New iWorm Worm Specifically Targets OS X - How to Know if Your Mac is Infected

Security researchers have discovered a new worm that specifically targets OS X on Macs, and which controls them through Reddit.com. Dubbed the “iWorm”, or the “Mac.BackDoor.iWorm”, the iWorm was first publicly reported last week on the Dr. Web anti-virus site. There is a way to check to see if you have the iWorm on your Mac, which we explain below.

Rather than having the infected Mac report directly to a server for its instructions, the criminals behind iWorm issue instructions through posts on Reddit, and the infected Macs check in on Reddit to get their commands.

(Kind of evil genius stuff, if you think about it, as an instruction server can be targeted and taken offline, but nobody is going to take Reddit offline.)

According to the Dr. Web report, so far more than 18,500 Macs are infected with the iWorm. Dr. Web calculates this based on the unique IP addresses from which each infected Mac is connecting.

To determine whether or not your Mac has been infected with the iWorm, follow these steps:

Pssst! Get notified of new TIP articles here:

On your Mac, open Finder, click on “Go”, and select “Go to Folder”:

This will pop open a window in which to type the path of the folder; what you are looking for is the folder that iWorm creates when it infects your machine. If the folder is there, your Mac is infected.

Here is the directory path to type into that window:

/Library/Application Support/JavaW

Copy and paste that into the window:

Hopefully your results will look like this:

If so, breathe a sigh of relief, and consider that if you were one of those people who never bothered to get anti-virus software because you have a Mac, well, it’s time to rethink that strategy.

While we have not extensively tested the various Mac anti-virus options out there ourselves, we’ve heard really good things about the free Sophos anti-virus protection.

Summary

Article Name

New iWorm Worm Specifically Targets OS X - How to Know if Your Mac is Infected

Description

The "iWorm", or the "Mac.BackDoor.iWorm", has reportedly infected more than 18,500 Macs so far. Here's how to check to see if your Mac is infected.

Author

Anne P. Mitchell

The Internet Patrol is provided as a public service by the Institute for Social Internet Public Policy, and edited and primarily authored by Anne P. Mitchell who is an Internet security and privacy attorney.

(Hey! Please let us know if you liked this article by leaving us a comment!)

Recent Comments

Waffles on Coming Soon to Your Car’s Dashboard: Advertisements a/k/a Car SpamSpamvertisements when stopped at a traffic light can be a dangerous distraction. The driver needs to be paying attention to his surroundings even if he's just wanting for a green light.
Missy on What to Do if Your Amazon Order Never Arrives but They Say it Was DeliveredFantastic article thank you so much!!
Antonio R on How to Unsubscribe from Match.com When You Signed Up through the Match App via the App StoreCancel my subscription from this I don’t won’t on my email
travis barber on How to Become an Amazon Reviewer and Get Free StuffI would like to review products for you amazon. I have helped a friend before and done an unboxing.please consider.
Heidemarie Klimt-Grampp on Hate Meetup’s New Design? Here’s How to Still Find Group Calendars and Past Meetups with the New Site DesignI am a Meetup Group Organizer since 2009. The new design in 2018 is the worst I have experienced & I am so discouraged to go on that I may just return to email-organizing without this provider. Why is Meetup destroying a portal that was easy to move around on?...
Butch Kemper on “Why Can’t I Log Into My Account When I Know I am Using the Right Password?” This May be WhyI am bothered by applications assuming to best know how to establish rules about passwords: characters allowed, combinations allowed, number of characters, and frequency to update. I am an adult so let me make up my password and if my selection is poor, then it is my choice so leave...
Michael Alape on Online Audio of Southwest Pilot Tammie Jo Shults’ Communication with Air Traffic Control TowerTHE PILOT DEFINITELY AVERTED A TOTAL CATASTROPHE. HER TRAINING WAS CRUCIAL TO THE RESULTS OF SAVING OTHER PASSENGERS LIVES.
Bob Vaughan on “Why Can’t I Log Into My Account When I Know I am Using the Right Password?” This May be WhyI ran into a similar problem many years ago with an ATM card. It would work in some places, but fail in others. I eventually figured out that one of the ATM networks (I forget whether it was Star or Cirrus) was limiting the PIN to 4 digits, while my...
Lola L Schiefelbein on “Why Can’t I Log Into My Account When I Know I am Using the Right Password?” This May be WhyThank you! Have been through this so many times, in the last months--now, it's explained! Sanity saved! :>)
Easterneuropean on Has Your Gmail Email Disappeared? You’re Not AloneTransformation: Google >>> Oogle >>> Ugle >>> Ugly Those bastards are destroying my tiny business by allowing fantasy libel by criminals to be listed at the #1 top search result. Gmail is free and ugly and extremely confusing to a new user. Yet I must admit that if one tries...

New iWorm Worm Specifically Targets OS X – How to Know if Your Mac is Infected

You might also like some of our other articles:

Leave a Reply Cancel reply