Number: IRCNE2014102332
Date: 2014/10/07
According to “itpro”, hackers have infected more than 17,000 Macs worldwide, and 1,227 in the UK, with the Mac.BackDoor.iWorm malware via social news site Reddit.
The cyber criminals managed to exploit a flaw in Apple's computer operating system by manipulating Reddit's search and comment functions.
Researchers at Russian antivirus company Dr Web revealed the flaw and said it gives a hacker remote access, allowing them to send commands to other computers to install more malware and, in some cases, launch spam campaigns and denial-of-service attacks.
The company said the hackers developed the malware using C++ and Lua and used encryption to carry out its actions.
When the hacker has managed to access the computer installation it is extracted into /Library/Application Support/JavaW folder and generates a p-list file so that the backdoor is launched automatically.
Independent security researcher Graham Cluley responded to the attack on his blog by saying it's not the first time Macs have been targeted with such a verocious campaign, although it's not as large scale as past attacks on Apple's computers.
"It isn’t anything like as big so far as the notorious Flashback worm which hit more than 600,000 Mac computers in early 2012," Cluley said.
He warned: "It is another timely warning that Mac users shouldn’t be fooled into thinking they are somehow immune from computer security threats. An anti-virus product should be part of your arsenal, if you value your privacy and the data you store on your Apple computer."
- 2