Apple Updates Xprotect Malware Definitions to Shut down "iWorm" Mac Botnet

Apple this weekend updated its XProtect blacklisting system for malware in OS X to address the recent iWorm attack, which is believed to have has infected more than 18,000 Macs. MacRumors and Business Insider noted that a modification to the XProtect.plist.plist file was released on October 4. It included definitions to safeguard users against three variants of the iWorm malware. They were OSX.iWorm.A and OSX.iWorm.B and OSX.iWorm.C.

The malware was discovered by security researchers at Russian anti-virus company Dr Web, the iWorm malware targeted OS X machines, forming an unorganized botnet using a server list posted on Reddit. Although it's not entirely specific how the malware spread, a tip from The Safe Mac suggests that the malware was distributed with pirated Mac software downloaded from The Pirate Bay.

In addition to Apple's anti-malware actions, Reddit also shut down the fake Minecraft subreddit and banned the account responsible for posting the iWorm botnet server list on the subreddit's forums. Without these posts, the iWorm-controlled Macs are unable to connect to the botnet servers that are used by hackers to send instructions to the affected machines.

reveals how rich reality truly is