[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Sign-in]  [Mail]  [Setup]  [Help]  [Register] 

Status: Not Logged In; Sign In

Possible Trump Rally Attack - Serious Injuries Reported BULLETIN: ISRAEL IS ENTERING **** UKRAINE **** WAR ! Missile Defenses in Kiev ! ATF TO USE 2ND TRUMP ATTACK TO JUSTIFY NEW GUN CONTROL... An EMP Attack on the U.S. Power Grids and Critical National Infrastructure New York Residents Beg Trump to Come Back, Solve Out-of-Control Illegal Immigration Chicago Teachers Confess They Were told to Give Illegals Passing Grades Am I Racist? Reviewed by a BLACK MAN Ukraine and Israel Following the Same Playbook, But Uncle Sam Doesn't Want to Play "The Diddy indictment is PROTECTING the highest people in power" Ian Carroll The White House just held its first cabinet meeting in almost a year. Guess who was running it. The Democrats' War On America, Part One: What "Saving Our Democracy" Really Means New York's MTA Proposes $65.4 Billion In Upgrades With Cash It Doesn't Have More than 100 killed or missing as Sinaloa Cartel war rages in Mexico New York state reports 1st human case of EEE in nearly a decade Oktoberfest tightens security after a deadly knife attack in western Germany Wild Walrus Just Wanted to Take A Summer Vacation Across Europe [Video] 'Days of democracy are GONE' seethes Neil Oliver as 'JAIL' awaits Brits DARING to speak up Police robot dodges a bullet, teargasses a man, and pins him to the ground during a standoff in Texas Julian Assange EXPOSED Howling mad! Fury as school allows pupil suffering from 'species dysphoria' to identify as a WOLF "I Thank God": Heroic Woman Saves Arkansas Trooper From Attack By Drunk Illegal Alien Taxpayers Left In The Dust On Policy For Trans Inmates In Minnesota Progressive Policy Backfire Turns Liberals Into Gun Owners PURE EVIL: Israel booby-trapped CHILDRENS TOYS with explosives to kill Lebanese children These Are The World's Most Reliable Car Brands Swing State Renters Earn 17% Less Than Needed To Afford A Typical Apartment Fort Wayne man faces charges for keeping over 10 lbs of fentanyl in Airbnb 🚨 Secret Service Announces EMERGENCY LIVE Trump Assassination Press Conference | LIVE Right Now [Livestream in progress] More Political Perverts, Kamala's Cringe-fest On Oprah, And A Great Moment For Trump It's really amazing! Planet chocolate cake eaten by hitting it with a hammer [Slow news day]

Science/Tech
See other Science/Tech Articles

Title: 17,000 Macs infected with botnet controlled via Reddit
Source: [None]
URL Source: [None]
Published: Oct 4, 2014
Author: staff
Post Date: 2014-10-04 06:08:31 by Tatarewicz
Keywords: None
Views: 40

RT...

Russian security company Dr. Web has discovered a flaw in the Mac OS X, which enables hackers to control infected computers using a search service at Reddit. The company says at least 17,000 unique IPs have been hacked, mostly in the US.

Dr. Web security experts discovered several threats to the MAC OS X after conducting a check in September, the Russian company said in a statement on its website.

“One of them turned out to be a complex multi-purpose backdoor that entered the virus database as Mac.BackDoor.iWorm,” the statement reads.

It has not yet been determined how the malware spreads, but Russian experts say that once a Mac has been infected, the software establishes a connection with the command server.

“It is worth mentioning that in order to acquire a control server address list, the bot uses the search service at reddit.com, and – as a search query – specifies hexadecimal values of the first 8 bytes of the MD5 hash of the current date,” the security company said.

“The reddit.com search returns a web page containing a list of botnet C&C servers and ports published by criminals in comments to the post minecraftserverlists under the account vtnhiaovyd.”

image from http://st.drweb.com

"Criminals developed this malware using C++ and Lua. It should also be noted that the backdoor makes extensive use of encryption in its routines. During installation it is extracted into /Library/Application Support/JavaW, after which the dropper generates a p-list file so that the backdoor is launched automatically," the company added.

The Mac.BackDoor.iWorm is likely to send spam emails, flood websites with traffic, or mine bitcoins.

Dr. Web says 17,000 Macs were compromised by the botnet malware as of September 26. Most of them (4,610) were in the United States. Canada ranked second, with 1,235 comprised addresses, followed by the United Kingdom with 1,227 addresses.

Post Comment   Private Reply   Ignore Thread  

[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Sign-in]  [Mail]  [Setup]  [Help]  [Register]