[X4U] Flashback Followup

Shawn King shawn at yourmaclifeshow.com
Tue Apr 10 15:38:47 PDT 2012


On Apr 10, 2012, at 3:31 PM, Jerry Krinock wrote:

> 
> On 2012 Apr 09, at 11:28, Shawn King wrote:
> 
>> "Doctor Web’s researchers were able to “sinkhole” part of the Flashback bonnet –hijack some of the domains used to issue commands to infected computers – and calculated the size of the botnet by counting the UUIDs (universally unique identifiers) presented by OS X to the controlling servers."
> 
> Thank you, Shawn.
> 
> Well, I'm still not sure I trust a statement from a Russian antivirus company named "Doctor Web".

LOL And you are absolutely right not to. Skepticism is good in this case. It's the first thing I asked when I saw the initial reports and the first thing I asked of the security experts I talked to.

>  But based on my limited understanding, that explanation, although a little contorted, seems plausible, or at least it was written by someone who seems to know what they're doing.  Some contortion is certainly due to translation from a Russian engineering-speak to English public-relations-speak.

Here is some more information and more details about Dr Web:
<http://www.forbes.com/sites/andygreenberg/2012/04/09/apple-snubs-firm-who-discovered-mac-botnet-tries-to-cut-off-its-server-monitoring-infections/>


-- 
Shawn King
Host/Executive Producer
Your Mac Life
http://www.yourmaclifeshow.com





More information about the X4U mailing list