Tag Archives: Trojan horse

Spam is now 90 percent of all email

According to this article in c|net, Symantec’s MessageLab released a report last Monday that claims just over ninety percent of global email traffic is now spam, after a five percent increase from April to May 2009. The report also indicates that older, established sites are now being used to host various types of malware more often than newly-minted sites. Spammers are attacking these older and more trustworthy domains, compromising them so that they become hosts and distribution points for malware and spam content.

Contrary to some popular notions, this report claims that spam originates evenly from three geographic areas: the Americas are responsible for about 35% of spam, versus 32% from Europe and 28% from Asia. About 58% of all spam comes from known botnets evenly distributed around the globe, although the botnet known as Donbot is alone responsible for 18%. Continue reading Spam is now 90 percent of all email

Free iServices Mac Trojan removal tool available

MacScan_logoA free tool that removes the iServices Trojan is now available, courtesy of anti-spyware developer MacScan. This tool removes both the OSX.Trojan.iServices.A and OSX.Trojan.iServices.B Trojan horse, and can be downloaded from this page.

As reported last week, the first remotely-controlled “botnet” created from Macintosh computers has been identified in the field. These Macs are infected with one of the above-named Trojan horse programs, which were identified back in January as being spread via illegal copies of Adobe CS-4 and iWork 2009 software.

No_trojanMacScan’s removal tool is a stand-alone program that searches for these trojans and removes them if they exist. If neither Trojan exists, the program displays the dialog box to the left and you’re free to quit the program.

Mac users have been particularly fortunate, in that little in the way of malware has yet been aimed their computers. Clearly that has now changed, and given the potential of this malware to at minimum slow your Mac’s performance, and at worst to turn it into a “zombie,” there’s simply no reason not to download and run the removal tool.

First Mac-powered botnet identified

The first botnet based on Macintosh computers is here, according to security researchers at Symantec and reported in Ars Technica. A botnet is a collection of software robots (so-called “bots”) which can act automatically and autonomously after being infected with (usually) malevolent software. Botnets consist of a number of such compromised computers known as “zombies,” and these can be directed by the originator of the bot software (the so-called “bot herder”) to perform various nefarious tasks, such as conducting organized DDoS (Distributed Denial of Service) attacks on servers, or sending spam emails. Botnets are commonly comprised of Windows computers, although this is the first known botnet comprised of Macs.Ars_technica_logo

Mac users who downloaded pirated copies of Adobe’s Creative Suite CS4 or iWork 2009 may have got more than they bargained for, as some of these copies contained trojan horse software OSX.Trojan.iServices.A and OSX.Trojan.iServices.B. When the user unpacks the pirated software, the trojan is installed and becomes active, turning the Mac into a “zombie.” Since the trojan software was first discovered in January 2009, most anti-virus software has by now been updated to remove the trojan and its remnants. Still, the botnet was recently implicated in DDoS attacks on several servers.

This incident provides yet another reason to avoid installing pirated software on your computer. The success of this Mac-based botnet almost guarantees that more pirated software will be released that is infected, so it’s best to stay away… stay far, far away.