From: InfoSec News (alertsinfosecnews.org)
Date: Fri Apr 17 2009 - 04:17:34 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://arstechnica.com/apple/news/2009/04/evidence-suggests-first-zombie-mac-botnet-is-active.ars

By Chris Foresman
Ars Technica
April 16, 2009

If you let yourself get tempted into installing the pirated versions of
iWork or Photoshop CS4 that circulated on Bit Torrent earlier this year,
you may have unwittingly turned your Mac into a zombie. Security
researchers for Symantec have turned up evidence that these zombie
machines are being used to create a Mac-based botnet.

Botnets are used to perform DDoS attacks on systems, gather sensitive
personal information, and send out a majority of the spam that clogs up
the 'Net. While commonly made out of infected Windows computers, this is
the first known attempt to create one from Macs.

The two variants of the iServices trojan, OSX.Trojan.iServices.A and
OSX.Trojan.iServices.B, have been implicated in at least one DDoS
attack. According to researchers Mario Ballano Barcena and Alfredo
Pesoli, the malware has peer-to-peer communication, remote start-up, and
encryption capabilities.

"The code indicates that, wherever possible, the author tried to use the
most flexible and extendible approach when creating it—and therefore we
would not be surprised to see a new, modified variant in the near
future," according to their report. They also noted that the person who
activated the botnet is not the same as the original author of the
malware code.

[...]

_______________________________________________
Best Selling Security Books and More!
http://www.shopinfosecnews.org/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]