Mac Security: Removing iBotnet

Page content

Removing the Botnet

There are few things that are at the same time as beautiful and as horrible as a botnet. The botnet exploits the best features of the larger PC community, but for evil purposes. Much like Spiderman’s archnemesis Venom, the abilities of the botnet are derived from the same strength of community sharing on the internet.

A botnet in short is a collection of PCs that allow hackers to connect to various IP addresses for nefarious reasons to try to do all sorts of bad, illegal things – steal credit card numbers, social security numbers, but mostly just mess with other people’s computers.

Mac users, you guys manage to make me laugh with every commercial Apple puts out. Mac users that believe you’re invulnerable to Botnets, Viruses, and Spyware just because your kernel is different from Windows – you’re in for a nasty surprise. iBotnet, the newest horror to hit the Mac community is, thankfully easily removable, but it’ll make you think twice about virus and spyware protection on your favorite Apple product.

Here’s how to remove the botnet once and for all, and keep in mind, you’ll have to do this manually:

  1. BACKUP YOUR STUFF! Nothing beats a good backup in case things get ugly.

  2. First things first, block the website that the botnet calls for help on: 69.92.177:59201 and

  1. Blocking the website should just be a matter of opening the Terminal and typing in the following command: Sudo nano /etc/hosts

  2. With that command typed, just re-route the internet website in step 2 to your local machine and click control-o followed by “return” on the keyboard

  3. Got the websites blocked? It’s time to delete the files that are causing so much trouble on your PC

  4. Start by deleting the following file: System/Library/Startupitems/iWorkservices/Startupparameters.plist

  5. Then delete the following folders: System/Library/StartupItems/iWorkservices and usr/bin/iWorkservices

  1. Deleting anything in OSX is extremely simple, just drag and drop into the Trashbin at the end of the dock

After these files are all deleted, reboot your Mac and things should be fine once again. Just keep in mind to be extremely careful when downloading Bittorrent files and P2P files, as that’s how this particular botnet spread. The next time, you might not be as easily able to defeat the bots.