I mean, WTF?This is ane of the nastiest pieces opf malware I've seen in a while, and since all the macs are almost guaranteed to be unprotectyed, it's a problem. And why absolutely no mention of a cure> ALl the article says is the"botnet is currently dormant" Cold comfort for us Mac users. I havbe my firewall up and running, and run ClamXav because I pick up the latest TV episodes as I have no TV (I've got free Cable TV tho.. go figure). I always scan everything And all I ever get is some ancient HYML-CVE on a curry recipe I copy/pasted 5 years ago, that keeps showing up, but is entirely innocuous anyways.
CAnb any program detect it.. Apparently it's a Java trojan
"Unfortunately, the researchers didn't mention how the malware spreads, but they shared that it is unpacked into the /Library/Application Support/JavaW directory, poses as the application com.JavaW, and sets itself to autostart."
and
"UPDATE, 3 October, 15:00 PM CET According to Dr. Web researchers, the malware's propagation method is unknown. They received the sample from VirusTotal, and the code does not contain any indication that it's self-replicating.
The botnet is currently dormant, as all the Reddit comments containing the C&C servers' IP addresses have been deleted."
Both sources = (http://www.net-security.org/malware_news.php?id=2875)
How long before they rewrite more reddit commands? And how to wipe it out wouldfd be, er, helpful, too... :-(