Follow:

 

Backdoor:MacOS_X/Flashback


Backdoor:MacOS_X/Flashback is a multi-component family of malware designed to monitor your online searching and browsing behavior, to deliver targeted advertising content and search results that generates pay-per-click advertising revenue for its controllers.



What to do now

To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:

Threat behavior

Backdoor:MacOS_X/Flashback is a multi-component family of malware designed to monitor your online searching and browsing behavior, to deliver targeted advertising content and search results that generates pay-per-click advertising revenue for its controllers.

Backdoor:MacOS_X/Flashback allows unauthorized access and control of an affected computer. An attacker can perform any number of different actions on an affected computer using Backdoor:MacOS_X/Flashback. This could include, but is not limited to, the following actions:

  • Downloading and updating its components
  • Gathering information about your computer
  • Disabling security-related applications
  • Contacting remote servers for configuration

It may also install arbitrary files on your computer.

The backdoor is available in 32bit and 64bit Mach-O (i386) binary format, and specifically affects Mac OS X users.

Backdoor:MacOS_X/Flashback variants have been observed distributed as a payload by the following exploits:

 

Analysis by Methusela Cebrian Ferrer


Symptoms

There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptoms.

Prevention


Alert level: Severe
First detected by definition: 1.113.1674.0
Latest detected by definition: 1.173.2181.0 and higher
First detected on: Oct 14, 2011
This entry was first published on: Oct 14, 2011
This entry was updated on: Dec 11, 2012

This threat is also detected as:
No known aliases