Dr. Web, a Russian research firm has released results from a survey which found that a new threat called as “Mac.Backdoor.iWorm” that targets Mac OS X desktops.
According to the survey, an affected Mac desktop can be used for data gathering and a variety of commands can be carried out remotely.
At the moment, more than 17,658 Mac desktops/laptops worldwide were reportedly affected by the malware with a quarter of users in the United States.
The malware uses a special method of spreading via Reddit in the form of posts to a Minecraft server list to collect the IP addresses for the command and control (CnC) network. The user which had posted the subreddit data has been shut down though the malware creators are likely to form another server list.
The malware, which had used Reddit search lists installs, creates an operation file and control servers are connected through a port request.
The Dr.Web report does not mention how the malware spreads, the “dropper” program allows it to be installed in the Library directory in the user’s folder under the name “JavaW“.
However, there are concerns regarding the malware as the new version may already be spreading through a different search engine like Reddit. The malware can send personal user data, change configuration or put a Mac to sleep.
Bitdefender currently identifies the malware while developer Jacob Shamela has posted the steps for OS X that will alert the user about the attack.
Via The Next Digit