Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.
We’ve heard so much about the Mac Flashback Trojan in the last month, but what is its goal? Turns out it’s financial gain (who knew) in the form of ad revenue.
Security researchers at Symantec have found that the Flashback Trojan downloaded an “ad-clicking component” through a Java vulnerability. From there, it would hijack clicks on ads through Google. You know the links that show up in a yellow box at the top of your Google search query? Yeah, those make the search giant a ton of money. Ninety-six percent of Google’s overall revenue comes from advertising revenue through its search engine and other advertising programs. And when your revenue sits at $37.9 billion for 2011, cyber criminals have an incentive to steal some of that.
The people behind the Flashback Trojan may have been making up to $10,000 a day, according to Symantec. They did this by infecting the Mac’s browsers (Firefox, Chrome, or Safari). The Trojan then waited until someone searched for something on Google and clicked on an ad. From there it redirected the user to a site of its choosing, getting in between Google and the advertising click, and eventually collecting the revenue from that click.
Intelligent Security Summit
Learn the critical role of AI & ML in cybersecurity and industry specific case studies on December 8. Register for your free pass today.
Symantec looked at a search query for “toys” made on an infected machine.
“We can clearly see a value of 0.8 cents for the click and the redirection URL highlighted in red. This redirected URL is subsequently written into the browser so that the user is now directed to the new site, in effect hijacking the ad click Google should have received,” Symantec wrote in a blog post. “Considering the Flashback Trojan measures in the hundreds of thousands, this figure could sharply rise to the order of $10,000 per day.”
The Flashback Trojan enters a computer through a hole in Java, which Apple has since patched.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.