Security companies such as Kaspersky Lab and Dr Web have set up sinkholes (servers set up to trap information coming from infected computers, replacing the malicious command and control servers) to estimate the number of infections.
Intego said that the Flashback infection rate remains in the hundreds of thousands of Macs, despite an estimate by Kaspersky Lab that the number of infections has dropped to 30,000.
Intego attributed the discrepancy in the infection numbers to actions by companies responsible for root nameservers to block the domains used by the Flashback malware in contacting its command and control server and redirecting these requests to the Mac users themselves.
“The effect here is that the Macs are still infected, but they will not be able to contact the command and control servers, and, especially, cannot be counted by sinkholes”, Intego’s Peter James explained in a blog.