First Mac-powered botnet identified

The first botnet based on Macintosh computers is here, according to security researchers at Symantec and reported in Ars Technica. A botnet is a collection of software robots (so-called “bots”) which can act automatically and autonomously after being infected with (usually) malevolent software. Botnets consist of a number of such compromised computers known as “zombies,” and these can be directed by the originator of the bot software (the so-called “bot herder”) to perform various nefarious tasks, such as conducting organized DDoS (Distributed Denial of Service) attacks on servers, or sending spam emails. Botnets are commonly comprised of Windows computers, although this is the first known botnet comprised of Macs.Ars_technica_logo

Mac users who downloaded pirated copies of Adobe’s Creative Suite CS4 or iWork 2009 may have got more than they bargained for, as some of these copies contained trojan horse software OSX.Trojan.iServices.A and OSX.Trojan.iServices.B. When the user unpacks the pirated software, the trojan is installed and becomes active, turning the Mac into a “zombie.” Since the trojan software was first discovered in January 2009, most anti-virus software has by now been updated to remove the trojan and its remnants. Still, the botnet was recently implicated in DDoS attacks on several servers.

This incident provides yet another reason to avoid installing pirated software on your computer. The success of this Mac-based botnet almost guarantees that more pirated software will be released that is infected, so it’s best to stay away… stay far, far away.