Those who side with Mac for being well secured from viruses and infections could be victims of the BackDoor.Flashback.39 Trojan. This infection is said to have contaminated over 550,000 computers around the world running on Apple’s desktop OS, most of which are tainted within the US and Canada followed by Australia and the UK.
A report from the makers of the Dr.Web antivirus states that most Mac PCs were infected with the virus after being redirected to a fake website via online resource and traffic distribution systems that have already been compromised. Many have even reported cases of the infection when visiting the dlink.com website, through posts on Apple user forums.
At present, the company claims that more than 4 million websites are likely to already be infected. Vulnerabilities such as CVE-2011-3544 and CVE-2008-5353 were apparently exploited to spread the malware, after which attackers were touted to further distribute the infection through CVE-2012-0507 post-March 16. The BackDoor.Flashback.39 Trojan scans the system for certain components to generate a list of control servers. This is said to be done by a special routine between several servers in order to balance the bandwidth load.
On gaining a reply from control servers, a malicious payload is downloaded with help from an executable file brought in by the exploit. From a total of 550,000 infected machines, the ones in the US amount to 56.6%, or 303,449 compromised hosts, while Canada stands at 19.8% or 106,379 infected computers, in second place. The UK and Australia follow in at third and fourth places with 12.8% or 68,577 cases and 6.1% or 32,527 infected hosts, respectively.
On the bright side, future attacks from the BackDoor.Flashback.39 Trojan can be prevented by downloading a security update released by Apple through its support page.