General Discussion General discussion on...anything!

Reply
 
Thread Tools Display Modes
  (#1) Old
MoInSTL MoInSTL is offline
Super Moderator
 
MoInSTL's Avatar
 
Posts: 605
Join Date: Jan 2009
Location: St. Louis, Missouri
Send a message via AIM to MoInSTL Send a message via MSN to MoInSTL Send a message via Yahoo to MoInSTL
Default Researchers dissect world's first Mac botnet - 04-19-2009, 01:23 AM

http://www.theregister.co.uk/2009/04/16 ... _analysis/

Fresh research has shed new light on the world's first Mac OS X botnet, which causes infected machines to mount denial of service attacks.

Symantec researchers Mario Ballano Barcena and Alfredo Pesoli said the infections are the same ones described in this blog post from January.

In it, the blogger - a self-described designer and developer from Australia - said he awoke one morning to discover 100 per cent of his Mac laptop's resources were being consumed by a bunch of unfamiliar resources. After digging further, he found a foreign PHP script with root privileges was flooding an undisclosed website with data packets.

The botnet employs a peer-to-peer engine, encryption and a structure that allows it to dynamically adapt.

"The code indicates that, wherever possible, the author tried to use the most flexible and extendible approach when creating it - and therefore we would not be surprised to see a new, modified variant in the near future," the researchers write, according to ZDNet's Zero Day blog.

The botnet comes courtesy of two trojans dubbed OSX.Trojan.iServices.A and OSX.Trojan.iServices.B by Mac anti-virus provider Intego, which first documented them in January. The malware is surreptitiously included in copies of Apple's iWork 09 productivity suite and Adobe's Photoshop CS4 that are distributed on warez sites. Intego said three months ago more than 20,000 people had downloaded the rogue installers.

The Symantec research comes amid reports of a series of unpatched, actively-exploited holes in OS X and word that a researcher has figured out how to run shellcode on Apple's iPhone.

They are the latest reminder that Apple's growing market share - estimated to have reached about seven per cent in the fourth quarter of last year - hasn't been lost on malware authors. OS X users who have felt cavalier about installing unfamiliar titles on their machines have always done so at their peril, but that's especially true going forward.

According to the CBC, the Symantec researches add: "With malware authors showing an increasing interest in the Mac platform, we believe that more advanced [user interface] spoofing tricks may be seen in the future." ®


Studio 15 1558| Black Chainlink| i5-520M, |4GB RAM |500 GB HD@7200 |ATI HD 4570, 512K|Backlit|9 Cell|Web Cam|Windows 7 Professional x64
Reply With Quote
  (#2) Old
WolfKeeper WolfKeeper is offline
Retired Mini user
 
WolfKeeper's Avatar
 
Posts: 1,575
Join Date: Oct 2008
Default Re: Researchers dissect world's first Mac botnet - 04-19-2009, 01:53 AM

Heh.


Getting an iPad
Reply With Quote
  (#3) Old
unixfool unixfool is offline
Member
 
Posts: 60
Join Date: Feb 2009
Default Re: Researchers dissect world's first Mac botnet - 04-23-2009, 08:18 PM

I coulda sworn this was reported a few months ago by another news agency.

EDIT:

Ahah! Here is a recent posting on the subject. I knew I read about something very similar earlier in the year --

http://voices.washingtonpost.com/securi ... ardly.html


Obsidian Black Dell Mini 9n | gOS v3.1 Gadgets | 1gb RAM | 32gb SSD | 1.3MP camera
Reply With Quote
Reply

« Tiny Laptops, Now Nearly Free, Put PC Makers In A Bind | Info on Outlet Store »
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Copyright © 2008-2016 MyDellMini.com.