Surprise: Mac iWorm Spreads through Pirated Apps

When news of Mac.BackDoor.iWorm for the Mac hit the Web last week, the way the  malware threat spread was still something of a mystery, but that's been uncovered now, too: pirated software. Like so many other malware threats, attackers are using the promise of free software as a trojan horse to trick victims trying to save a buck into installing the iWorm payload.

iWorm malware spreads through pirated software, so don't steal appsiWorm malware spreads through pirated software, so don't steal apps

Once installed, iWorm can use infected Macs to launch denial of service attacks on Internet-based servers, or steal data from victim's computers. The malware was using Reddit posts filled with server IP addresses to tell infected Macs where to look for instructions, but the subreddit attackers were using has been shut down.

iWorm was first reported by the security and anti-malware company Dr. Web. The Safe Mac has since found a pirated Photoshop installer that sneaks iWorm onto your Mac without any outward indication that anything suspicious is happening.

So far it looks like iWorm spreads through trojan horse installers and isn't self replicating, which means victims must install the malware to be infected. In other words, don't steal software because you may get far more than you bargained for.