Friday, October 3, 2014
NEWS: Hackers Are Using Reddit to Connect 17,000 Macs to a Botnet
Bad news for Mac users: You're at risk for an insidious malware that will connect your computer to a botnet.
Hackers have developed a backdoor entry called "Mac.BackDoor.iWorm" that gains access to Macs and uses Reddit to connect the hacked computer with a command server. Once the computer is infected, the iWorm uses Reddit's search function to hunt down posts made by the hackers. These posts (on a Minecraft subreddit) provide server addresses, and the software uses the Reddit posts as a guide to connect to the botnet.
This gives them the option of using the infected computers for a variety of bad deeds, like attacking a website via DDOS attack or spamming the shit out of people.
It's not clear yet how they infect the Mac in the first place, but researchers for Doctor Web estimate that most of the infected Macs are in the United States.
There's no evidence that any of the estimated 17,658 Macs infected are actively getting used by the hackers, so that's good. But the attackers still managed to gain access to a large number of computers, and they may simply be quietly growing the network until it's large enough to execute something big.
To avoid infection, it's smart to keep your software updated (it's also just smart to keep your software updated in general). MacExperience also recommends that you set GateKeeper so it only runs digitally signed apps from the App Store, and that you put a password on your computer and keep access to Admin accounts at a minimum. All common sense stuff, but considering people keep making their passwords "password," it's worth a reminder.