Russian Cyber Criminal Unmasked As Creator of "Most Successful" Apple Malware

← Back to Stories (view on slashdot.org)

Russian Cyber Criminal Unmasked As Creator of "Most Successful" Apple Malware

Posted by samzenpus on Wednesday April 3, 2013 @04:34PM from the who's-to-blame dept.

DavidGilbert99 writes "It was the malware which affected as many Apple computers as the Conficker worm affected Windows PCs and earned its creator up to $10,000 per day. Until now, no one know who was behind the Flashback Trojan which hit 650,000 computers last year, but security researcher Brian Krebs has managed to uncover the creator as a 30-year-old Russian cyber criminal."

16 of 68 comments (clear)

Min score:

Reason:

Sort:

apples response? by Nyder · 2013-04-03 16:49 · Score: 4, Funny

based on how they go after prototypes that get lost, you'd think they got an iDrone heading his way....

--
Be seeing you...
Cyber criminal by fustakrakich · 2013-04-03 16:51 · Score: 4, Funny

Does this mean we won't hear the word 'hacker' anymore?

--
“He’s not deformed, he’s just drunk!”
Russian spam by slackware+3.6 · 2013-04-03 17:01 · Score: 3, Funny

I had this nice Russian fellow spoofing my email to spam others when I discovered this (thanks to an email from an ISP admin in Denmark) I figured out who he was through his ISP in the Ukraine. I then proceded to phone him at 3am his time every day for weeks. It was awesome. Then after his wife stopped answering the phone and some complaints to his Ukraine ISP his internet service was canceled.
Bad summary by Macman408 · 2013-04-03 17:16 · Score: 5, Informative

The summary says: "It was the malware which affected as many Apple computers as the Conficker worm affected Windows PCs..."
This is obviously inaccurately rewritten from what Krebs said, which is "...Flashback [was] roughly as common for Macs as the Conficker Worm was for Windows PCs."
Those are not equivalent statements. The summary is equating raw numbers, while TFA is equating percentages.
Sorry, I just read that sentence and thought "no way in hell is that true." As confirmation, Wikipedia says Flashback hit 600,000 Macs, while Conficker infected between 9 and 15 million PCs.
1. Re:Bad summary by Plumpaquatsch · 2013-04-03 21:48 · Score: 2
  
  The summary says: "It was the malware which affected as many Apple computers as the Conficker worm affected Windows PCs..."
  This is obviously inaccurately rewritten from what Krebs said, which is "...Flashback [was] roughly as common for Macs as the Conficker Worm was for Windows PCs."
  Those are not equivalent statements. The summary is equating raw numbers, while TFA is equating percentages.
  Sorry, I just read that sentence and thought "no way in hell is that true." As confirmation, Wikipedia says Flashback hit 600,000 Macs, while Conficker infected between 9 and 15 million PCs.
  It should also be noted that Conficker wasn't the malware with the largest number of infections (which has often been claimed when that comparison was first made a year ago), let alone percentage of infected computers. That honor belongs to the ILOVEYOU virus from 2000.
  " Within ten days, over fifty million infections had been reported,[6] and it is estimated that 10% of internet-connected computers in the world had been affected."
  
  --
  Of course news about a fake are Fake News.
2. Re:Bad summary by oldlurker · 2013-04-03 21:49 · Score: 2
  
  The summary says: "It was the malware which affected as many Apple computers as the Conficker worm affected Windows PCs..." This is obviously inaccurately rewritten from what Krebs said, which is "...Flashback [was] roughly as common for Macs as the Conficker Worm was for Windows PCs."
  Those are not equivalent statements. The summary is equating raw numbers, while TFA is equating percentages.
  Sorry, I just read that sentence and thought "no way in hell is that true." As confirmation, Wikipedia says Flashback hit 600,000 Macs, while Conficker infected between 9 and 15 million PCs.
  You are right the summary can be interpreted as meaning actual numbers and not percentages. I didn't read it that way but maybe because I knew from before that Mac Flashback is the biggest malware epidemic in modern times in terms of percentage of user base affected (most accounts actually have it "beating" Conficker on Windows).
  Of course the Windows user base is much bigger. But percentage of user base affected is the right metric to use if you want to look at risk of infection and infectability on a platform. This is still not a comparison Windows vs Mac in general, just the worst case from each platform. Windows currently has a longer tail of other cases of course. But it should be a much bigger wake-up call to the "Mac can't be infected" people than it was. Later versions of Mac Flashback did completely silent drive-by infection just by visiting a web page, not needing user interaction or admin password, something many Mac people still today seem to think only happens on Windows.
I wouldn't shed a tear by PapayaSF · 2013-04-03 17:37 · Score: 4, Interesting

I wouldn't shed a tear if malware authors and spammers started having fatal accidents. In fact, I'd love it if some tech billionaire had a private hit squad for just that purpose.

