Apple Updates Malware Definitions to Protect Against Botnet Threat Coordinated Via Reddit
Last week, Russian anti-virus firm Doctor Web disclosed a newly discovered piece of OS X malware known as Mac.BackDoor.iWorm that at the time had affected roughly 17,000 machines around the world. While the exact mechanism of infection was unclear, an interesting twist to the story involves compromised machines running search queries on Reddit to obtain instructions about which command and control servers should be used to manage the botnet.
It is worth mentioning that in order to acquire a control server address list, the bot uses the search service at reddit.com, and -- as a search query -- specifies hexadecimal values of the first 8 bytes of the MD5 hash of the current date. The reddit.com search returns a web page containing a list of botnet C&C servers and ports published by criminals in comments to the post minecraftserverlists under the account vtnhiaovyd.
Once connected to a command and control server, the backdoor opened by the malware on the user's system can receive instructions to perform a variety of tasks, from stealing sensitive information to receiving or spreading additional malware.
In an effort to address the threat, Apple has now updated its "Xprotect" anti-malware system to recognize two different variants of the iWorm malware and prevent them from being installed on users' machines.
First introduced with OS X Snow Leopard, Xprotect is a rudimentary anti-malware system that recognizes and alerts users to the presence of various types of malware. Given the relative rarity of malware targeting OS X, the malware definitions are updated infrequently, although users' machines automatically check for updates on a daily basis. Apple also uses the Xprotect system on occasion to enforce minimum version requirements for plug-ins such as Flash Player and Java, forcing users to upgrade from older versions known to carry significant security risks.
Popular Stories
Apple is planning to debut a high-end secondary version of AirPods Pro 3 this year, sitting in the lineup alongside the current model, reports suggest.
Back in September 2025, supply chain analyst Ming-Chi Kuo reported that Apple is planning to introduce a successor to the AirPods Pro 3 in 2026. This would be somewhat unusual since Apple normally waits around three years to make major...
Over the last few months, rumors around the iPhone 18 Pro's front-panel design have been conflicted, with some supply-chain leaks pointing to under-display Face ID, reports suggesting a top-left hole-punch camera, and debate over whether the familiar Dynamic Island will shrink, shift, or disappear entirely.
Today, Weibo-based leaker Instant Digital shared new details that appear to clarify the ...
iOS 27 is still many months away, but there are already plenty of rumors about new features that will be included in the software update.
The first beta of iOS 27 will be released during WWDC 2026 in June, and the update should be released to all users with a compatible iPhone in September.
Bloomberg's Mark Gurman said that iOS 27 will be similar to Mac OS X Snow Leopard, in the sense...
MacBook Pro availability is tightening on Apple's online store, with select configurations facing up to a two-month delivery timeframe in the United States.
A few 14-inch and 16-inch MacBook Pro configurations with an M4 Pro chip are not facing any shipping delay, but estimated delivery dates for many configurations with an M4 Max chip range from February 6 to February 24 or even later. At...
Apple's App Store, iTunes Store, and Apple TV service are experiencing an outage at the current time, according to Apple's System Status page.
Apple says that some users may be experiencing issues with the App Store and iTunes Store. Apple also says some users may be seeing intermittent issues with Apple TV. The Apple TV Channels feature is down too, and users may be unable to access some...
