[ISN] Evidence suggests first zombie Mac botnet is active

From: InfoSec News <alerts_at_private>
Date: Fri, 17 Apr 2009 04:17:34 -0500 (CDT)
http://arstechnica.com/apple/news/2009/04/evidence-suggests-first-zombie-mac-botnet-is-active.ars

By Chris Foresman  
Ars Technica
April 16, 2009

If you let yourself get tempted into installing the pirated versions of 
iWork or Photoshop CS4 that circulated on Bit Torrent earlier this year, 
you may have unwittingly turned your Mac into a zombie. Security 
researchers for Symantec have turned up evidence that these zombie 
machines are being used to create a Mac-based botnet.

Botnets are used to perform DDoS attacks on systems, gather sensitive 
personal information, and send out a majority of the spam that clogs up 
the 'Net. While commonly made out of infected Windows computers, this is 
the first known attempt to create one from Macs.

The two variants of the iServices trojan, OSX.Trojan.iServices.A and 
OSX.Trojan.iServices.B, have been implicated in at least one DDoS 
attack. According to researchers Mario Ballano Barcena and Alfredo 
Pesoli, the malware has peer-to-peer communication, remote start-up, and 
encryption capabilities.

"The code indicates that, wherever possible, the author tried to use the 
most flexible and extendible approach when creating it—and therefore we 
would not be surprised to see a new, modified variant in the near 
future," according to their report. They also noted that the person who 
activated the botnet is not the same as the original author of the 
malware code.

[...]


_______________________________________________      
Best Selling Security Books and More!
http://www.shopinfosecnews.org/
Received on Fri Apr 17 2009 - 02:17:34 PDT

This archive was generated by hypermail 2.2.0 : Fri Apr 17 2009 - 02:21:33 PDT