The Mac botnet, a network of infected computers controlled by an attacker usually for malicious purposes, gained traction after attackers launched malicious software attached to pirated versions of the Mac productivity suite iWork '09, and Adobe Photoshop CS4 for Mac. The Mac malware spread on BitTorrent trackers and other peer-to-peer sites that contain links to pirated software.
Symantec researchers Mario Ballano Barcena and Alfredo Fesoli discovered that the two separate variants of the Mac malware have now developed into a full-fledged Mac botnet, complete with information-stealing code.
While the unlicensed iWork '09 software was completely functional, the installer contained a Trojan, known as OSX.Trojan.iServices.A, which was launched when iWork '09 was installed, according to a security advisory issued in January by Mac security company Intego.
Another Mac Trojan variant, OSX.Trojan.iServices.B, was found in a crack application attached to copies of Adobe Photoshop C54 for Mac, also spread through peer-to-peer file sharing sites.
The Trojan embedded itself into a crack in the application that serialized the program, Intego said. When users downloaded the pirated version of Photoshop, the application extracted an executable from its data, and then installed a backdoor with root privileges in a file directory.
The application then opened a disk image hidden in its resource folder and proceeded to crack the Photoshop program, allowing it to be used as a vehicle to spread the malware and further incorporate machines into a botnet.
Both Trojan variants connect to a remote server via the Web, which alerts the attackers when a machine is infected, enabling them to remotely connect to the affected computers in order to steal or view information for identity theft and other malicious purposes.
Intego said in January that more than 20,000 users were infected with the malicious installers.
Apple released the latest '09 version of iWork in January during the Apple MacWorld Conference & Expo in San Francisco, where it showcased changes to its word processor and spreadsheet applications.
Meanwhile, security experts maintain that Mac malware will continue to rise as Apple's market share grows. Intego said in its security advisory that users should avoid downloading Mac installers from sites that promote pirated software, as well as untrusted sources or suspicious Web sites.
"The risk of infection is serious, and users may face extremely serious consequences if their Macs are accessible to malicious users," Intego's advisory warned.
- Juniper Honors 12 Americas Partners
- Facebook And Four More Web Sites We Love To Hate
- Cisco Honors Top Partners During 2010 Partner Summit
- HP Salutes Top Partners At APC 2010 Award Show
- Upclose And Personal With AMD And friends
- Will Oracle's Phillips' Affair Revelation Be A Distraction?
- Apple, Microsoft Unlikely Allies Against Google
- HP-Microsoft Cloud Partnership Needs To Show Us The Goods
- Blog: It's Time For A Cybercrime Public Service Announcement
- Nortel Sell-Off Continues: Ethernet Business To Ciena?
- Want To Deploy Exchange 2007 SP2 In A Server 2008 R2 Domain? Sorry
- Apple Improves iTunes 9 With Syncing, Visual Enhancements
- Oracle Ad Refutes Sun Hardware Fears
- U.S. Copyright Chief Rips Google Book Deal In Testimony
- Apple Slashes iPod Price Tags
- Price Is Right? Asus To Launch Low-Cost E-Reader
- Microsoft Xbox 360 Consoles Fail More Often Than Wii, PS3
- Privacy Group To Congress: Stop Online Advertisers In Their Tracks
- Microsoft, Intel Tout Their Collaboration On Windows 7
- Tech Data Adds Integration Services With New Center
| • |
| • |
| • |
| • |
| • |
| • |
| • |
|
|
