As Apple has released several updates to their software, in an attempt to detect the new Flashback malware and to remove it from the systems that are infected, it was noted by Symantec just late yesterday that just over 100,000 machines are still infected and remain afflicted by this new issue that has been detected by the sinkhole test in redirecting traffic from servers.
It was pegged by Symantec of the number of infected computers to be around the 142,000 range starting Monday, which lists a very rough estimate of just “over 99,000″ while the data from yesterday was still coming up. These numbers have gone down from 600,000 two weeks ago, though a very high number of machines are unfortunately still infected by this malware.
The statistics from our sinkhole are showing declining numbers on a daily basis. However, we had originally believed that we would have seen a greater decline in infections at this point in time, but this has proven not to be the case. Currently, it appears that the number of infected computers has tapered off, but remains around the 140,000 mark.
As there have been tools released by Symantec and other vendors in the past few days concerning this threat, the infection numbers should have seen a dramatic decrease by now.
The domain name generator was looked at by Symantec aswell where it allows infected machines to connect to their own command and also control servers to receive instructions. This new generator utilizes a list of exactly 14-character strings that are moved around every day, which brings together each string with just one of five top-level domains (.com, .net, .info, .in, or .kz) in finding its instructions.
This new report also says that the infected systems with the Flashback malware also can take in updated command-and-control server locations directly through Twitter, which no details have been given on that process yet. A similar report was just made for the earlier versions of Flashback, but there has been zero demonstrations of the delivery method through Twitter in being used at all lately.