New OS X backdoor malware

 

New OS X backdoor malware roping Macs into botnet

New malware targeting Mac machines, opening backdoors on them and roping them into a botnet currently numbering around 17,000 zombies has been spotted and analyzed by malware researchers of Russian AV company Dr. Web.

The malware, dubbed Mac.BackDoor.iWorm, targets computers running OS X and makes extensive use of encryption in its routines, the researchers noted.

http://www.net-security.org/malware_news.php?id=2875

This needs more documentation from non Russian experts

Personally I do not believe this.

--
NUVI 660, Late 2012 iMac, Macbook 2.1 Fall 2008, iPhone6 , Nuvi 3790, iPad2

maybe you should...

http://www.tomsguide.com/us/reddit-botnet-recruit-macs,news-...

Kapersky is Russian as well, and is a leading anti-virus.

Mac's aren't the sacred cow anymore, and the hackers are out for one thing: money. No system can be considered 'safe' with personal info.

--
nüvi 3790T | nüvi 775T | Those who make peaceful revolution impossible, will make violent revolution inevitable ~ JFK

Increasing Apple Viruses/Malware

Juggernaut wrote:

Mac's aren't the sacred cow anymore, and the hackers are out for one thing: money. No system can be considered 'safe' with personal info.

I don't think hackers treated Mac's like "sacred cows" in the past. My opinion is that hackers just felt it wasn't worth their time to go after Apple machines.

That might have been to the hackers' advantage, as Apple users may have developed a false sense of security... making them (cough, cough) ripe for the picking rolleyes

Looking...

I'm looking for this one, but I haven't found it. I've logged plenty of shellshock (bash) attempts (that won't work), but haven't seen this one yet.

I don't think Apple is complacent on security, particularly since Macs get used in any number of high-value markets.

--
Nuvi 2460, 680, DATUM Tymserve 2100, Trimble Thunderbolt, Ham radio, Macintosh, Linux, Windows

A way to check...

--
Ted - Garmin Nuvi 1450 LM

Infection method now known--

--and it involves picking up copies of software from nasty sites...

http://www.thesafemac.com/iworm-method-of-infection-found/

basically, the worm is a freebie included with your pirated copy of Adobe Acrobat...

And even then, the end user has to click on a number of "are you sure you want to do this?" boxes to get nailed.

(this is not to say that someone won't come up with a drive-by for OS X -- it's bound to happen sooner or later, so don't let your guard down)

--
Nuvi 2460, 680, DATUM Tymserve 2100, Trimble Thunderbolt, Ham radio, Macintosh, Linux, Windows

as usual

k6rtm, you may be sure there will be enough idiots, who will click "OK" just because OK button is there. I know quite few people, who get viruses this way. It is going for many years and they still learn nothing. They just click, because they are too lazy to read even shortest text.

And those idiots are system independent. That's why this is such good business, those viruses.

duh...

grzesja wrote:

k6rtm, you may be sure there will be enough idiots, who will click "OK" just because OK button is there. I know quite few people, who get viruses this way. It is going for many years and they still learn nothing. They just click, because they are too lazy to read even shortest text.

And those idiots are system independent. That's why this is such good business, those viruses.

Now lemme see...if I push no to cancel I won't get infected, hmm what's an infection ? I'll choose OK or INSTALL and try out this infection. wink

--
Never argue with a pig. It makes you look foolish and it anoys the hell out of the pig!

sad but true

You see BarneyBadass, the most ridiculous thing about viruses I had was when some friend sent me email with virus as attachment. Not to be malicious. But virus was showing nice fireworks on screen when it was destroying data on computer. And they want me to see this nice show. They get this in email from their friends and sent it to everybody they knew.

It was about 15 years ago, and as I see around nothing changed in people knowledge about computers. Maybe only this, that they no longer believe that people may get infected by computer virus.