasn't the malware with the largest number of infections (which has often been claimed when that comparison was first made a year ago), let alone percentage of infected computers. That honor belongs to the ILOVEYOU virus [wikipedia.org] from 2000.

  " Within ten days, over fifty million infections had been reported,[6] and it is estimated that 10% of internet-connected computers in the world had been affected."

Re:Bad summary (2)

oldlurker (2502506) | about a year and a half ago | (#43355903)

The summary says: "It was the malware which affected as many Apple computers as the Conficker worm affected Windows PCs..." This is obviously inaccurately rewritten from what Krebs said, which is "...Flashback [was] roughly as common for Macs as the Conficker Worm was for Windows PCs."

Those are not equivalent statements. The summary is equating raw numbers, while TFA is equating percentages.

Sorry, I just read that sentence and thought "no way in hell is that true." As confirmation, Wikipedia says Flashback hit 600,000 Macs [wikipedia.org] , while Conficker infected between 9 and 15 million PCs [wikipedia.org] .

You are right the summary can be interpreted as meaning actual numbers and not percentages. I didn't read it that way but maybe because I knew from before that Mac Flashback is the biggest malware epidemic in modern times in terms of percentage of user base affected (most accounts actually have it "beating" Conficker on Windows [pcworld.com] ).

Of course the Windows user base is much bigger. But percentage of user base affected is the right metric to use if you want to look at risk of infection and infectability on a platform. This is still not a comparison Windows vs Mac in general, just the worst case from each platform. Windows currently has a longer tail of other cases of course. But it should be a much bigger wake-up call to the "Mac can't be infected" people than it was. Later versions of Mac Flashback did completely silent drive-by infection just by visiting a web page, not needing user interaction or admin password, something many Mac people still today seem to think only happens on Windows.

Re:Bad summary (1)

Anonymous Coward | about a year and a half ago | (#43356767)

You are right the summary can be interpreted as meaning actual numbers and not percentages.

It's not a matter of interpretation, that's what it says: "affected as many Apple computers as the Conficker worm affected Windows PCs".

This is still not a comparison Windows vs Mac in general, just the worst case from each platform

Actually that's exactly what the statement was. And frankly, I'm getting more than a little tired of hearing about it. Comparing all Windows versions to all Mac versions makes no more sense then arguing about which automobile maker has a better mile-per-gallon rating and including every model they've ever made in history.

But it should be a much bigger wake-up call to the "Mac can't be infected" people than it was.

It won't be. Those people survive by consuming rhetoric, and wrap themselves in a warm blanket of marketing when they go to sleep at night. There are plenty of Mac owners who don't fit into that category, but Mac owners tend to get a bad rap because the Apple marketing campaign has attracted a disproportionally large amount of such people to their platform.

No one know. (0)

Anonymous Coward | about a year and a half ago | (#43355077)

WTF!

Maxim is freaking out right now (1)

cultiv8 (1660093) | about a year and a half ago | (#43355315)

and if the developer was a truly genius malware creator, then maxim is shitting his pants because it really wasn't him.

Evidence? (2)

Alex Belits (437) | about a year and a half ago | (#43355517)

1. All that was mentioned is, that the person claimed to be an author of Flashback in a private message on a board for malware authors.

2. Translation is the image wrong. It says "I specialize in finding exploits and creating bots". Original Russian text is "[my] specialty is creating exploits and bots". The whole exchange is about the person communicating with mavook mentioning something that may be "stilll relevant" asking mavook how he would want to be introduced:

Hi!
Is it still relevant?
If so, respond with something like, nick, area of activity (how to introduce you).
We will solve the problem in 2-3 days.

mavook responds:

any random nick macbook for example
creator of flashback botnet for macs
specialty is creating exploits and bots

(Capitalization and punctuation, or lack of one, is preserved wherever possible.)

Hardly an evidence.

Re:Evidence? (0)

Anonymous Coward | about a year and a half ago | (#43356819)

I'll also point out that there is a drastic difference between setting up a botnet, and writing the actual code itself. It is not at all uncommon in an organized "cybergang" for there to be one or two people actually creating the software, and another small team who actually goes out and begins deploying it. So at best all he did was "admit" to having been involved in deploying the malware.

Next up, cyber investigator discovers who started the Chicago Fire after stumbling across an admission in the film Reservoir Dogs... it was the cop.

Flashback forum is still active, why? (0)

Anonymous Coward | about a year and a half ago | (#43355737)

Flashback's forum is still active and online. How can it be, if the virus author has already been identified?
>> https://www.flashback.org/f81 [flashback.org]

Well done (0)

Anonymous Coward | about a year and a half ago | (#43355785)

Have a complimentary Samsung powered licenced MacBook pro clone!

Useless Russian police? (1)

benjfowler (239527) | about a year and a half ago | (#43355801)

So what is Brian Krebs doing right that the Russian security services can't manage. Are they that useless?

Re:Useless Russian police? (0)

Anonymous Coward | about a year and a half ago | (#43355871)

Apparently, either exploiting forum software or having an account with a high level of access to those dark corners of the web.

Re:Useless Russian police? (2)

some old guy (674482) | about a year and a half ago | (#43356113)

Not useless, complicit.

Regarding the FSB, "There is no such thing as a former Chekist."- Vladimir Putin

Re:Useless Russian police? (1)

Novogrudok (2486718) | about a year and a half ago | (#43356239)

Sure, multiple squads of Russian police are on their way now to arrest mavook! Just tell them that the only evidence that he is the creator of flashback is his forum signature.

Re:Useless Russian police? (1)

fazey (2806709) | about a year and a half ago | (#43357749)

Until he simply leaves them a significant bribe in a care package. Then they make up a story that he was killed in the arrest.

lol (1)

fazey (2806709) | about a year and a half ago | (#43357733)

I love how security researchers go "OMG I FOUND HIM... because he told me he made it."

btw, I made microsoft windows.

Re:lol (0)

Anonymous Coward | about a year and a half ago | (#43359767)

i made bsd

Re:lol (0)

Anonymous Coward | about a year and a half ago | (#43402037)

I invented the electron

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?