--
Q: What does the "B." in Benoit B. Mandelbrot stand for? A: Benoit B. Mandelbrot
1. Re:I wouldn't shed a tear by Anonymous Coward · 2013-04-03 17:44 · Score: 3, Interesting
  
  Well, if you ever have jury duty, I really hope you do try to get out of it. If all else fails, show them this comment and how you believe thats correct action.
2. Re:I wouldn't shed a tear by srussia · 2013-04-03 17:55 · Score: 5, Funny
  
  In fact, I'd love it if some tech billionaire had a private hit squad for just that purpose.
  "I don't need no stinkin' hit squad! -- John McAfee
  
  --
  Set your phasers on "funky"!
3. Re:I wouldn't shed a tear by tehcyder · 2013-04-03 21:05 · Score: 3, Funny
  
  I wouldn't shed a tear if malware authors and spammers started having fatal accidents. In fact, I'd love it if some tech billionaire had a private hit squad for just that purpose.
  Indeed, I think they should being back public hanging (and disembowelling) for anyone caught stealing anything worth more than a loaf of bread. Those were the days! A nice family day out at Tyburn Tree, and if you were lucky they got the rope length wrong and someone's head was ripped clean off.
  Proportionality is everything.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
4. Re:I wouldn't shed a tear by benjfowler · 2013-04-03 21:16 · Score: 4, Insightful
  
  The Chinese, the thugs that they are, are onto something.
  Kill the chicken to warn the monkeys.
5. Re:I wouldn't shed a tear by monzie · 2013-04-04 01:02 · Score: 2
  
  Surely you don't want human beings DYING for spamming. I hate spam and spammers but that does sound a bit over the top.
6. Re:I wouldn't shed a tear by tqk · 2013-04-04 02:14 · Score: 2
  
  The guilty should live if for no other reason than to suffer the ridicule ...
  Ridicule? $10,000/day and more than half a million computers pwned, he succeeded way beyond his wildest dreams! We can only dream about making a mark that big. No, I don't like malware and spam, but I do appreciate he did what he set out to do, spectacularly. Had I chosen that as a goal, I'd be beaming with pride right now.
  
  --
  "Tongue tied and twisted, just an Earth bound misfit ..." -- Pink Floyd.
7. Re:I wouldn't shed a tear by PapayaSF · 2013-04-04 03:17 · Score: 2
  
  If it's one stolen loaf of bread or one burglarized home, I agree. But when the victims number in the millions, that changes the proportionality.
  
  --
  Q: What does the "B." in Benoit B. Mandelbrot stand for? A: Benoit B. Mandelbrot
Evidence? by Alex+Belits · 2013-04-03 19:37 · Score: 2

1. All that was mentioned is, that the person claimed to be an author of Flashback in a private message on a board for malware authors.
2. Translation is the image wrong. It says "I specialize in finding exploits and creating bots". Original Russian text is "[my] specialty is creating exploits and bots". The whole exchange is about the person communicating with mavook mentioning something that may be "stilll relevant" asking mavook how he would want to be introduced:

Hi!
Is it still relevant?
If so, respond with something like, nick, area of activity (how to introduce you).
We will solve the problem in 2-3 days.
mavook responds:

any random nick macbook for example
creator of flashback botnet for macs
specialty is creating exploits and bots
(Capitalization and punctuation, or lack of one, is preserved wherever possible.)
Hardly an evidence.

--
Contrary to the popular belief, there indeed is no God.
Re:Useless Russian police? by some+old+guy · 2013-04-03 23:19 · Score: 2

Not useless, complicit.
Regarding the FSB, "There is no such thing as a former Chekist."- Vladimir Putin

--
Scruting the inscrutable for over 50 years.