Whether out of pique or by mistake, Apple has reportedly targeted the anti-virus vendor which earlier this month discovered and publicized evidence that the Flashback Trojan had infected tens of thousands of Macs.
Dr. Web reported last week that analysis of a recent Java flaw exploited by the Flashback Trojan revealed that more than 550,000 Macs were affected in the U.S. and abroad. Now the Moscow-based software security firm says it has learned that Apple has asked Russian Web registrar Reggi.ru to shut down a Doctor Web-owned Internet domain, according to Forbes.
Apple apparently asked Reggi.ru to shut down a domain that it pegged as a botnet command-and-control server supposedly being used to control Flashback-infected Macs, Dr. Web chief executive Boris Sharov told Forbes. The only problem—the domain was actually a "sinkhole," a spoofed botnet command center being used by Dr. Web to gather data about Flashback-compromised machines (like the number of infected Macs the firm published earlier in the month).
Dr. Web operates three such sinkholes, he said.
"They told the registrar this [domain] is involved in a malicious scheme," Sharov told Forbes. "Which would be true if we weren't the ones controlling it and not doing any harm to users. This seems to mean that Apple is not considering our work as a help. It's just annoying them."
Apple has been issuing patches for Flashback-affected systems as it deals with what many consider to be a significant black eye for the Mac maker—the erosion of the long-held belief among consumers that Apple's computers are safe from the viruses and worms that plague Windows-based PCs.
Sharov told Forbes that he believes Apple's attempt to shut down Dr. Web's sinkhole was "an honest mistake." If so, it was the first and only instance of Apple acknowledging Dr. Web's contribution to the Flashback situation at all, according to Sharov.
"We've given them all the data we have," he said. "We've heard nothing from them until this."
Forbes said it has attempted to contact Apple about the affair, but so far, crickets. PCMag contacted Apple on Tuesday but we also had yet to receive a response.
Sharov has been critical of how Apple has handled the Flashback Trojan, which exploits a Java flaw that let Flashback.K download itself onto Macs without warning, saying the company should have prepared fixes for affected users more quickly.
But Dr. Web's CEO appears to be more charitable towards Apple in its attitude towards his own company.
"These are not pleasant days for them," he said. "They're not thinking about us. The safety of Macintosh computers is going down very quickly, and they're thinking what to do next. They're thinking about how to manage a future where the Mac is no longer safe."
For more from Damon, follow him on Twitter @dpoeter.
