Apple Updates Xprotect Malware Definitions to Stop 'iWorm' Mac Botnet

Apple this weekend updated its XProtect malware blacklisting system in OS X to address the recent iWorm attack that is believed to have affected more than 18,000 Macs. MacRumors and Business Insider noted that a modification to the XProtect.plist.plist file was released on October 4. It contained definitions to help users protect themselves against three variants the iWorm malware. They were OSX.iWorm.A and OSX.iWorm.B and OSX.iWorm.C.

The malware was discovered by security researchers at Russian anti-virus firm Dr Web, the iWorm malware targeted OS X machines, forming an organized botnet through a server list published on Reddit. It is not known how the malware was distributed but an anonymous tip provided to The Safe Mac suggests the malware was bundled with pirated Mac software downloads on The Pirate Bay.

In addition to Apple's anti-malware actions, Reddit also shut down a fake Minecraft subreddit and banned the account that was posting the iWorm botnet server list to the subreddit's forum. iWorm-controlled Macs are not able to connect to botnet servers used by hackers to send instructions. Minecraftservers