We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!

Flashback Trojan

We’ve heard so much about the Mac Flashback Trojan in the last month, but what is its goal? Turns out it’s financial gain (who knew) in the form of ad revenue.

Security researchers at Symantec have found that the Flashback Trojan downloaded an “ad-clicking component” through a Java vulnerability. From there, it would hijack clicks on ads through Google. You know the links that show up in a yellow box at the top of your Google search query? Yeah, those make the search giant a ton of money. Ninety-six percent of Google’s overall revenue comes from advertising revenue through its search engine and other advertising programs. And when your revenue sits at $37.9 billion for 2011, cyber criminals have an incentive to steal some of that.

The people behind the Flashback Trojan may have been making up to $10,000 a day, according to Symantec. They did this by infecting the Mac’s browsers (Firefox, Chrome, or Safari). The Trojan then waited until someone searched for something on Google and clicked on an ad. From there it redirected the user to a site of its choosing, getting in between Google and the advertising click, and eventually collecting the revenue from that click.


Transform 2022

Join us at the leading event on applied AI for enterprise business and technology decision makers in-person July 19 and virtually from July 20-28.

Register Here

Symantec looked at a search query for “toys” made on an infected machine.

“We can clearly see a value of 0.8 cents for the click and the redirection URL highlighted in red. This redirected URL is subsequently written into the browser so that the user is now directed to the new site, in effect hijacking the ad click Google should have received,” Symantec wrote in a blog post. “Considering the Flashback Trojan measures in the hundreds of thousands, this figure could sharply rise to the order of $10,000 per day.”

The Flashback Trojan enters a computer through a hole in Java, which Apple has since patched.

Trojan image via Shutterstock

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.