Digita Security

Cybersecurity solutions for the

  • modern
  • mobile
  • independent
  • innovative
  • enterprising

macOS workforce

9.2011 ( Version 2 )


OSX/Flashback is a series of Trojan downloaders. Early variants imitated a Flash Player plug-in installer and required user interaction. Later variants relied upon known, unpatched, Java vulnerabilities and compromised computers using redirected websites [1]. At least one variant also attempted to disable XProtect and its signature updates once installed [2]. According to a Dr. Web malware analyst, over 600,000 Mac computers had been infected with OSX/Flashback as of April, 2012 [3].

  1. https://www.f-secure.com/v-descs/trojan-downloader_osx_flashback.shtml
  2. https://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_c.shtml
  3. https://arstechnica.com/gadgets/2012/04/flashback-trojan-reportedly-controls-half-a-million-macs-and-counting/

Sample Hashes (VT links):