Cyber Criminals Building Botnet Using only Mac PCs

According to researchers at Symantec, an online security company, a malware piece, Trojan OSX.Iservice that inadvertently spread across a P2P (peer-to-peer) network is perhaps the first malicious code used by criminals to build a botnet of Mac PCs.

Symantec reports that once Trojan OSX.Iservice was downloaded, it concealed itself inside counterfeit version of iWork'09, an Apple application as well as inside the Mac edition of Adobe Photoshop CS4. Both these applications are commonly shared on well-known P2P bittorrent network.

Although the software programs function smoothly, the Trojan attack creates a "backdoor" component on the hijacked PC that enables it to establish contact with other computers within the P2P network to follow commands.

Two researchers Alfredo Pesoli and Mario Barcena from Symantec Ireland have said that the infected computer network tried to cause a denial-of-service condition to an Internet site during January 2009.

According to them, the OSX.Iservice malware aroused considerable interest. It not only made use of Mac OS software, but also responsible for the first botnet with Mac computers, the researchers explained, as reported by mac.blorge on April 17, 2009.

Symantec also reports that the 'OSX.Iservice' botnet that the company has dubbed 'iBotnet' infected only some thousands of PCs prior to its identification.

Pesoli and Barcena state that as the Mac platform is becoming increasingly interesting for malware authors, security researchers are tending to believe that there would be more sophisticated spoofing tricks based on user interface in the coming days.

In the meantime, with the news of iBotnet spreading, experts at Symantec advise Mac users to remain cautious against websites harboring malware for infecting computers.

They warn that once such a malware piece finds a place on the end-user's PC, it could perform all that the hacker commands it to do. They also warn that if Mac users think they are safe from threats, they are mistaken and are playing gamble with their data's security.

Besides, it was only during the end week of March 2009 when Mac users were reportedly infected with a malicious program. This program, Trojan OSX/RSPlug, was being spread through a legitimate appearing website that supplied HDTV software.

Related article: Cyber Child abuser Sentenced To Imprisonment

» SPAMfighter News - 4/23/2009