Apple has added the dangerous iWorm bug to its malware detector after 17,000 Mac users were found to have been infected with the virus.
Business Insider reported on Friday that a Russian security firm discovered a piece of malicious software known as “Mac.BackDoor.iWorm.” that was being found on Mac computers around the world. The bug gave hackers control of the computer, and could have been used to send spam emails, crash websites, or mine Bitcoin. However, there’s no evidence that hackers even got the chance to use their botnet before it was discovered.
Mac Rumours reported on Saturday that Apple updated its Xprotect software to protect against the iWorm program. Xprotect is the anti-virus program that comes installed with every Apple computer, so Mac users are theoretically safe from iWorm if their operating system is up to date.
Here’s the updated Xprotext code that shows Apple has added iWorm to the list of blocked programs:
The iWorm virus was controlled in an inventive way. The virus searched Reddit for a fake Minecraft discussion forum that contained links to command servers operated by hackers.
After security firm Dr. Web announced the discovery of the bug, the Reddit account that the hackers used to share links to their commands servers was closed, and its posted deleted. Over the weekend. Reddit banned the fake Minecraft subreddit, meaning that the iWorm bug had no way to receive orders from the hackers controlling it.
Additionally, an anonymous tipster explained to The Safe Mac how iWorm spread. It’s reported that the virus spread to Mac computers using pirated software downloads hosted on The Pirate Bay. Anybody who downloaded fake versions of Adobe Photoshop, Adobe Illustrator, Microsoft Office and Parallels from a Pirate Bay user named “aceprog” were asked for administrator access to install the pirated software. After a user approved the access, iWorm was able to install itself on the user’s computer.