Apple Updates Xprotect Malware Definitions To Stop 'iWorm' Mac Botnet

Bragg Damm

1 min read
Apple Updates Xprotect Malware Definitions To Stop 'iWorm' Mac Botnet


Apple has updated its XProtect blacklisting system for OS X this weekend to take care of the recent iWorm attacks that allegedly infected more then 18,000 Macs. As noted by MacRumors and Business Insider, a change to the XProtect.plist file, which was released on October 4 contained definitions to protect users from three variants of the iWorm malware, including OSX.iWorm.A, OSX.iWorm.B, and OSX.iWorm.C.



The malware was discovered by security researchers at Russian anti-virus company Dr Web, the iWorm malware targeted OS X machines, forming an organized botnet using a server list posted on Reddit. Although it is not specific how the malware spread, a report from The Safe Mac suggests that the malware was distributed with pirated Mac software downloaded from The Pirate Bay.



In addition to Apple's anti-malware actions, Reddit also shut down an untrue Minecraft subreddit and banned the account responsible for posting the iWorm botnet server list on the subreddit's forums. iWorm-controlled Macs are not able to connect to botnet servers that are used by hackers to send instructions.
Xajwm's blog

Sign up for more like this.

Enter your email
Subscribe