iWorm trojan quietly added to Apple’s Xprotect definition list

Posted by:
Date: Wednesday, October 8th, 2014, 10:46
Category: News, security, Software, Uncategorized

The bad news is that there’s another chunk of malware on the OS X platform to worry about.

The good news is that Apple included a backdoor fix over the weekend to take care of it.

Per The Mac Observer, Apple pushed an update to its Xprotect malware list for the Mac that includes the Mac.BackDoor.iWorm malware over the weekend. Xprotect watches for telltale signatures from known malware threats and attempts to stop them from invading your computer.

The iWorm threat installs through a Trojan horse masquerading as an installer for other apps. Mac owners that have fallen victim to iWorm picked up the malware through installers for pirated apps such as Adobe Photoshop.

iworm

Once installed, iWorm looks to Reddit for posts that include server addresses it can link to for instructions on what nasty activities it should undertake. Reddit has shut down the forum iWorm checked, but that doesn’t mean hackers won’t be able to find an alternate method for delivering server locations.


It looks like Apple’s updated definitions list can identify two iWorm variants.

Xprotect definitions are updated automatically, and your Mac checks daily to see if updates are available. Should Apple find more variants, those will show up in Xprotect’s list automatically as long as you have an active Internet connection.

Stay tuned for additional details as they become available.

Recent Posts

Comments are closed.