Skynet’s birth: a Mac botnet is born

Well, it seems not all of the computers washed in unicorn tears are squeaky clean now.  Symantec has discovered a link between a malicious file that was inserted into pirated copies of iWork 09 and Adobe CS4 for the Macintosh.  The malware found in the packages introduce a PHP script that runs as root.  The script can attack web sites and cause denial of services.  Effectively, a Mac botnet has been created. It features a peer-to-peer engine and encryption.

It is estimated that several thousand Mac enthusiasts (we dare not call them thieves, after all, no self respecting Mac user would stoop so low as to steal software) downloaded the infected packages. 

Now, just so I get this right, lets recap:  the operating system that is supposed to ‘safe’ has been exploited, but not by some stupid programming error or buffer overflow but from stupid users.  Oh, wait, lets call them naive because they aren’t stupid.  After all, they did choose the better machine, right?  Anyway, these same users, feeling nice and warm and fuzzy about what they were doing and what they were using stole….err, borrowed…some software over a p2p network to, presumably, ‘test’ said software before paying a bundle…err, a premium…for ‘quality’ work (read that pretty.)  Said software contained something nasty.  I guess the unicorn tears just were not powerful enough this time.  Now those machines are part of a larger p2p network that will be used in some, undoubtedly, nefarious ways.  Welcome to the real world.

I can already hear the howls from the ‘washed masses’ of Mac users:  “well, those people allowed the malware to infect the machines.  We’re still safe.  After all, we all know better.” Right. 

While I have to admit that reading about this did bring a short smile to my face, I quickly realized that this is no laughing matter.  Windows or Mac, it really does not matter as nothing will ever be totally safe as long as people insist on bending or breaking rules or, worse, just not giving a damn.

Digg This


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s