17,000 Macs are infected and can be controlled

Discussion in 'macOS' started by Hieveryone, Oct 3, 2014.

  1. Hieveryone macrumors 68030

    Joined:
    Apr 11, 2014
    #1
  2. simonsi macrumors 601

    simonsi

    Joined:
    Jan 3, 2014
    Location:
    Auckland
    #2
    Malware. It still requires an admin password and concious installation by the owner, it cant install itself, nor spread from machine to machine.
     
  3. 556fmjoe macrumors 65816

    556fmjoe

    Joined:
    Apr 19, 2014
    #3
    Maybe. Unless there has been an update, nobody knows yet how this one works.
     
  4. simonsi macrumors 601

    simonsi

    Joined:
    Jan 3, 2014
    Location:
    Auckland
    #4
    Yes they do

    http://news.drweb.com/show/?i=5977&c=5&lng=en&p=0

    Looks like it hides itself as a JavaW app and needs installing just as any malware does.

    More interestingly if the command method has been intercepted (both the reddit search and the listed ip's can be blocked now), then the botnet is fatally compromised.
     
  5. 556fmjoe macrumors 65816

    556fmjoe

    Joined:
    Apr 19, 2014
    #5
    They didn't say how it is installed; only what it does once it is. I can't find any info on how it gets onto a system. A trojan would be the simplest way, but a browser vulnerability is a possibility as well.
     
  6. SavMBP15 macrumors 6502

    Joined:
    Mar 26, 2010

Share This Page