More than 17000 Macs affected by Reddit-powered malware

Having a secured system is becoming more and more important with every passing day; and there are a number of reasons behind this.

While for users, keeping their smartphones, tablets, and computers have become important as most of them have begun making monetary transactions on these devices, security researchers are suggesting people to focus more on security of their systems as they believe that the malware, spyware and viruses have become more powerful than ever before. These researchers are continuously carrying out studies to locate new entities infecting devices to keep the systems, as well as the users’ information secured.

One such study conducted by the researchers at the Russian malware research firm Dr. Web has found that a new threat called “Mac.Backdoor.iWorm” is specifically targeting desktops running on Mac OS X. Individuals with malevolent intent can use the affected Mac desktops to gather data and carry out a range of commands remotely.

The study has revealed that to date as many as 17.658 Mac computers have been affected worldwide; almost 25% of these affected systems belong to users living in the US. The malware spreads via the social networking service Reddit using a unique method. It arrives as posts to a Minecraft server list for collecting IP addresses for CnC or command and control network.

Reddit has shut down the user posting these sub reddit data; however, it is believed that the creators of Mac.Backdoor.iWorm will soon build another server list. Mac.Backdoor.iWorm works by installing, and creating operation files; port requests, on the other hand, are used for connecting control servers.

Although reading the report presented by the Dr. Web team will not tell you the procedure adopted by the malware for spreading, you will get to know about the “dropper” program, which allows the malware to get installed into the JavaW folder’s Library directory.

The list of computers affected by this malware includes units at the Marist College in New York (all these computers run on the institution’s private cloud) and Slovakia. The researchers are particularly worried as they feel that the creators might have already been ready with an updated version of the malware; many are also worried as they believe that the new version may have already found its way into a number of systems through search engines like Reddit.

Some of the most worrying functions of this unique malware are its ability to transport personal data, put affected Macs to sleep or change the configuration of affected Macs. To ensure that users don’t fall prey to any of these functions of Mac.Backdoor.iWorm, developer Jacob Shamela, has come up with some steps that will alert OS X users about the malware attack. However, Mac has not yet come up with any official solution to this problem.

Tagged with

Leave a Reply

Your email address will not be published. Required fields are marked *

one + 12 =