The Bitdefender offer runs out at midnight on Monday Wednesday night.
Clearly a few different versions of the attack have already been seen, and users would be wise to keep their Mac anti-virus products updated as it wouldn’t be a surprise if there were more to come.
#SOPHOS REVIEWS REDDIT FOR MAC#
You can check it out here.īitdefender tells me that Bitdefender Antivirus for Mac detects the malware as, ,, and.
#SOPHOS REVIEWS REDDIT FREE#
Update: The guys at Bitdefender have been in touch, offering readers of Graham Cluley Security News, a special deal whereby you can get six months’ free protection with their Mac anti-virus product. More information about this particular threat can be found on Dr Web’s website.
#SOPHOS REVIEWS REDDIT SOFTWARE#
In addition, keep your computer patched with the latest security updates – both for the underlying OS X operating system, but also for commonly targeted software such as Adobe Reader, Flash and Java. An anti-virus product should be part of your arsenal, if you value your privacy and the data you store on your Apple computer. This isn’t, of course, the first time that we have seen Mac computers infected by malware and hijacked into a criminal botnet, and it isn’t anything like as big so far as the notorious Flashback worm which hit more than 600,000 Mac computers in early 2012.īut it is another timely warning that Mac users shouldn’t be fooled into thinking they are somehow immune from computer security threats. They’ve done nothing wrong as such, and even if they shut down the accounts that are communicating with the botnet there would be nothing to stop the hackers behind the campaign creating new accounts or using an alternative service (Twitter, perhaps?) to communicate with the compromised computers.Īnd it’s important to stress that Reddit isn’t spreading the infection – it’s simply providing a platform that is helping the botmasters communicate with the Mac computers they have managed to infect.ĭr Web’s research team claim that the country hit hardest by the botnet is the United States, followed by Canada and the United Kingdom. This isn’t really Reddit’s fault of course. The search returns a web page containing a list of botnet C&C servers and ports published by criminals in comments to the post minecraftserverlists under the account vtnhiaovyd. It is worth mentioning that in order to acquire a control server address list, the bot uses the search service at, and - as a search query - specifies hexadecimal values of the first 8 bytes of the MD5 hash of the current date. It sends a request to a remote site to acquire a list of control servers, and then connects to the remote servers and waits for instructions. Then opens a port on an infected computer and awaits an incoming connection. Fascinatingly, compromised computers receive commands from servers under the control of botmasters, using information posted in messages on Reddit as a navigational aid: