The biggest Mac malware attack of all time – blogger names suspected mastermind

Apple in snow. Image from ShutterstockThe remote Russian region of Mordovia, famed for its prison camps, may be the home of the author of the most notorious malware ever to hit Mac computers – the Flashback Trojan horse (called OSX/FlshPlyr-A by Sophos products).

The Flashback malware hit more than 600,000 Mac computers in early 2012, posing as a bogus installer for Adobe Flash and exploiting an unpatched vulnerability in Java.

Despite the malware’s prevalence on Mac computers and the high media profile it achieved after even hitting hundreds of Mac computers in Cupertino, the computer crime fighting authorities have made no arrests in connection with Flashback.

Mac backdoor Trojan

Sign up to our free newsletter.
Security news, advice, and tips.

Award-winning security blogger Brian Krebs has written today about his investigation into who might have been behind Flashback.

Krebs’s investigation took him to Russian-language forums belonging to the computer underground, where he found a user called “Mavook” claiming to be the author of Flashback, and saying that he specialised in finding security exploits and creating botnets.

Combing the net for further information, and digging through historic website registration records, Krebs went on to link “Mavook” with Maxim Selihanovich, a man in his thirties, living in the city of Saransk, in Mordovia.

You can read more about the clues Krebs pieced together in his blog post.

Apple in snow image from Shutterstock.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.