Macintosh botnet on the march

Thu Apr 23, 2009 2:11PM EDT

See Comments (225)

A common refrain when I post about Windows security vulnerabilities like Conficker is "Get a Mac!" thanks to their long history of being comparatively secure next to Windows PCs.

Those days may be about to change. Already this year a handful of exploits that target the Mac platform have begun to trickle out. Now comes news that one of those attacks which infect MacOS computers exclusively continues to spread and has been at least moderately successful in forming a botnet, a network of computers that come under the control of a remote attacker, usually with the goal of creating a coordinated attack on other machines (or, for example, sending spam en masse). 

The new network of infected machines is being called the iBotnet and is so far limited in its prevalence -- only a few thousand Macs are thought to be infected to date -- but as CNN notes, it's another ominous step toward the end of the Mac's free ride on the security train, as malicious hackers target the increasingly popular computing platform now that it's in use by a significant enough number of people to merit attention.

The botnet is being spread through pirated copies of the iWork application, the same mechanism I wrote about in January. But efforts to thwart the spread of the Trojan horse appear to have been stymied, as the botnet continues to rumble along. Apple says it is working to secure its machines from the attack (well of course it is...), but some are now starting to wonder whether the time is here for Mac users to consider installing security software, the kind of protection which is absolutely required on PCs these days.

Many of the Mac faithful say it's not yet mandatory, but I'm not so sure. Today's Mac malware may be relatively rare and largely innocuous, but that usually indicates that worse storms are on the horizon as hackers figure out how to take an idea and run with it. Better to protect yourself now before something truly awful makes headlines.

Should you install a Mac security application today? It might not be such a bad idea. And, some good news: at least one free anti-malware application is available for the Mac, too.

Comments on Macintosh botnet on the march

Post a Comment

Join in the discussion. Here you'll see the comments in the order they were posted.

  • 26 Posted by bryanatt on Thu Sep 3, 2009 3:14PM EDT Report Abuse

    Well considering you have to download a pirated copy of iWork and then authorize the install with your password, I'd say it's not a really big threat yet. The moment the viruses start installing themselves, like they can on a PC, is the moment I get antivirus for my mac.

  • 27 Posted by jewelryczar on Thu Sep 3, 2009 4:34PM EDT Report Abuse

    But so far the trojan only infects people who have illegally downloaded the infected copy of iWork, right? Those of us who don't break the law and actually pay for retail software are still safe? At the risk of sounding unpopular, I think if you download illegal software you deserve to get trojans and malware.

  • 28 Posted by teethofgold on Thu Sep 3, 2009 9:59PM EDT Report Abuse

    jewelryczar... I consider downloading illegal files as having unprotected sex with the internet. if you do it... don't be surprised to wake up with warts!

  • 29 Posted by guitarsrock777 on Thu Sep 3, 2009 4:14PM EDT Report Abuse

    ok well i have a mac.... i also use macs all the time at school.. i think they are great computers! this is one little prblem with a mac and everybody makes a HUGE deal out of it!!! if their is a new virus for a pc unless it is a huge one u dont hear about it. so get over yourself. MACS ROCK!!!

  • 30 Posted by stone-1@sbcglobal.net on Thu Sep 3, 2009 9:45PM EDT Report Abuse

    i have worked with pc,s for about 17 yrs.and never had a virus until i installed a virus protection program on two of my machines,who stands to profit most from a mac virus,who has the time and money to invest in the wrighting of a viruses for any machine,think about it.

  • 32 Posted by nekogami13@sbcglobal.net on Thu Sep 3, 2009 7:35PM EDT Report Abuse

    Any person with an ounce of common sense is immune from this. Never download any software from an untrusted source-regardless of your OS. If you download shady software, give it your admin password during install-you get what you deserve. Regardless of your OS.

  • 33 Posted by nekogami13@sbcglobal.net on Thu Sep 3, 2009 7:35PM EDT Report Abuse

    To all the people cackling about a mac virus-one does not exist. This exploit is a trojan horse-not a virus. To educate yourself as to the difference, go here: http://en.wikipedia.org/wiki/Malware

  • 34 Posted by hopuptincat on Thu Sep 3, 2009 4:20PM EDT Report Abuse

    The comment by sturnerlee is funny, "doesn't make it worth creating a bug for." As if writing a virus is worthy of something!

