Mac Hack Shows Apple Apps Vulnerable to Botnets

Home

Graphics Tools

Mac Hack Shows Apple Apps Vulnerable to Botnets
By Larry Seltzer
2009-04-20

Article Rating:

/ 6

Rate This Article:

Add This Article To:

Digg this

Del.icio.us

Slashdot

Y! My Web

E-mail

Furl

Google

Simpy

Spurl!

PDF Version

The malware seeded by pirated software months ago and creating what was dubbed iBotnet by Symantec security researchers proves the concept of botnets on Apple systems, but doesn't achieve major botnet status.

An article in the April issue of Virus Bulletin by two Symantec researchers says malware for the Apple Macintosh from January was used to create a botnet, and that the botnet attempted a denial-of-service attack.

The malware attacks at the time were noteworthy: They hid inside what apparently pirated copies of Apple's iWork software and Adobe Photoshop CS4. The programs were spread through BitTorrent and other peer-to-peer networks.

Symantec identified the malicious code as OSX.Iservice. According to Mario Ballano Barcena and Alfredo Pesoli of Symantec Ireland, OSX.Iservice created a backdoor on the systems that allowed control to be issued from a small number of specific hosts. A remote attacker could use a vocabulary of 31 commands: socks, system, httpget, httpgeted, rand, sleep, banadd, banclear, p2plock, p2punlock, nodes, leafs, unknowns, p2pport, p2pmode, p2ppeer, p2ppeerport, p2peertype, set, get, clear, abortall, p2pihistsize, p2pihist, platform, script, sendlogs, uptime, uid, shell, and rshell.

Barcena and Pesoli identify this as the first attempt to create a botnet of Macs, and say that in January the botnet attempted to perform a DoS attack on a Website. They find the Photoshop version of the bot especially interesting in that it abuses some of the Mac OS' own authorization interfaces.

Read the rest of this article on eWEEK.com.

	Discuss Mac Hack Shows Apple Apps Vulnerable to Botnets

	>>> Be the FIRST to comment on this article!



	>>> More Graphics Tools Articles >>> More By Larry Seltzer

Email Article To Friend ♦ Print Version Of Article ♦ PDF Version Of Article

Buyer's Guide

	Explore hundreds of products in our Publish.com Buyer's Guide.

	Web design Content management Graphics Software Streaming Media	Video Digital photography Stock photography Web development

View all >

FREE ZIFF DAVIS ENTERPRISE ESEMINARS AT ESEMINARSLIVE.COM

Dec 10, 4 p.m. ET
Eliminate the Drawbacks of Traditional Backup/Replication for Linux with Michael Krieger. Sponsored by InMage

Dec 11, 1 p.m. ET
Data Modeling and Metadata Management with PowerDesigner with Joel Shore. Sponsored by Sybase

Dec 12, 12 p.m. ET
Closing the IT Business Gap: Monitoring the End-User Experience with Michael Krieger. Sponsored by Compuware

Dec 12, 2 p.m. ET
Enabling IT Consolidation with Michael Krieger. Sponsored by Riverbed & VMWare

Join us on Dec. 19 for Discovering Value in Stored Data & Reducing Business Risk. Join this interactive day-long event to learn how your enterprise can cost-effectively manage stored data while keeping it secure, compliant and accessible. Disorganized storage can prevent your enterprise from extracting the maximum value from information assets. Learn how to organize enterprise data so vital information assets can help your business thrive. Explore policies, strategies and tactics from creation through deletion. Attend live or on-demand with complimentary registration!

Register Today!

FEATURED CONTENT

IT LINK DISCUSSION - MIGRATION
A Windows Vista® migration introduces new and unique challenges to any IT organization. It's important to understand early on whether your systems, hardware, applications and end users are ready for the transition.
Join the discussion today!

.NAME Charging For Whois
Whois has always been a free service, but the .NAME registry is trying to change that.
Read More >>

Sponsored by Ziff Davis Enterprise Group

NEW FROM ZIFF DAVIS ENTERPRISE

Delivering the latest technology news & reviews straight to your handheld device

Now you can get the latest technology news & reviews from the trusted editors of eWEEK.com on your handheld device
mobile.eWEEK.com

RSS 2.0 Feed

Publish.com

Google Watch

Google GPay Patent Whets the Wireless Thirst

Google Drops Curtain on Home Decor Trademark Suit

Google News Goes Straight to the Source

Video Interviews

Designing Apps for Usability
DevSource interviews usability pundit Dr. Jakob Nielsen on everything from the proper attitude for programmers to the importance of prototyping in design to the reasons why PDF, Flash and local search engines can hurt more than they help.

BUYER'S GUIDES

• Content management

• Digital photography

• Graphics Software

• Stock photography

• Streaming Media

• Video

• Web development

• Web design

View all >

	Publish: Contact Us \| Advertise \| Site Map

	Ziff Davis Enterprise Home \| Contact Us \| Advertise \| Link to Us \| Reprints \| Magazine Subscriptions \| Newsletters Tech RSS Feeds \| White Papers \| ROI Calculators \| Tech Podcasts \| Tech Video \| VARs \| System Builder
	Baseline \| Careers \| Channel Insider \| CIO Insight \| DesktopLinux \| DeviceForge \| DevSource \| eSeminars \| eWEEK \| Enterprise Network Security \| LinuxDevices \| Linux Watch \| Microsoft Watch \| Mid-market \| Networking \| PDF Zone \| Publish \| Security IT Hub \| Strategic Partner \| TechDirect \| Web Buyer's Guide \| Windows for Devices
	Developer Shed \| Dev Shed \| ASP Free \| Dev Articles \| Dev Hardware \| SEO Chat \| Tutorialized \| Scripts \| Code Walkers \| Web Hosters \| Dev Mechanic \| Dev Archives \| igrep Use of this site is governed by our Terms of Use and Privacy Policy
	Copyright ©1996-2013 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. Publish is a trademark of Ziff Davis Enterprise, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.