Apple's Flashback Trojan was a major concern for Mac OS X users. But it might have also been a huge revenue opportunity for its creators.
According to security firm Symantec, which has been analyzing Flashback, the Trojan known as OSX.Flashback.K included a significant ad-clicking component that the company says, was designed to help the creators generate revenue.
"Flashback specifically targets search queries made on Google and, depending on the search query, may redirect users to another page of the attacker's choosing, where they receive revenue from the click," Symantec wrote in a blog post. "Google never receives the intended ad click."
The possibilities for revenue generation are huge for that kind of exploit, according to Symantec. It found that an ad-clicking Trojan called W32.Xpaj.B last August was able to make up to $450 per day on just 25,000 infections. At its height, Flashback infected a possible 650,000 Macs around the world.
"Considering the Flashback Trojan measures in the hundreds of thousands, this figure could sharply rise to the order of $10,000 per day," Symantec wrote.
The Flashback Trojan is a particularly nasty bit of malware that took advantage of of a Java vulnerability in Apple's Mac OS X. Soon after Apple patched its operating system and released a removal tool, the instances of Flashback around the globe plummeted, likely pushing the creators' revenue opportunity down.