An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
Botnets and the Mac
#2813 09/03/09 03:52 PM
Joined: Aug 2009
JoBoy Offline OP
OP Offline

Joined: Aug 2009
As I was installing LittleSnitch 2.2beta1, I wondered if that little app could warn me if my computer was being used as a robot site on a botnet. That led me to wonder what the current status is. Are unprotected Macs being used as robots? How much protection is really needed to ward off the threat if it exists?

I didn't put this post in the Networking Forum because it doesn't state a current issue that needs troubleshooting. Was that a proper conclusion?


Mac Pro dual Quad-Core Intel Xeons Early 2008; 16GB RAM; MacOS X 10.11.6, iOS 9.3.5
Re: Botnets and the Mac
JoBoy #2815 09/03/09 04:35 PM
Joined: Aug 2009
Likes: 16
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 16
Hopefully Tacit will chime in on this one as he is the expert on malware, but AFIK no Macs have been or are being used as bots. If they are it would be because the user was complicit in installing the bot, either through malice or because they were duped into it by installing pirated software or thinking it necessary to view a new porn or other video site.

As to where this post should be lodged IMO there is a legitimate technical question here, even though it is not directly related to "fixing" something. I would have no trouble with this being lodged in the Networking forum. But that is only one mods opinion and I do not moderate the Networking forum.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: Botnets and the Mac
joemikeb #2817 09/03/09 05:11 PM
Joined: Aug 2009
JoBoy Offline OP
OP Offline

Joined: Aug 2009
Thanks for the reply. I'm not trying to provoke a complicated discussion about classification. I simply want to fit comfortably into the mold and need a little coaching. I love this forum.

Last edited by JoBoy; 09/03/09 05:11 PM.

Mac Pro dual Quad-Core Intel Xeons Early 2008; 16GB RAM; MacOS X 10.11.6, iOS 9.3.5
Re: Botnets and the Mac
JoBoy #3551 09/12/09 04:45 AM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
Right now, there is only one piece of malware that can be used to turn a Mac into a zombie or bot. It's called OSX.iservice and it can't be installed on a Mac automatically; it must be installed by the owner of the Mac, who must type in an administrator password in order to be infected.

OSX.iservice is not widespread; it has infected only a small handful of computers. It was spread disguised as phony pirate copies of iWork or Adobe Photoshop CS4 on some P2P networks; people believed they were getting bootleg software for free but ended up instead infecting themselves.

OSX.iservice installs a program on an infected computer that allows hackers to control the infected computer remotely; they can see and copy files, instruct the computer to send mail or connect to other sites, and so on. (That's what a botnet is--a network of computers that can secretly be controlled by hackers via remote control. A lot of the world's spam and nearly all denial-of-service hacking attacks are made from botnets.)

Having a program like Little Snitch running will indeed notify you that this malware is running, and if you configure it to block outbound and inbound connections, it will prevent you from having your computer hijacked by the malware writers. So will running a router on your home network; if you're connected to the net through a router, the router-'s built-in firewall will prevent you from having your computer taking over. A better way to safeguard yourself, of course, is not to try to steal software. smile


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Botnets and the Mac
tacit #3566 09/12/09 03:02 PM
Joined: Aug 2009
JoBoy Offline OP
OP Offline

Joined: Aug 2009
Thank you for the clear, concise explanation. It is very helpful. I have in place all three of the precautions you mentioned.


Mac Pro dual Quad-Core Intel Xeons Early 2008; 16GB RAM; MacOS X 10.11.6, iOS 9.3.5

Moderated by  alternaut, cyn 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.015s Queries: 24 (0.009s) Memory: 0.5891 MB (Peak: 0.6564 MB) Data Comp: Zlib Server Time: 2024-03-28 09:34:12 UTC
Valid HTML 5 and Valid CSS