Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,000 machines, leaving the malware’s ultimate goal unknown. The lack of a final payload suggests that the malware may spring into action once an unknown condition is met.
If it's checking in that frequently and isn't doing anything else it's likely a botnet that someone has been building, especially with self destruct built into it.
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
