17,000 Macs hit by hackers via Reddit

Hackers have infected more than 17,000 Macs worldwide, and 1,227 in the UK, with the Mac.BackDoor.iWorm malware via social news site Reddit.

The cyber criminals managed to exploit a flaw in Apple's computer operating system by manipulating Reddit's search and comment functions.

Researchers at Russian antivirus company Dr Web revealed the flaw and said it gives a hacker remote access, allowing them to send commands to other computers to install more malware and, in some cases, launch spam campaigns and denial-of-service attacks.

The company said the hackers developed the malware using C++ and Lua and used encryption to carry out its actions.

When the hacker has managed to access the computer installation it is extracted into /Library/Application Support/JavaW folder and generates a p-list file so that the backdoor is launched automatically.

The company explained the majority of cases occurred in the US. "As of September 26, 2014, 17,658 IP addresses of infected devices were involved in the botnet created by hackers using Mac.BackDoor.iWorm. Most of them4,610 (representing 26.1% of the total)reside in the United States. Canada ranks second with 1,235 addresses (7%), and the United Kingdom ranks third with 1,227 IP addresses of infected computers (6.9% of the total)," Dr Web said.

Independent security researcher Graham Cluley responded to the attack on his blog by saying it's not the first time Macs have been targeted with such a verocious campaign, although it's not as large scale as past attacks on Apple's computers.

"It isn't anything like as big so far as the notorious Flashback worm which hit more than 600,000 Mac computers in early 2012," Cluley said.

He warned: "It is another timely warning that Mac users shouldn't be fooled into thinking they are somehow immune from computer security threats. An anti-virus product should be part of your arsenal, if you value your privacy and the data you store on your Apple computer."