Mac Worm uses Reddit for botnet propagation

It’s a little old now, I’m surprised I hadn’t blogged about it before now, but I feel it’s still an interesting little exploit to mention.

From my naive understanding of the exploit, it masks itself as a Java-esque app and trys to gain port listening access surreptitiously.

The novel part is that once it can, it searches Reddit for a partial MD5 hash based on the current date, which would return a list of ips published by a former /u/vtnhiaovyd on a former r/minecraftserverlists.

These IPs are of course C&C servers, from which the worm gets further commands.

It’s all been long cleaned up, but I still find it an amusing and novel little worm.



An interpetation of the Don Hertzfeldt Simpsons Couch Gag

Such an interesting interpretation.

I feel both smarter for having read it, and a little bit dumb for not realizing any of it after initial watching the clip.

I can not modern art, apparently.

Also, if you want to see the couch gag in question, you can watch it on YouTube