Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Hackers Have Found A Flaw In Macs And Are Using It To Control 17,000 Apple Computers ... Via Reddit
Business Insider ^ | 10/03/2014 | James Cook

Posted on 10/03/2014 8:06:46 AM PDT by SeekAndFind

Criminals have discovered a flaw in OS X, the Mac operating system, and are using it to control thousands of Apple computers around the world.

The Russian security company Dr. Web first discovered the software, known as "Mac.BackDoor.iWorm." We don't yet know how the software spreads, but Dr. Web has released information on the clever way it connects to the criminals who control the program.

When a Mac is infected with Mac.BackDoor.iWorm, the program tries to make a connection to a command server. The iWorm reportedly uses Reddit's search function to find comments left by the criminals in a Minecraft discussion section of the site. (Minecraft is the block-building video game published by independent publisher Mojang, which Microsoft purchased for $2.5 billion in September.)

Here's a screenshot showing the Reddit posts the criminals used to control their hacked computers:

(Excerpt) Read more at businessinsider.com ...


TOPICS: Business/Economy; Computers/Internet; Society
KEYWORDS: apple; computers; hacking; mac; macexploit
Navigation: use the links below to view more comments.
first previous 1-2021-4041-58 next last
To: minnesota_bound
Reddit is the site the stolen nude celeb photos were released on.

That explains how they got the 17,000 mac users.

21 posted on 10/03/2014 9:38:31 AM PDT by showme_the_Glory ((ILLEGAL: prohibited by law. ALIEN: Owing political allegiance to another country or government))
[ Post Reply | Private Reply | To 9 | View Replies]

To: SeekAndFind; Swordmaker

I still don’t believe it. Swordmaker guaranteed us this is impossible on OSX.

We will just have to wait to see how we can blame the users for this issue.


22 posted on 10/03/2014 9:50:22 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 1 | View Replies]

To: BwanaNdege

I would say MVS/TSO or VAX VMS, actually, if you’re going to go back that far... ;) Ah, the good old days!


23 posted on 10/03/2014 10:24:40 AM PDT by dinodino
[ Post Reply | Private Reply | To 12 | View Replies]

To: SeekAndFind; ~Kim4VRWC's~; 1234; Abundy; Action-America; acoulterfan; AFreeBird; Airwinger; ...
I am VERY skeptical of this report. . . Dr..Web has reported finding a 17,000 member Mac botnet ( how do they EVEN know the number of infected Macs????) created by a new, never before seen "OSX iWorm" that they do not report how it works or how it can infect an OSX Mac. No other security company has seen this botnet or malware!

This is the same Dr. Web that a couple of years ago reported a 680,000 Macbot determined by the number of the UUIDs they claimed had connected into a "Honeypot intercept server." But no one has ever found a Mac member of that Dr. Web reported Botnet in the wild. The botnet ran on Java, which is platform agnostic, but Dr. Web only claim OSX was infected, and the modality required visiting an obscure Russian role play game character creation website to get infected, yet 95% of the claimed infections were in the US. Say what? The UUIDs they had listed in the Mac Botnet included UUIDs assigned to Apple for Macs that never had Java installed, had not yet been sold, or not yet even manufactured! The release of that Macbot claim coincided with the Release of Dr. Web's announcement of their entering the Mac antivirus market for business.

We are now entering the three week FUD SEASON before the October 21st Apple event where it is expected that Apple will announce new Macs. . . and Dr. Web is still pushing its business AV software. I remain VERY suspicious. — PING!


Apple Security Ping!

If you want on or off the Mac Ping List, Freepmail me.

24 posted on 10/03/2014 10:32:13 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: rlmorel
Only idiots say Macs are invulnerable to viruses.

And even bigger idiots regard those comments seriously and take issue with it.

The first version of OSX was released in 1998 in a server version in 1998. So in 16 years there have been no successful computer viruses on OSX FOR macs. There are approximately 50 known Trojan Horse programs — which are not computer viruses, but are malware—in seven OSX Trojan families for OSX, of which OSX will automatically block installation, download, or running. There have been seven known OSX computer virus candidates, all failures.

