Symantec’s estimations suggest that the Flashback MacBot would have reduced to 99,000 by yesterday. According to Symantec there were approximately 142,000 infected Macs still active on Monday 16 April.

In a blog post the security vender wrote: “The statistics from our sinkhole are showing declining numbers on a daily basis. However, we had originally believed that we would have seen a greater decline in infections at this point in time, but this has proven not to be the case.”

Last week Symantec reported that the MacBot was down to 270,000 Macs, reports claim it was originally more than 600,000 Macs.

The Flashback Trojan is considered to be the largest Mac malware threat to date, experts have pointed fingers at Apple as being partially to blame for the scope of the Flashback malware infection. They argue that if Apple were more transparent about security issues – and if it had promptly released a Flashback fix--the extent of the damage could have been smaller.


Flashback first emerged in September, as a new Trojan horse that masqueraded as a Flash Player installation package for OS X Lion, and - combined with the MacDefender malware - helped make 2011 the “most active year for Mac malware since Mac OS X was released,” according to security firm Intego.

The new variant of Flashback can infect computers with little more than a visit to the wrong website. A vulnerability in Java, identified as CVE-2012-0507, allows the malware to install itself from a malicious website the user visits, without needing the user to enter an administrator’s password. Though the security hole was patched in Java in February, the fix didn’t make its way to Macs until Apple released its own Java update last week.