Mac botnet used for DDoS attacks
Monday, April 20, 2009
Web security researchers have uncovered what is being called one of the first documented cases of distributed denial of service (DDoS) attacks launched from a Mac OS X botnet.
Researchers for security firm Symantec reported that malicious files embedded in pirated copies of Apple's iWork 09 and Adope Photoshop CS4 have been used to take control of Macs using the p2p torrent network, according to ZDNet.
"The author of the malware downloaded the original/trial versions of each program and introduced a copy of the malicious binary into the packages," the researchers wrote, ZDNet reported. "Users who then downloaded and installed the applications from the torrent download would have been infected. It is estimated that thousands of people have downloaded the infected torrent files."
Roughly 20,000 Mac users downloaded malware versions of iWork 09 before a Mac security software company publicized news of the Mac Trojan embedded in the software.
The Security Fix blog for the Washington Post reported that the "iBotnet" is not the first case of DDoS attacks being launched from a Mac botnet, as some researchers have claimed. The blog reported an earlier botnet from 2006 that involved Macs.
Related News:
Rogue Facebook apps sending phishing spam - 8.20.2009
A number of rogue applications have been spotted on Facebook by security researchers from Trend Micro. The apps include one called "sex sex sex and more sex" that takes users to a phishing website for stealing login credentials.
Spam pharmacies get ads on Yahoo, Bing - 8.18.2009
More than 80 percent of internet pharmacies advertising on Yahoo offer prescription-only medications without a proper prescription, according to researchers who earlier found similar laxity in policing online pharmacy ads on Bing.
Hackers use Twitter to control botnets - 8.14.2009
A web security researcher has discovered accounts on Twitter that act as command and control (C&C) centers for directing botnets - networks of malware-infected PCs that can be directed to send spam or launch denial of service attacks.
Google joins board of National Cyber Security Alliance - 8.13.2009
Eric Davis, head of anti-malvertising at Google, has joined the board of directors of the National Cyber Security Alliance (NCSA), a public-private nonprofit dedicated to raising awareness of online security threats.
Half of all malware attacks last just 24 hours - 8.13.2009
Hackers who write malicious programs - malware - are creating about 37,000 new Trojans, viruses and other internet threats every day. But 52 percent of new malware is gone in a day, according to a report from web security firm Panda Security.
|