This "iworm" from Dr. Web, given their suspect history (see their claimed amazing shrinking Macbotnet of 2012 which no one could find a member in the wild), is I believe, merely more FUD. There are too many red flags in their report including their silence on how to avoid infection. . . which would be criminal if it were legitimate.

Since Apple is having an event on October 21st, most likely for the purpose of releasing new Macs, we've entered FUD Season. . . and Dr. Web Is pushing their Mac AV for business product. . . as they were when they launched it and the Macbotnet claim simultaneously two years ago.

25 posted on 10/03/2014 10:52:36 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 18 | View Replies]

To: for-q-clinton
I still don’t believe it. Swordmaker guaranteed us this is impossible on OSX.

Please stop misrepresenting what I have stated on this forum. That said, Dr. Web has a dismal FUD record.

26 posted on 10/03/2014 10:55:00 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 22 | View Replies]

To: All
With approximately 91,000,000 Macs in the wild, if this OSX Botnet actually exists, then the 17,658 infected Macs (my isn't that an impressively accurate number?) represent 0.019404% of all Macs may have been infected. How, exactly, did these guys even find one? Much less come up with all 17,658??? And the list them by country of location. I call FUD!


Dr. Web's claimed Reddit message to the Mac Botnet members.


Dr. Web's claimed locations of the Mac Botnet members by the numbers.

Why the absence of Japan, Hong Kong, China, Indonesia, Germany, the Arabian countries, Israel, and several others that have large Mac numbers? Strange.

27 posted on 10/03/2014 11:22:32 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 24 | View Replies]

To: Swordmaker

Could it be that the hackers could very well be from the countries you have mentioned.


28 posted on 10/03/2014 11:35:08 AM PDT by Biggirl (“Go, do not be afraid, and serve”-Pope Francis)
[ Post Reply | Private Reply | To 27 | View Replies]

To: Scoutmaster
From the media reports, I believe the photos were released on 4chan.

Yeah, but the photos were stored on Reddit and the posts to 4chan by users linked to Reddit.

29 posted on 10/03/2014 11:39:47 AM PDT by roadcat
[ Post Reply | Private Reply | To 15 | View Replies]

To: SeekAndFind

They should use these hacked computers to nuke Apple HQ in Cupertino. To nuke it from orbit. Nuke the Chinese FoxConn factory too...just to be sure...and to prevent further suicides on the iPhone assembly line


30 posted on 10/03/2014 11:42:31 AM PDT by dennisw (The first principle is to find out who you are then you can achieve anything -- Buddhist monk)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

“...We are now entering the three week FUD SEASON before the October 21st Apple event where it is expected that Apple will announce new Macs....
************************************************************************************

“FUD SEASON”! Now that’s funny (but quite on point” and gave me a little laugh.


31 posted on 10/03/2014 12:14:08 PM PDT by House Atreides (ANOTHER CONSERVATIVE REPUBLICAN FOR CHILDERS 2014 .... Don't reward bad GOPe behavior.)
[ Post Reply | Private Reply | To 24 | View Replies]

To: Swordmaker

So you’re saying it can happen?


32 posted on 10/03/2014 12:34:15 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 26 | View Replies]

To: Swordmaker
Dr. Web Is pushing their Mac AV for business product.

Getting antivirus software for a Mac is like giving a condom to a member of the high school A/V club. Sure, there's an outside theoretical chance it might actually be useful for its stated purpose, but only in cases where at least one person has made a serious lapse in judgement.

33 posted on 10/03/2014 12:39:52 PM PDT by kevkrom (I'm not an unreasonable man... well, actually, I am. But hear me out anyway.)
[ Post Reply | Private Reply | To 25 | View Replies]

To: dennisw; SeekAndFind
They should use these hacked computers to nuke Apple HQ in Cupertino. To nuke it from orbit. Nuke the Chinese FoxConn factory too...just to be sure...and to prevent further suicides on the iPhone assembly line

It is a well established fact, Dennis, that the suicides at FoxConn occurred at their facility assembling products for HP, Sony, and Microsoft XBox. . . not Apple products.

