Hackers use Reddit to connect thousands of Macs to a botnet

Bad news for Mac users: You’re at risk for an insidious malware that will connect your computer to a botnet. Hackers have developed a backdoor entry called “Mac.BackDoor.iWorm” that gains access to Macs and uses Reddit to connect the hacked computer with a command server. Once the computer is infected, the iWorm uses Reddit’s search function to hunt down posts made by the hackers. These posts provide server addresses, and the software uses the Reddit posts as a guide to connect to the botnet.

Criminals have discovered a flaw in OS X, the Mac operating system, and are using it to control thousands of Apple computers around the world. The Russian security company Dr. Web first discovered the software, known as “Mac.BackDoor.iWorm.” We don’t yet know how the software spreads, but Dr. Web has released information on the clever way it connects to the criminals who control the program. When a Mac is infected with Mac.BackDoor.iWorm, the program tries to make a connection to a command server. The iWorm reportedly uses Reddit’s search function to find comments left by the criminals in a Minecraft discussion section of the site. After iWorm finds the Reddit comments, it attempts to connect to the server addresses listed in the Minecraft subreddit. Once connected, criminals can send commands to their “botnet” of infected computers. Botnets are often used to send spam emails, mine Bitcoin, or flood websites with traffic that eventually crashes them.