Digita Security

Cybersecurity solutions for the

  • modern
  • mobile
  • independent
  • innovative
  • enterprising

macOS workforce

10.5.2014 ( Version 2050 )

IWormA


OSX/iWorm is a persistent backdoor that allows an attacker complete remote control over infected hosts. It was was distributed via trojanized pirated applications that were hosted on Pirate Bay and used reddit.com for command and control (C2) [1].

References:
  1. https://www.virusbtn.com/pdf/magazine/2014/vb201410-iWorm.pdf
  2. http://www.intego.com/mac-security-blog/iworm-botnet-uses-reddit-as-command-and-control-center/

Sample Hashes (VT links):
c0800cd5095b28da4b6ca01468a279fb5be6921a