The one suicide associated with an Apple product was a mid level engineer who had been questioned in 2009 in reference to selling an iPhone prototype to a competitor. After the questioning, he returned to his apartment (not at a FoxConn facility) and jumped from his balcony.

The fact also remains that the suicide rate at FoxConn's facilities, where 750,000 people worked and a total of 28 people committed or attempted suicide over an eighteen month period, were one-quarter of China's national suicide rate for the same age cohort. 25% of the normal rate. It is also one half of the suicide rate at Harvard University where the age groups are similar. So what are you complaining about?

34 posted on 10/03/2014 12:52:20 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 30 | View Replies]

To: dennisw; SeekAndFind
It is a well established fact, Dennis, that the suicides at FoxConn occurred at their facility assembling products for HP, Sony, and Microsoft XBox. . . not Apple products.

Forgot NOKIA phones. . .

35 posted on 10/03/2014 12:57:05 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 34 | View Replies]

To: SeekAndFind

BUT, BUT, BUT Macs are perfect


36 posted on 10/03/2014 1:30:55 PM PDT by bravo whiskey (we shouldn't fear the government. the government should fear us.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: roadcat
No. The photos were not stored on Reddit. Reddit doesn't store photos. Reddit links to photos that are hosted and stored on other domains such as imgur.

The links to the photos in question were originally posted to 4chan. Users downloaded files from the links posted at 4chan and uploaded selected files to sites such as imgur, and those non-Reddit-hosted-photo-links were then shared on Reddit.

I visit certain subreddits regularly, such as /historyporn and /artefactporn. The first has fascinating photographs from throughout history and the second fascinating photos of ancient artefacts. If you click on the Reddit link, you leave the Reddit domain and are redirected to the host of the photo, which is imgur more often than not (wikimedia, tumble, and flikr are less common sources). The Reddit post may include details about the photo, but does not store the photo. I generally reverse-search the photo to learn more about the content.

Here's an example of what you may find on the subreddit /artefactporn, a link to this photo of the armour of a cuirasse du carabinier holed by a cannonball at the battle of Waterloo:

The link to the photo is on Reddit, on the subreddit /aretefactporn. However, the photo is not hosted on Reddit; it's hosted at http://i.imgur.com/ot73yZV.jpg.

Here's the Reddit link to the imgur photograph, on the subreddit /artefactporn.

37 posted on 10/03/2014 1:43:34 PM PDT by Scoutmaster (Opinions don't affect facts. But facts should affect opinions, and do, if you're rational)
[ Post Reply | Private Reply | To 29 | View Replies]

To: minnesota_bound
I'm not judging your choices.

In addition to my personal moral issues, I didn't view the photos because I had an issue with the NSA snooping in private emails. I didn't understand how a country that was upset with the NSA could wet itself over the spoils of a private individual's snooping because it involved boobies.

No, I take that back. I understood, but I shook my head and rolled my eyes.

38 posted on 10/03/2014 1:54:55 PM PDT by Scoutmaster (Opinions don't affect facts. But facts should affect opinions, and do, if you're rational)
[ Post Reply | Private Reply | To 20 | View Replies]

To: roadcat

I need to amend that. Reddit stores thumbnails of most of the photos to which it links, but the photos are hosted on domains other than Reddit.


39 posted on 10/03/2014 1:57:07 PM PDT by Scoutmaster (Opinions don't affect facts. But facts should affect opinions, and do, if you're rational)
[ Post Reply | Private Reply | To 37 | View Replies]

To: Swordmaker
Please stop misrepresenting what I have stated on this forum.

But then all the fat chicks wouldn't be able to feel they're better than the hottie!

40 posted on 10/03/2014 2:00:26 PM PDT by papertyger (Those who don't fight evil hate those who do)
[ Post Reply | Private Reply | To 26 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-58 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson