![]() The Bitdefender offer runs out at midnight on Monday Wednesday night. Clearly a few different versions of the attack have already been seen, and users would be wise to keep their Mac anti-virus products updated as it wouldn’t be a surprise if there were more to come. You can check it out here.īitdefender tells me that Bitdefender Antivirus for Mac detects the malware as, ,, and. Update: The guys at Bitdefender have been in touch, offering readers of Graham Cluley Security News, a special deal whereby you can get six months’ free protection with their Mac anti-virus product. More information about this particular threat can be found on Dr Web’s website. In addition, keep your computer patched with the latest security updates – both for the underlying OS X operating system, but also for commonly targeted software such as Adobe Reader, Flash and Java. An anti-virus product should be part of your arsenal, if you value your privacy and the data you store on your Apple computer. ![]() This isn’t, of course, the first time that we have seen Mac computers infected by malware and hijacked into a criminal botnet, and it isn’t anything like as big so far as the notorious Flashback worm which hit more than 600,000 Mac computers in early 2012.īut it is another timely warning that Mac users shouldn’t be fooled into thinking they are somehow immune from computer security threats. They’ve done nothing wrong as such, and even if they shut down the accounts that are communicating with the botnet there would be nothing to stop the hackers behind the campaign creating new accounts or using an alternative service (Twitter, perhaps?) to communicate with the compromised computers.Īnd it’s important to stress that Reddit isn’t spreading the infection – it’s simply providing a platform that is helping the botmasters communicate with the Mac computers they have managed to infect.ĭr Web’s research team claim that the country hit hardest by the botnet is the United States, followed by Canada and the United Kingdom. This isn’t really Reddit’s fault of course. The search returns a web page containing a list of botnet C&C servers and ports published by criminals in comments to the post minecraftserverlists under the account vtnhiaovyd. It is worth mentioning that in order to acquire a control server address list, the bot uses the search service at, and - as a search query - specifies hexadecimal values of the first 8 bytes of the MD5 hash of the current date. It sends a request to a remote site to acquire a list of control servers, and then connects to the remote servers and waits for instructions. Then opens a port on an infected computer and awaits an incoming connection. Avast plans to rebuild the forum using a new software platform, which will be faster and more secure.Fascinatingly, compromised computers receive commands from servers under the control of botmasters, using information posted in messages on Reddit as a navigational aid: Steckler wrote the forum was hosted on an isolated, third-party platform for many years. When the forum is back online, users will be prompted to change their passwords. People who reuse the same password from Avast's forum on other sites are advised to change them immediately, he wrote. But the longer and more complicated the password - such as one with a mix of capital letters, numbers and symbols - the harder it is to crack. Steckler didn't specify the algorithm Avast uses to hash passwords, but warned that "it could be possible for a sophisticated thief to derive many of the passwords."Ĭonverting those hashes into their original passwords is possible using decoding tools and powerful graphics processors. For example, the password "Rover" run through the SHA-1 algorithm is "ac54ed2d6c6c938bb66c63c5d0282e9332eed72c." The leaked passwords were hashed, which means that hackers obtained cryptographic representations of passwords that have been run through an algorithm. How the forum was breached remains unknown, Steckler wrote.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |