Chat Now Ask a question by chat

Home » Latest, Security » Dr Web, a Russian firm spotted a new Mac malware dubbed iWorm

Dr Web, a Russian firm spotted a new Mac malware dubbed iWorm

apple redditLately, a Russian security firm Dr Web spotted a new Mac malware “Mac.BackDoor.iWorm” that used Reddit to communicate with its command and control servers. The malware infected as many as 17,000 Mac PCs, primarily in the US, Canada and the UK.

Accroding to the company, “When Mac.BackDoor.iWorm is initially launched, it saves its configuration data in a separate file and tries to read the contents of the /Library directory to determine which of the installed applications the malware won’t be interacting with.”

Dr Web further added, “If ‘unwanted’ directories can’t be found, the bot uses system queries to determine the home directory of the Mac OS X account under which it is running, checks the availability of its configuration file in the directory, and writes the data needed for it to continue to operate into the file.”

The malware once entered on a victim’s machine, opens a port and waits for all the incoming signals. Then in order to communicate with the command and control servers, it then uses Reddit.

About Nidhi


is the Gizmo Gal for iYogi. A writer by choice and Gizmo Geek by nature, she brings the hottest and latest happening in the Gadgets’ world. So, when you need a peek inside the tech world, you know where the action is.

Leave a comment

*