  • 35 Posted by mynameisdjakshun on Thu Sep 3, 2009 7:31PM EDT Report Abuse

    the bug was probably created by someone jealous of Mac's over at the microsoft labs

  • 36 Posted by inque@sbcglobal.net on Thu Sep 3, 2009 4:24PM EDT Report Abuse

    Well to all the PC fools out there who think that they are some how vindicated; it's a Trojan Horse! It's not like the Mac user went to some website and boom they were infected. Someone infected a piece of software and tricked people into downloading it and using it. There is not now, nor will there ever be a defense against a trojan horse. A trojan horse will ALWAYS ALWAYS bypass every security measure you put against it because it is voluntarily downloaded and launched as trusted. The ONLY thing you can do is clean up AFTER the malware is discovered. THIS IS NOT A VIRUS! YOU ARE NOT VINDICATED! EDUCATE YOURSELF BEFORE YOU OPEN YOUR MOUTH. Well, I guess if you were the type of person to educate yourself you wouldn't be using a PC now would you?

  • 37 Posted by ashfun1 on Thu Sep 3, 2009 2:58PM EDT Report Abuse

    Isn't it easier not to download a pirated copy of iWork. The botnet is being spread through pirated copies of the iWork application

  • 38 Posted by vernasm on Thu Sep 3, 2009 10:33PM EDT Report Abuse

    This is in response to mblaha2003. You are wrong. Aids can be contactd through contaminated blood during a trans fusion. My niece's husband contacted Aids through a blood transfusion some time before his death to Aids.

  • 39 Posted by ptbrown1086 on Thu Sep 3, 2009 8:21PM EDT Report Abuse

    It only works on Intel based Macs. Is there one out there for PPC Macs?

  • 40 Posted by ja_rice on Thu Sep 3, 2009 4:30PM EDT Report Abuse

    iAntiVirus only works for new macs. I have an older iMac. Any suggestions?

  • 42 Posted by qumbyrhcp on Thu Sep 3, 2009 8:24PM EDT Report Abuse

    I use Macs and PC for both work and personal use (just so people don't think I'm a Mac fanboy). I find it interesting that people are still considering this a threat at all. Its really a pretty week "virus" to begin with, and the only way you can get it on your computer is downloading illegal software. In my opinion the lesson here shouldn't be get anti-virus on your Mac, but rather don't download pirated software.

  • 43 Posted by freshtalent26 on Thu Sep 3, 2009 4:03PM EDT Report Abuse

    This blog is only carrying on because of the stupidity of PC users who are just jealous they can't afford a Mac. Idiots listen up- more than 90% of Mac users are just former PC users who wanted more so they EVOLVED and got themselves a MAC. PC's are like things made by the government- useless, unstable and just don't work properly. - and will charge you more money to help "protect you" from viruses they can't prevent in the first place. Please show me a Mac user who has ever switched over to a PC. That would be like an American trying to sneak into Mexico for the benefits. Just doesn't happen unless someones retarded. Thank you

  • 44 Posted by g_kevin1 on Thu Sep 3, 2009 4:15PM EDT Report Abuse

    hmmm. mac to work and for jobs and i think pc to just chill. but either way they are both great computer programs in which both can be made better.

  • 45 Posted by g_kevin1 on Thu Sep 3, 2009 4:15PM EDT Report Abuse

    hmmm. mac to work and for jobs and i think pc to just chill. but either way they are both great computer programs in which both can be made better.

Post a Comment

Sign In to Post a Comment

My Tech

Please enable your browser's cookies to activate the My Tech column.

Also on Yahoo! Tech

Computers Home Office Wi-Fi & Networking Phones & PDAs Cameras & Camcorders TV & Home Theater Portable Audio
 

Site Map | Tour | Subscribe to Yahoo! Tech

Question and Answer content at Yahoo! Tech is written by Yahoo! users at Yahoo! Answers. Yahoo! does not evaluate or guarantee the accuracy of any Yahoo! Answers content. For more information, read the Full Disclaimer.

Opinions expressed by the Advisors are their own and do not necessarily reflect the views of Yahoo! Inc. Yahoo! receives no compensation from any manufacturer or distributor nor does it compensate any Advisor for the coverage of any product or service in any Advisor's content.