It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
Krebs outs Apple Flashback hacker Krebs outs Apple Flashback hacker
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read


Krebs outs Apple Flashback hacker
Reply
 
Thread Tools
Old 5th April 2013, 08:06   #1
[M] Reviewer
 
Stefan Mileschin's Avatar
 
Join Date: May 2010
Location: Romania
Posts: 46,632
Stefan Mileschin Freshly Registered
Default Krebs outs Apple Flashback hacker

Security expert Brian Krebs has identified the Russian hacker who made a fortune out of the poor security on Apple's operating system last year.

Despite claiming that only Windows machines suffered from malware, Apple was forced to release a software update to halt the spread of the Flashback worm last year.

More than 650,000 Mac OS X systems were exploited because of a vulnerability in Apple's version of Java.

Flashback was the first OS X malware to be "VMware aware" and know when it was being run in a virtual environment. It also was the first to disable XProtect, OS X's built-in malware protection program. All this made it for Macs as the common as the Conficker Worm was for Windows PCs.

It could have been a lot worse. All Flashback wanted to do was redirect Google results to third-party advertisers so that the author could make a lot of dosh. At one point he was making $10,000 a day which is nice money if you can get it.

It used a social engineering trick of presenting the OS X user with a bogus Flash Player installation prompt. Apple fanboys had been programmed to believe that they were totally safe because Apple software was totally secure. If any reporter mentioned how unsafe the OS was they received angry emails telling them that "no virus (sic) had ever been written for Apple gear."

Krebs took a year to track down the virus writer's author. He hangs out on many of the same forums as the world's top spammers and was an active and founding member of BlackSEO.com, a closely guarded Russian language forum dedicated to spam.

Working under the handle Mavook he claimed responsibility for creating Flashback to a senior forum member and was seen trying to gain access to another spam/hacker site Darkode.

Mavook said that his Darkode nickname should be not be easily tied back to his BlackSEO persona, and suggests the nickname "Macbook."

He also states that he is the "Creator of Flashback botnet for Macs," and that he specializes in "finding exploits and creating bots."

Mavook gives all sorts of details about his activities, which allowed Krebs to work out who he was. He found that his webpage was registered in 2005 by a Maxim Selikhanovich in Saransk, the capital city in Mordovia.

This name was used to gain several email addresses and was registered in the now defunct Website saransk-offline.com, which at one point sold cheap MP3 files.

One of the emails used by Maxim for that Website and a related site was "troxel@yandex.ru," which was the same email used to register a now-deleted Facebook account under a Maxim Selikhanovich from Saransk.

One of the email addresses for Selikhanovich was h0mini@mail.ru and the contact for a business in Saransk called mak-rm.com, the domain name registered to a IT-outsourcing and Web design firm in Saransk called the Mordovia Outsourcing Company. That domain is registered to a "Max D. Sell" in Saransk.

The Mordovia Outsourcing Company was registered and founded by one Maxim Dmitrievich Selihanovich, a 30-year-old from Saransk, Mordovia.

http://news.techeye.net/security/kre...ashback-hacker
Stefan Mileschin is offline   Reply With Quote
Reply


Similar Threads
Thread Thread Starter Forum Replies Last Post
JailbreakMe hacker Comex let go by Apple after failing to respond to offer letter Stefan Mileschin WebNews 0 22nd October 2012 09:32
Hacker forces Apple and Amazon to change security policies Stefan Mileschin WebNews 0 9th August 2012 07:31
Apple issues Leopard update with Flashback removal tool Stefan Mileschin WebNews 0 16th May 2012 07:38
Apple issues Flashback removal tool for 10.7 Lion systems not running Java Stefan Mileschin WebNews 0 16th April 2012 08:19
Apple Releases Update to Take Care of Flashback Malware Stefan Mileschin WebNews 0 16th April 2012 07:59
Apple releases fix for Flashback malware Stefan Mileschin WebNews 0 13th April 2012 08:21
More Than 600,000 Macs Infected With Flashback Botnet Stefan Mileschin WebNews 0 6th April 2012 07:55
Hacker could get up to 25 years jmke WebNews 0 23rd March 2010 11:30
FBI hacker was trying to get his job done jmke WebNews 0 7th July 2006 17:19
Hacker Elite Sidney WebNews 0 18th August 2004 08:20

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


All times are GMT +1. The time now is 01:09.


Powered by vBulletin® - Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO