Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Community > MacNN Lounge > a virus for Mac's

a virus for Mac's
Thread Tools
Senior User
Join Date: Jul 2002
Location: Florida
Status: Offline
Reply With Quote
Nov 2, 2007, 02:29 PM
 
oh well I was wondering how long before this started.

Fake Video Trojan Targets Macs
pcworld

The first-ever "fake codec" Trojan malware for the Apple Macintosh was identified yesterday by Intego, a maker of Internet security software for the Mac.

A fake codec pretends to be a free video codec -- often it's posted on a pornography site -- to fool victims into downloading it. It's not a video codec at all, however. Rather, it's a piece of malware intended to compromise the victim's machine. Although there are many Microsoft Windows-based fake-codec Trojans posted on porn Web sites today, Intego's find is thought to be the first Macintosh-based fake codec.

"This is definitely the first fake codec for the Mac," says Alex Eckelberry, CEO of antispyware company Sunbelt Software. "There are a lot of these for Windows, and they use social-engineering tactics to get someone to download it. This one, the first for the Mac, changes the desktop DNS to hijack it and redirect the user to various sites."

Eckelberry says the Web site Adultbookings.com is one place this has been found, but that fake codecs typically are distributed by professional malware writers to many sites.

"They get paid for this," Eckelberry says, adding that the debut of the first fake codec for the Macintosh suggests that professional malware writers now regard the Macinitosh to be as worthy a target as Windows.
     
Moderator Emeritus
Join Date: Mar 2004
Location: Copenhagen
Status: Offline
Reply With Quote
Nov 2, 2007, 02:31 PM
 
Just to get them both out of the way right away:

1. A virus for Mac’s what?
2. That’s not a virus, it’s just malware.
     
Addicted to MacNN
Join Date: Aug 2006
Location: Somewhere in the Pacific Northwest
Status: Offline
Reply With Quote
Nov 2, 2007, 02:32 PM
 
This is old news.

It does, however much Apple apologists will deny it, show that there are enterprising haxz0rz out there interested in exploiting the Mac. While this particular exploit requires quite a bit of user intervention, it can't be entirely ignored...it's not a major threat, but it could be the first doorway into Mac attacks...
     
Clinically Insane
Join Date: Oct 2001
Location: San Diego, CA, USA
Status: Offline
Reply With Quote
Nov 2, 2007, 02:36 PM
 
Originally Posted by shifuimam View Post
It does, however much Apple apologists will deny it, show that there are enterprising haxz0rz out there interested in exploiting the Mac.
Haven't Apple apologists always said there are enterprising hackers out there interested in exploiting the Mac, while Mac-bashers were the ones arguing that the Mac was only safe by reason of obscurity?
Chuck
___
"Instead of either 'multi-talented' or 'multitalented' use 'bisexual'."
     
Senior User
Join Date: Jul 2002
Location: Florida
Status: Offline
Reply With Quote
Nov 2, 2007, 02:36 PM
 
Originally Posted by Oisín View Post
Just to get them both out of the way right away:


2. That’s not a virus, it’s just malware.
ok ya got me there. wrong title to use.
but all the same, we've been lucky in having not to deal with that garbage. but with the popularity of the iphone and Mac's gaining in the pc market. it's only a mater of time before we do have a virus or two.
     
Moderator Emeritus
Join Date: Mar 2004
Location: Copenhagen
Status: Offline
Reply With Quote
Nov 2, 2007, 02:43 PM
 
Haven’t there already been several pieces of malware very similar in nature to this one for OS X?

A computer is only ever as safe as its user’s intelligence; that’s as true of a Mac as it is of a Windows machine.
     
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status: Offline
Reply With Quote
Nov 2, 2007, 02:50 PM
 
There have been a few proof of concepts types, but this is the first one in the wild that is actually somewhat harmful.

"The natural progress of things is for liberty to yield and government to gain ground." TJ
     
Baninated
Join Date: Aug 2007
Location: i have moved to another location per peter's message
Status: Offline
Reply With Quote
Nov 2, 2007, 02:53 PM
 
I do believe it would be "Macs" and not "Mac's". The ' makes is possessive while just the s makes it plural.
     
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Nov 2, 2007, 02:55 PM
 
Why even call this proof of concept ?

What's the farkin concept here, that some users are gullible ?

