Security researchers warn of Mac infection by OS X malware
06 Oct 2014
Security researchers say they recently discovered that over 17,000 Macs around the world had been infected by a new OS X malware threat called "iWorm," which had also used Reddit.com as a go-between to cull user data, perform various system actions and execute Lua scripts, Apple Insider reported.
The virus has an entry under ''Mac.BackDoor.iWorm'' in the virus database of Russian research firm Dr Web.
The new threat is described as a complex multi-purpose backdoor capable of issuing a variety of commands to be carried out by an affected host Mac.
Data gathering and limited system remote control are among several operations the malware can conduct.
On installation, iWorm creates an operating file, opens a port to request a list of control servers and connects, awaiting further instructions. This piece of malware is unique in its use of Reddit.com's search service for retrieving the botnet server list, which until recently was disguised in a comment to the post "minecraftserverlists."
The Reddit string had since been shut down, though, the worm's creators may have set up another server list through an alternate search service that remained elusive till date.
Meanwhile, researchers at the Russian company said in a report that over 17,000 Macs – 1,227 of which were in the UK had been infected by the malware, The Telegraph reported.
Hackers can gain remote access to the infected computer with the malware via a communication system that manipulates the search and comment functions of the popular social news website Reddit.
On gaining access to the computers, the hackers can send commands to their "botnet" of infected computers, and tell them to spread more malware or launch spam campaigns and denial-of-service attacks.
"This isn't, of course, the first time that we have seen Mac computers infected by malware and hijacked into a criminal botnet, and it isn't anything like as big so far as the notorious Flashback worm which hit more than 600,000 Mac computers in early 2012," said security researcher Graham Cluley in a blog post.
Cluley added, "But it is another timely warning that Mac users shouldn't be fooled into thinking they are somehow immune from computer security threats. An anti-virus product should be part of your arsenal, if you value your privacy and the data you store on your Apple computer."