Search This Blog

Powered by Blogger.

Blog Archive

Labels

New Mac OS X Botnet uses Reddit's Search function to get CNC servers list

What is very interesting is that this malware uses the search function of Reddit to get the Command and control(C&C) servers list from comments posted in a 'MineCraftServerLists' discussion section.

Security Researchers at Russian Antivirus company Dr.Web have published
details of a new botnet that targets Mac OS X.

What is very interesting is that this malware uses the search function of Reddit to acquire the Command and control(C&C) servers list from comments posted in a 'Mine Craft Server Lists' sub reddit.

The malware calculates MD5 hash of the current date and uses the first 8 bytes of the hash to search in reddit.  The result contains the Server IPs with port numbers.

The malware dubbed as 'iWorm' has reportedly infected more than 17,000 Mac computers - 4,610 of which are in the US.

The reddit account used by the cyber criminals appears to be removed.  However, it is not going to stop the bad guys from controlling their botnet, they either create a new account or use any other online services.
Share it:

Mac Malware

Malware Report