04-17-2009, 03:44 PM
Doc wrote:It sounds a little weasel wordy. They found a "link". "... what appears to be the first Mac OS X botnet...". Do they have conclusive evidence or not? How big of a botnet could you really build off of pirated copies of iWork anyway if you're not using a method designed to propegate from machine to machine?Malware hunters at Symantec have discovered a direct link between a malicious file embedded in pirated copies of Apple’s iWork 09 software and what appears to be the first Mac OS X botnet launching denial-of-service attacks.
Writing in the current issue of Virus Bulletin (subscription required), researchers Mario Ballano Barcena and Alfredo Pesoli found two malware variants — OSX.Iservice and OSX.Iservice.B — using different techniques to obtain the user’s password and take control of the infected Mac machine...
It seems like if you wanted to really build a good sized botnet you'd use something hotter and "sexier" than iWork. But I guess you never know. Still, I can't help but detect at least a slight whiff of FUD.