-t
     
Senior User
Join Date: Jul 2002
Location: Florida
Status: Offline
Reply With Quote
Nov 2, 2007, 02:56 PM
 
with only 3% of the pc market in the past, malicious code writers consider us unworthy of their efforts. until now. I knew that damn iphone would get them out. oh well,
ON GUARD.


Originally Posted by Oisín View Post
Haven’t there already been several pieces of malware very similar in nature to this one for OS X?

A computer is only ever as safe as its user’s intelligence; that’s as true of a Mac as it is of a Windows machine.
     
Moderator Emeritus
Join Date: Mar 2004
Location: Copenhagen
Status: Offline
Reply With Quote
Nov 2, 2007, 02:56 PM
 
Originally Posted by pinenuts View Post
I do believe it would be "Macs" and not "Mac's". The ' makes is possessive while just the s makes it plural.
And here I thought I’d gotten that all out of the way all quickly and stereotypically.
     
Moderator Emeritus
Join Date: Mar 2004
Location: Copenhagen
Status: Offline
Reply With Quote
Nov 2, 2007, 02:57 PM
 
Originally Posted by Gator Lager View Post
with only 3% of the pc market in the past, malicious code writers consider us unworthy of their efforts. until now. I knew that damn iphone would be them out. oh well,
ON GUARD.
That argument’s old as time, but a lot less reliable and trustworthy.
     
Addicted to MacNN
Join Date: Mar 2001
Location: USA
Status: Offline
Reply With Quote
Nov 2, 2007, 03:14 PM
 
A virus for "Mac's" what?
"Everything's so clear to me now: I'm the keeper of the cheese and you're the lemon merchant. Get it? And he knows it.
That's why he's gonna kill us. So we got to beat it. Yeah. Before he let's loose the marmosets on us."
my bandmy web sitemy guitar effectsmy photosfacebookbrightpoint
     
Moderator Emeritus
Join Date: Mar 2004
Location: Copenhagen
Status: Offline
Reply With Quote
Nov 2, 2007, 03:21 PM
 
Originally Posted by RAILhead View Post
A virus for "Mac's" what?
Gah!
     
Moderator Emeritus
Join Date: Sep 2001
Location: Arizona
Status: Offline
Reply With Quote
Nov 2, 2007, 03:30 PM
 
I like chicken
I like liver
Meow Mix, Meow Mix
Please de-liv-er
     
Addicted to MacNN
Join Date: Jul 2005
Location: Cooperstown '09
Status: Offline
Reply With Quote
Nov 2, 2007, 03:37 PM
 
I am shutting this thing down before I get infected!
     
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Nov 2, 2007, 03:57 PM
 
Oh hai, dis iz a good viruz. Its bringz you pron !!11!1oneone

-t
     
Addicted to MacNN
Join Date: Aug 2004
Location: FFM
Status: Offline
Reply With Quote
Nov 2, 2007, 04:32 PM
 
Originally Posted by Big Mac View Post
There have been a few proof of concepts types, but this is the first one in the wild that is actually somewhat harmful.
There has been some "Office installer" malware, that was out in the "wild" and it was harmful since it deleted your home folder. So this is actually not a new situation at all.
     
Mac Elite
Join Date: Jan 2001
Location: Helsinki, Finland
Status: Offline
Reply With Quote
Nov 2, 2007, 06:13 PM
 
Malware and trojans are easy to create, but the real trick is getting them distributed.

This case is somewhat significant in the sense that there are actually more than one site where you can catch it, as opposed to some random torrent item.
     
Posting Junkie
Join Date: May 2001
Location: Brisbane, Australia
Status: Offline
Reply With Quote
Nov 2, 2007, 06:26 PM
 
But I trusted this porn site! Why would they lie to me?

[ fb ] [ flickr ] [] [scl] [ last ] [ plaxo ]
     
Clinically Insane
Join Date: Dec 1999
Status: Offline
Reply With Quote
Nov 2, 2007, 06:46 PM
 
You have to download it, open the image, run the installer, then enter your admin login/password. It also doesn't self propagate so no one else is at risk.

This is like giving your car keys to a car thief.
"…I contend that we are both atheists. I just believe in one fewer god than
you do. When you understand why you dismiss all the other possible gods,
you will understand why I dismiss yours." - Stephen F. Roberts
     
Addicted to MacNN
Join Date: Mar 2006
Status: Offline
Reply With Quote
Nov 2, 2007, 06:58 PM
 
Yep - to reinforce this, it's like someone ringing your doorbell, you answer the door, they ask you whether you would mind giving them the keys to the house, you give them the keys, and then are outraged that you get robbed, and say your house is insecure!
     
