Home > Cloud Computing > Cloud Security

New malware iWorm has infected 17 thousand Mac computers worldwide

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

New malware iWorm has infected 17 thousand Mac computers worldwide

Information security researchers recently discovered that more than 17 thousand Mac computers worldwide have been infected with a new OS X malware called iWorm. The malware used the Reddit website as a media for stealing user data, triggering various system operations, and executing Lua scripts.

Russian Information Security Research Company Dr. Web marked the malware as "Mac. BackDoor. iWorm" in the virus database ". This is a complex backdoor software that can execute multiple commands on an infected Mac computer to steal user data and remotely control the system.

After iWorm is mounted to a Mac computer, the software creates an executable file, opens a port, and sends a request to multiple control servers for further instructions. Specifically, this malware can call Reddit's search service to obtain a list of botnet servers.

Reddit has blocked the requests sent by the malware, but iWorm developers may have created another server list through other search services. The researchers have not found which search service the software uses.

After iWorm connects to the command and controls the server, the command will be pulled in binary format and Lua script. The server can then send other malware or engage in other malicious activities to the infected computer.

IWorm itself can collect and send sensitive user information, set parameters in the configuration file, trigger GET requests, enable the Mac computer to sleep, disable some nodes, or run Lua scripts.

Because iWorm is extracted to a folder in OS X, you can easily check whether your Mac computer is infected with this malware. You only need to click the Go-> Go to Folder option in the Finder menu of OS X, and then enter the path "/Library/Application Support/JavaW. If OS X cannot find this folder, the Mac is safe. If you can find this folder, you need to install anti-virus software to clear iWorm from the hard disk.

According to Dr. Web's iWorm statistical analysis, by September 26, the malware had infected 17658 Mac computers.

This article permanently updates the link address:

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More