New Malware Hijacks Macs; Uses Reddit to Communicate

A new malware known as Mac.BackDoor.iWorm is targeting Mac OS X computers to steal users` personal data and hijack them into a criminal botnet, according to virus researchers.

The multi-purpose backdoor has apparently infected about 17,500 Macs worldwide so far. It`s still unknown how it infiltrates users` machines. The malware disguises itself as the application com.JavaW and sets itself to autostart. After installation, the malware assesses the system to discover what other software is installed on the infected machine and leaks information about it.

If the bot finds no directories that could interfere, it opens a port on an infected computer and looks for a server to connect to. It sends a request to a remote site to acquire a list of malicious control servers, connects to them and awaits further instructions.

The attackers apparently use the search function embedded in social-networking site Reddit to find comments left by their partners in crime in a Minecraft thread. Once connected to the control and command server, criminals can send instructions to send spam emails, mine Bitcoins or overload websites with traffic that eventually crashes them.

Bitdefender users are advised to use a multi-layered anti-malware solution for their Macs. Bitdefender Antivirus for Mac detects and eradicates this threat as Mac.OSX.iWorm.D, Mac.OSX.iWorm.B, Mac.OSX.iWorm.C and Mac.OSX.iWorm.