Clinically Insane
Join Date: Dec 1999
Status: Offline
Reply With Quote
Nov 2, 2007, 07:08 PM
 
Originally Posted by peeb View Post
Yep - to reinforce this, it's like someone ringing your doorbell, you answer the door, they ask you whether you would mind giving them the keys to the house, you give them the keys, and then are outraged that you get robbed, and say your house is insecure!
Reminds me of that Monty Python sketch about the encyclopedia salesman. Knocks on the door and convinces the woman that he's really a burglar, and that he's only there to burgle. She finally believes him and lets him in, then he tries to sell her a set of encyclopedias.
"…I contend that we are both atheists. I just believe in one fewer god than
you do. When you understand why you dismiss all the other possible gods,
you will understand why I dismiss yours." - Stephen F. Roberts
     
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
Nov 2, 2007, 09:07 PM
 
Originally Posted by turtle777 View Post
Why even call this proof of concept ?

What's the farkin concept here, that some users are gullible ?

-t
Actually, yes, that's it completely. We Mac users tend to be ummmmm.....trusting. And bad people can take advantage of that. Anything free is worth what you pay for it. If it looks too good to be true, it probably is. There's one born every minute. Yep, they're all true.

Critical thinking is important in anything, and especially in interacting with people one doesn't know. 'nuf said?

Glenn -----OTR/L, MOT, Tx
     
zro
Mac Elite
Join Date: Nov 2003
Location: The back of the room
Status: Offline
Reply With Quote
Nov 2, 2007, 09:32 PM
 
Originally Posted by olePigeon View Post
This is like giving your car keys to a car thief.
... dressed as a valet.
     
Posting Junkie
Join Date: May 2001
Location: Brisbane, Australia
Status: Offline
Reply With Quote
Nov 2, 2007, 09:41 PM
 
It's kind of tough to sympathise with any "victims" of this though. Part of me think they kind of deserve it for being so gullible.

[ fb ] [ flickr ] [] [scl] [ last ] [ plaxo ]
     
Addicted to MacNN
Join Date: Mar 2006
Status: Offline
Reply With Quote
Nov 2, 2007, 09:45 PM
 
Well they don't 'deserve it', but you can't prevent all stupidity.
     
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
Nov 2, 2007, 11:29 PM
 
Gullible people deserve a wake up call, not being victimized. It's called "being naive." You know, innocent, unlearned, etc. Gullibility is inversely proportional to world experience and knowledge. "No, you can't get the clap from a toilet seat, and there's nobody in Nigeria that really wants to give you any money-they want to clean you out. This is an old scam, don't fall for it." Being accessible to your acquaintances that don't have experience in this sort of thing, and most importantly not sounding like a jerk when they say something silly, are better than anything to not only help them not be victimized but cut down on the gullible population-and thus the potential payoff for the bad guys. Who should rot in hell, by the way.

Glenn -----OTR/L, MOT, Tx
     
Professional Poster
Join Date: Nov 2004
Location: eating kernel
Status: Offline
Reply With Quote
Nov 2, 2007, 11:33 PM
 
So if you don't watch porn, you're safe?
Signature depreciated.
     
Posting Junkie
Join Date: May 2001
Location: Brisbane, Australia
Status: Offline
Reply With Quote
Nov 2, 2007, 11:38 PM
 
Originally Posted by C.A.T.S. CEO View Post
So if you don't watch porn, you're safe?
Yeah, all two of us.

[ fb ] [ flickr ] [] [scl] [ last ] [ plaxo ]
     
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
Nov 2, 2007, 11:40 PM
 
That depends, C.A.T.S..... Where does the porn come from? ANYTHING from the Internet is suspect. On the other hand, the big "trap" for Mac users was an offered screenshot of Tiger months before the actual release was announced-and it still required the user to run the attachment or whatever it was to "infect" his computer. Porn is just the most common entrée being used. Game keys, hacked software, all sorts of things are used to induce users to click on the wrong thing. So just "not watching porn" won't insulate you from hazards.

