The remote Russian region of Mordovia, famed for its prison camps, may be the home of the author of the most notorious malware ever to hit Mac computers – the Flashback Trojan horse (called OSX/FlshPlyr-A by Sophos products).
The Flashback malware hit more than 600,000 Mac computers in early 2012, posing as a bogus installer for Adobe Flash and exploiting an unpatched vulnerability in Java.
Despite the malware’s prevalence on Mac computers and the high media profile it achieved after even hitting hundreds of Mac computers in Cupertino, the computer crime fighting authorities have made no arrests in connection with Flashback.
Award-winning security blogger Brian Krebs has written today about his investigation into who might have been behind Flashback.
Krebs’s investigation took him to Russian-language forums belonging to the computer underground, where he found a user called “Mavook” claiming to be the author of Flashback, and saying that he specialised in finding security exploits and creating botnets.
Combing the net for further information, and digging through historic website registration records, Krebs went on to link “Mavook” with Maxim Selihanovich, a man in his thirties, living in the city of Saransk, in Mordovia.
You can read more about the clues Krebs pieced together in his blog post.
Apple in snow image from Shutterstock.