17,000 Macs infected with botnet malware controlled via RedditOctober 4, 2014 - 13:03 AMT PanARMENIAN.Net - Russian security company Dr. Web has discovered a flaw in the Mac OS X, which enables hackers to control infected computers using a search service at Reddit. The company says at least 17,000 unique IPs have been hacked, mostly in the US, according to RT. Dr. Web security experts discovered several threats to the MAC OS X after conducting a check in September, the Russian company said in a statement on its website. “One of them turned out to be a complex multi-purpose backdoor that entered the virus database as Mac.BackDoor.iWorm,” the statement reads. It has not yet been determined how the malware spreads, but Russian experts say that once a Mac has been infected, the software establishes a connection with the command server. “It is worth mentioning that in order to acquire a control server address list, the bot uses the search service at reddit.com, and – as a search query – specifies hexadecimal values of the first 8 bytes of the MD5 hash of the current date,” the security company said. “The reddit.com search returns a web page containing a list of botnet C&C servers and ports published by criminals in comments to the post minecraftserverlists under the account vtnhiaovyd.” "Criminals developed this malware using C++ and Lua. It should also be noted that the backdoor makes extensive use of encryption in its routines. During installation it is extracted into /Library/Application Support/JavaW, after which the dropper generates a p-list file so that the backdoor is launched automatically," the company added. The Mac.BackDoor.iWorm is likely to send spam emails, flood websites with traffic, or mine bitcoins. Dr. Web says 17,000 Macs were compromised by the botnet malware as of September 26. Most of them (4,610) were in the United States. Canada ranked second, with 1,235 comprised addresses, followed by the United Kingdom with 1,227 addresses. Top stories Yerevan will host the 2024 edition of the World Congress On Information Technology (WCIT). Rustam Badasyan said due to the lack of such regulation, the state budget is deprived of VAT revenues. Krisp’s smart noise suppression tech silences ambient sounds and isolates your voice for calls. Gurgen Khachatryan claimed that the "illegalities have been taking place in 2020." Partner news Most popular in the section | Welcome to CaseKey 2024. Byblos Bank Armenia firmly stands by future innovators Strategic business cases, invaluable experience, innovative approaches and more than 25 events are in store for the participants of CaseKey 2024. Macron honors Charles Aznavour on 100th anniversary French President Emmanuel Macron has paid tribute to the memory of French-Armenian crooner Charles Aznavour. Erdogan’s approval rating falls below 40 percent: survey A total of 53.4 percent of respondents said they disapprove of the performance of Erdoğan. Blinken says U.S. reviewing a number of aid requests from Armenia He said the U.S. is reviewing the requests to determine what more it can do to increase its assistance to Armenia. |