Contrary to some popular notions, this report claims that spam originates evenly from three geographic areas: the Americas are responsible for about 35% of spam, versus 32% from Europe and 28% from Asia. About 58% of all spam comes from known botnets evenly distributed around the globe, although the botnet known as Donbot is alone responsible for 18%.

A botnet is a (usually) large group of computers that are all infected with virus, worm, or Trojan horse software under a command-and-control infrastructure. The originator, or “bot herder” issues commands to the infected “Zombie” computers to send or relay spam messages, as well as send out copies of the infected software in an attempt to gain control of additional, weakly-secured computers. It has been estimated that nearly one-quarter of all computers on the Internet are infected Zombies.

What can you do about all this? Not a great deal, unfortunately. Using anti-virus and anti-spam software, and updating it regularly, is the only way of combatting the flood of Internet spam and malware. In addition, most ISPs implement anti-malware software on their email servers — Google’s gMail service features one of the better anti-malware software suites.

But the bad guys are still out there, and they’re very busy. It pays to be vigilant, folks.

As reported last week, the first remotely-controlled “botnet” created from Macintosh computers has been identified in the field. These Macs are infected with one of the above-named Trojan horse programs, which were identified back in January as being spread via illegal copies of Adobe CS-4 and iWork 2009 software.

MacScan’s removal tool is a stand-alone program that searches for these trojans and removes them if they exist. If neither Trojan exists, the program displays the dialog box to the left and you’re free to quit the program.

Mac users have been particularly fortunate, in that little in the way of malware has yet been aimed their computers. Clearly that has now changed, and given the potential of this malware to at minimum slow your Mac’s performance, and at worst to turn it into a “zombie,” there’s simply no reason not to download and run the removal tool.

Mac users who downloaded pirated copies of Adobe’s Creative Suite CS4 or iWork 2009 may have got more than they bargained for, as some of these copies contained trojan horse software OSX.Trojan.iServices.A and OSX.Trojan.iServices.B. When the user unpacks the pirated software, the trojan is installed and becomes active, turning the Mac into a “zombie.” Since the trojan software was first discovered in January 2009, most anti-virus software has by now been updated to remove the trojan and its remnants. Still, the botnet was recently implicated in DDoS attacks on several servers.

This incident provides yet another reason to avoid installing pirated software on your computer. The success of this Mac-based botnet almost guarantees that more pirated software will be released that is infected, so it’s best to stay away… stay far, far away.

According to antivirus software maker Intego, there’s a new Trojan horse program that targets Macs running OSX. Designed to allow a hacker to take control of the computer, delete files, or damage the operating system, this little nasty masquerades as a poker game called “Ace in the Hole” or simply “PokerGame”. When downloaded and run, a shell script inside the Trojan opens an SSH connection, then transmits the username, password, and IP address of the infected computer.

The moral of the story: don’t download software you receive in email from people you don’t know, or from websites you don’t completely trust. Here’s the link to Intego’s page announcing the discovery, and the Get Info screenshot at right is from their page as well.

I’ll be investigating this further to see how widespread it is. Intego lists its threat level as low, since you have to explicitly download and run it in order for it to do nasty things to your machine. Just don’t, okay?

Share/Save