Symantec Researchers Find 'First Real Attempt to Create a Mac Botnet'

The latest edition of Symantec's subscription-only Virus Bulletin features a piece from researchers Mario Ballano Barcena and Alfredo Pesoli, who say they have uncovered "the first real attempt to create a Mac botnet," or network of "zombie" Macs that could do a remote user's bidding. Long a problem in the Windows world, this is the first time such a problem has faced the Mac community.

The malware -- known as OSX.Iservice and OSX.Iservice.B -- was found in pirated copies of Apple's iWork 09 software and Adobe's Photoshop CS4, cracked versions of which have been shared on peer-to-peer file-sharing networks. Mac owners who downloaded and installed the infected software could number in the thousands, ZDNet estimates.

ZDNet obtained a copy of the Virus Bulletin article and said it "goes into detail on the botnet's peer-to-peer engine, startup and encryption capabilities and configuration file structure and concludes that the person who wrote the malware is not the same as the person who actually 'used' it."

ZDNet quoted the researchers as saying: "The code indicates that, wherever possible, the author tried to use the most flexible and extendible approach when creating it – and therefore we would not be surprised to see a new, modified variant in the near future."