First Mac Botnet has arrived - New York Times
April 17, 2009, 6:25 PM
Mac Security III: The Rise of the Botnets
By RIVA RICHMOND
Malicious programs for Macs are rare and, even when they do show
up, rather primitive. Well, they just got a little less rare and a bit
A pair of researchers at security software maker Symantec have
found what may be the first successful Mac "botnet," ZDNET reports.
A botnet is a group of computersoften home machinesthat have
been quietly infiltrated, commandeered and networked by attackers
so they can be used to carry out any number of nefarious acts. This
one has apparently been launching denial-of service attacks against
an unnamed Web site, which means it has been hitting the site with
tons of Web traffic in an effort to knock it out of service.
According to the Symantec researchers, the botnet has some
sophisticated capabilities that suggest the work of an experienced
programmer who may have rented out his creation to someone else
who actually used it to launch denial-of-service attacks, a common
business model seen in botnets formed from Windows PCs.
Attackers created the botnet by seeding BitTorrent and other
file-sharing sites with pirated software that contained a Trojan
Horse. Some 20,000 Mac users had downloaded bad copies of
Apple's iWork 09 by the time Intego, a security software company
that sells products for Macs, publicized its findings in January.
Intego found a second version of the Trojan a few days later inside
copies of Adobe Photoshop CS4 for Mac.
This activity is still somewhat primitive, says security researcher
Dino A. Dai Zovi, an independent security researcher and author
of "The Mac Hackers Handbook." "Trojaned pirated software is still
an early phase in the rise of malware on a platform. But that means
that more hostile attacks can't be too far behind."