Apple Update Patches New ‘iWorm’ Botnet
Apple Macintosh OS X was once thought to be the most impenetrable operating system in the world. This was in part because its Unix base made the security and foundation stronger and superior to Windows-based operating systems. However, as predicted with the market share growing through the popularity iOS and Mac OS X, interest in Apple OS infections grew.
According to The Inquisitr, a vicious new infection called iWorm is the latest and most complicated infection so far.
“OS X has proven to be quite popular with APPLE enthusiasts. However, a piece of software called “Mac.BackDoor.iWorm” has hacked its way into nearly 17,000 Macs, wreaking havoc as it slithers through the computers and allows hackers to control the device.”
Of course, the unique function of this infection was the botnet. In laymen’s terms, it was an infection that linked back to a “command and control center” — that is, another computer with which it could communicate back and forth. An even more unique aspect is that it connected to Reddit. Macrumors explained the situation in more detail
“It is worth mentioning that in order to acquire a control server address list, the bot uses the search service at reddit.com, and — as a search query — specifies hexadecimal values of the first 8 bytes of the MD5 hash of the current date. The reddit.com search returns a web page containing a list of botnet C&C servers and ports published by criminals in comments to the post minecraftserverlists under the account vtnhiaovyd.”
The iWorm botnet utilized infected Macs to steal information and spread the same infection to other Mac OS X machines, and so on.
In an effort to quash the iWorm behemoth before it becomes a digital epidemic, Apple just released a definition update to it’s “Xprotect” anti-malware service. Xprotect is the Apple Mac OS X dirty little secret way of defending it’s OS from new and emerging infections. It is a less intrusive, under-the-hood Microsoft Security Essentials like service, but done Apple style.
Apple’s definition update to combat iWorm covers three different variants OSX.iWorm.A, OSX.iWorm.B, and OSX.iWorm.C. ZDNet reported that unlike the last big Mac OS X infection known as Flashback, which utilized fake Adobe Flash installers to infect 600,000 computers, iWorm’s impact was not as vast and was not out as long.
“By September 29 there were 18,519 unique IP addresses connecting to the botnet, with around a quarter beaconing in from the US, followed by over 1,200 Macs each in the UK and Canada.”
The Flashback infection went completely unanswered for a week after being found. It is suggested that if you own a Mac, you might want to do this update as soon as possible, but that should go without saying.
Are you concerned about new and emerging Apple Mac OS X threat and are you happy with their response turnaround?
Leave your thoughts below.
[ Images Via Pixabay And Wikimedia Commons ]