With various publications reporting tens of thousands of users affected around the world by iWorm, does your organization have a good Mac security plan? When iWorm has infected a Mac computer, the malware makes a connection with a command and control (C & C) server out on the Internet. This connection with the C & C server can then be used to achieve a large range of tasks, including the theft of personal or corporate data, installing other malicious software applications, making configuration changes and more. iWorm even showed some interesting creativity by using a forum on the popular Reddit web site to communicate with its command and control network.
Maybe your Mac or organization weren’t affected, but it’s a good reminder of the fact that Macs aren’t immune to malware. In fact, over the past couple of years, our researchers have shown that Macs are increasingly seen as viable targets not only for targeted attacks, but even in the recent Shellshock situation. Here are some examples:
Shellshock: attacks targeting Macs: http://blog.trendmicro.com/trendlabs-security-intelligence/shellshock-vulnerability-downloads-kaiten-source-code/ Targeted attacks also targeting Macs: http://blog.trendmicro.com/trendlabs-security-intelligence/tibetan-themed-campaign-pushes-hybridized-malware/ Flashback Mac malware: http://blog.trendmicro.com/trendlabs-security-intelligence/osx_flashbck-a-backlash-to-apples-popularity/ Mac threats generally: http://blog.trendmicro.com/trendlabs-security-intelligence/category/mac/
Final thoughts on iWorm: anti-malware protection such as Trend Micro’s Security for Mac is important to have installed on all your MacOS systems, not only to block Windows malware from being spread or forwarded to Windows users, but also to block the MacOS malware that comes up from time to time. In fact, Trend Micro Security for Mac is integrated with OfficeScan and is part of the Smart Protection suites, providing the enterprise with an integrated view of malware incidents across Windows, mobile and Mac platforms.