Glenn -----OTR/L, MOT, Tx
     
Grizzled Veteran
Join Date: Aug 2002
Status: Offline
Reply With Quote
Nov 3, 2007, 12:53 AM
 
So, let me get this straight...First, I have to find a site with this trojan, download the fake codec, launch the installer, and then enter my password to get this trojan up and running? Geez, so much for Mac ease of use.
( Last edited by MallyMal; Nov 3, 2007 at 01:03 AM. )
     
Moderator Emeritus
Join Date: Apr 2001
Location: Fort Lauderdale, FL
Status: Offline
Reply With Quote
Nov 3, 2007, 01:12 AM
 
dude, i'm soo good at clicking only the proper links when I'm on a page full of filth. good luck!
ice
     
Clinically Insane
Join Date: Mar 2001
Location: yes
Status: Offline
Reply With Quote
Nov 3, 2007, 03:14 AM
 
Originally Posted by Oisín View Post
Just to get them both out of the way right away:

1. A virus for Mac’s what?
2. That’s not a virus, it’s just malware.
Damn it, I was about to go for a post saying #1...
     
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Nov 3, 2007, 10:03 PM
 
Originally Posted by MallyMal View Post
So, let me get this straight...First, I have to find a site with this trojan, download the fake codec, launch the installer, and then enter my password to get this trojan up and running? Geez, so much for Mac ease of use.


Nice.

-t
     
Fresh-Faced Recruit
Join Date: Feb 2007
Status: Offline
Reply With Quote
Nov 4, 2007, 01:13 AM
 
Im so pissed about this, I am going to stop by the Apple shop to complain, the only reason I bout MAC was because there are no viruses, and now there are.

Is there anything we can do to protect ourselves until Apple fix this?
     
Senior User
Join Date: Aug 2004
Location: Preston, England.
Status: Offline
Reply With Quote
Nov 4, 2007, 01:35 AM
 
Originally Posted by The Yorkshire Rapper View Post
Im so pissed about this, I am going to stop by the Apple shop to complain, the only reason I bout MAC was because there are no viruses, and now there are.

Is there anything we can do to protect ourselves until Apple fix this?
You're kidding right?

(And it's "Mac" not "MAC")
     
Addicted to MacNN
Join Date: Jan 2002
Location: PDX
Status: Offline
Reply With Quote
Nov 4, 2007, 02:04 AM
 
Originally Posted by The Yorkshire Rapper View Post
...I am going to stop by the Apple shop to complain...
Please let us know how that goes.
     
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
Nov 4, 2007, 09:52 AM
 
Originally Posted by The Yorkshire Rapper View Post
Im so pissed about this, I am going to stop by the Apple shop to complain, the only reason I bout MAC was because there are no viruses, and now there are.

Is there anything we can do to protect ourselves until Apple fix this?
If you're serious and not just posting silly stuff, then relax. The whole "virus" thing with Macs (please, not "MAC"-that's something different) is overblown. It takes user intervention to install anything that can do damage to your Mac, and as long as you're not clicking on "free stuff!" or "unlock all that software-free!!!!" downloads, you should be fine. Just don't expect to take advantage of people offering stuff that seems way too good to be true-they're not to be trusted.

Glenn -----OTR/L, MOT, Tx
     
Baninated
Join Date: Oct 2002
Location: In yer threads
Status: Offline
Reply With Quote
Nov 4, 2007, 10:02 AM
 
Originally Posted by Oisín View Post
1. A virus for Mac’s what?
Took my question.

And I am wondering how many Mac users have been infected.

And before anyone replies to York again read this thread

http://forums.macnn.com/82/applicati...-sony-discman/
     
Moderator Emeritus
Join Date: Mar 2004
Location: Copenhagen
Status: Offline
Reply With Quote
Nov 4, 2007, 10:16 AM
 
I wonder which regular is having lots of fun with this Yorkshire Nutter account...

(My instincts tell me it’s Demonhood)
     
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
Nov 4, 2007, 10:52 AM
 
Originally Posted by Oisín View Post
I wonder which regular is having lots of fun with this Yorkshire Nutter account...

(My instincts tell me it’s Demonhood)
Unfortunately, with all the stuff this account has posted, I'm thinking it's a legit-and terribly misguided-person.

Glenn -----OTR/L, MOT, Tx
     
Professional Poster
Join Date: Nov 2004
Location: eating kernel
Status: Offline
Reply With Quote
Nov 4, 2007, 02:36 PM
 
Originally Posted by esXXI View Post
You're kidding right?

(And it's "Mac" not "MAC")
Just ignore him, he is just a troll.
Signature depreciated.
     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -4. The time now is 02:59 AM.
All contents of these forums © 1995-2015 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2015, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2