Your browser is obsolete!

The page may not load correctly.

Free trial
Dr.Web for Android

Defend what you create

Other Resources

Close

Library
My library

+ Add to library

Contact us
24/7 Tech support

Send a message

Call us

+7 (495) 789-45-86

Forum
Profile

Back to news

BackDoor.Flashback.39 epidemic chronology

April 10, 2012

News that an outbreak of BackDoor.Flashback.39 has infected over 650,000 computers running Mac OS X spread quickly throughout the world, causing a strong public response. Russian anti-virus company Doctor Web, the first to issue a warning concerning this threat, offers this brief chronology on the BackDoor.Flashback.39.

  • February 2012 An Oracle-released update for the Java Virtual Machine closed vulnerabilities exploited by BackDoor.Flashback.39.
  • March 25, 2012 The first Flashback botnet domains are registered
  • March 27, 2012 Doctor Web added the BackDoor.Flashback.39 signature into the virus database used by its Dr.Web for Mac OS X.
  • April 3, 2012 Doctor Web analysts reverse-engineered the routine employed by BackDoor.Flashback.39 to generate control server domain names. They then registered several domain names and began gathering statistics by analysing requests received from the bots. More than 130,000 bot replies were registered in the very first hours.
  • April 4, 2012 According to data collected by the virus laboratory, the number of infected hosts in the BackDoor.Flashback.39 botnet reached 550,000. Doctor Web issued a press-release concerning the BackDoor.Flashback.39 epidemic.
  • April 4, 2012 (April 3 for ). An Apple-released update for iApple Java closed vulnerabilities exploited by Trojan BackDoor.Flashback.39. Due to time zone differences, many Mac OS X users received the update with a significant delay.
  • April 4, 2012 The number of hosts in the botnet exceeded 600,000 infected Macs.
  • April 6, 2012 Apple released a second update that closed the vulnerabilities exploited by Trojan BackDoor.Flashback.39.
  • April 9, 10 Some corporation made unsuccessful attempts to block domains used by Doctor Web to study the BackDoor.Flashback.39 botnet.
  • April 10 the total number of computers infected by the Trojan exceeded 650,000.

The current number of machines infected by BackDoor.Flashback.39 is 655,700. Mac users can use the free service from Doctor Web at www.drweb.com/flashback/ to check whether their computers are infected.

Download Dr.Web Light for Mac OS X for free

Tell us what you think

You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.


Other comments

The Russian developer of Dr.Web anti-viruses

Doctor Web has been developing anti-virus software since 1992

Dr.Web is trusted by users around the world in 200+ countries

The company has delivered an anti-virus as a service since 2007

24/7 tech support

© Doctor Web
2003 — 2017

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125040