The world's first Mac OS X botnet has reportedly been discovered. Symantec researchers Mario Ballano Barcena and Alfredo Pesoli said the malware was actually discovered back in January, and came courtesy of two trojans, previously reported of here on Softpedia.
According to Symantec's researchers, a Mac OS X botnet causes infected machines to mount denial of service attacks. The botnet employs a peer-to-peer engine, encryption and a structure that allows it to dynamically adapt, according to DailyMail.co.uk. The researchers described the malware as follows, according to ZDNet's Zero Day blog.
"The code indicates that, wherever possible, the author tried to use the most flexible and extendible approach when creating it – and therefore we would not be surprised to see a new, modified variant in the near future," the duo declared.
The Symantec researchers added (according to the CBC) that, "With malware authors showing an increasing interest in the Mac platform, we believe that more advanced [user interface] spoofing tricks may be seen in the future."
The variants have been found inside bogus copies of iWork ’09 and Adobe Photoshop CS4 which were shared on the popular p2p torrent network. The author of the malware downloaded the original/trial versions of each program and introduced a copy of the malicious binary into the packages. Users who then downloaded and installed the applications from the torrent download would have been infected. It is estimated that thousands of people have downloaded the infected torrent files.
They describe this as the “first real attempt to create a Mac botnet” and notes that the zombie Macs are already being used for nefarious purposes.
The researchers pointed to this blog entry (http://notahat.com/posts/28/) that describes a a PHP script, running as root, launching attacks against an unknown Web site.
Thought this would be of interest... There is more information there, but this was about all I was interested in... am not into the torrent site or too technical...