All the latest UK technology news, reviews and analysis

Dirt cheap Mac malware points up growing threat to Apple users

24 Aug 2012
Apple iMac

The Apple zombie malware NetWeird is reportedly selling on the black market for as little as $60, reflecting growing interest in the Mac platform from cyber criminals.

French anti-virus outfit Intego, which specialises in Macs and other Apple systems, reported finding the malware on a number of cyber black markets on Wednesday.

Before NetWeird, numerous vendors, including F-Secure and Microsoft's Trustworthy Computing division, had reported observing a marked increase in the number of automated exploit kits and malware samples available for sale online.

The surprise here, however, is the malware's low $60 price tag, when compare with other samples selling for several thousands of dollars.

"Perhaps the price tag tells us all we need to know: OSX/Crisis sells for €200,000, and OSX/NetWeirdRC starts at $60," wrote and Intego.

"The website for the developers of OSX/NetWeirdRC also lists the undetected nature of this tool as a selling point. It would seem that you get what you pay for, even in the malware world."

NetWeird was uncovered targeting the Apple Mac operating system earlier in August. It works by installing itself into the user's home directory as an application bundle called

The malware is designed to operate as a bot, letting its controller run processes on infected machines without the owner's knowledge or consent.

This means that the remote attacker can carry out actions such as taking screenshots, extract files and attempt to steal passwords by searching through data stored by web browsers and email clients like Opera, Firefox, SeaMonkey and Thunderbird.

NetWeird is listed as being an incredibly basic, ineffective bot and as a result many security experts have been more concerned about its strategic implications, citing it as further proof that criminals' interest in the Apple ecosystem is increasing.

"It adds itself to your login items, presumably with the intention of loading up every time you reboot your Mac. But a bug means that it adds itself as a folder, not an application. All that happens when you log back in is that Finder pops up and displays your home directory," wrote Sophos researcher, Paul Ducklin.

"Crooks really are getting into the habit of churning out new Mac malware, not to show how clever they are, but merely to see if they can repeat the trick that's worked on Windows for years: making money out of next to nothing. Those who remember the past often choose to repeat it, especially if there's money to be made."

Before NetWeird's appearance, Kaspersky researcher David Emm issued a similar warning regarding criminals' increased interest in Apple's Mac OS during an exclusive interview with V3.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?

Popular Threads

Powered by Disqus
Sony Xperia Z2 smartphone running Android KitKat 4.4

Sony Xperia Z2 video

We test out the latest Android KitKat flagship from Sony

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery


iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Graphic Designer-Photoshop, Illustrator, InDesign 18k-25k

Graphic Designer - Photoshop, Illustrator, InDesign...

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...

ICT Technician

ICT Technician Location: Bolton, Greater Manchester...

Internship – Modeling computational complexity of DSP algorithms

Internship – Modeling computational complexity of DSP...
To send to more than one email address, simply separate each address with a comma.