New botnet targets Apple computers

Here's yet another reminder for owners of computers running Apple's OS X that their machines are not totally malware-proof.

 

A new botnet involving a "complex multi-purpose backdoor" is turning OS X machines into potential zombies, security vendor Doctor Web said.

 

"Criminals can issue commands that get this program to carry out a wide range of instructions on the infected machines. A statistical analysis indicates that there are more than 17,000 unique IP addresses associated with infected Macs," it said.

 

It dubbed the new threat "Mac.BackDoor.iWorm."

 

Doctor Web said the new malware was developed using C++ and Lua, and uses encryption in its routines.

 

When Mac.BackDoor.iWorm is initially launched, it saves its configuration data in a separate file, then reads the contents of the /Library directory.

 

It eventually tries to open a port on an infected computer and awaits an incoming connection, and requests a remote site for a list of control servers.

 

But that's not all: the bot uses resources at Reddit.com, whose search can provide a web page containing a list of botnet C&C servers and ports.

 

Doctor Web said that as of September 26, the malware has infected 17,658 devices.

 

Most of them are in the United States while Canada ranks second and the United Kingdom ranks third. — Joel Locsin/TJD, GMA News