[Gator Lager]

oh well I was wondering how long before this started.

Fake Video Trojan Targets Macs
pcworld

The first-ever "fake codec" Trojan malware for the Apple Macintosh was identified yesterday by Intego, a maker of Internet security software for the Mac.

A fake codec pretends to be a free video codec -- often it's posted on a pornography site -- to fool victims into downloading it. It's not a video codec at all, however. Rather, it's a piece of malware intended to compromise the victim's machine. Although there are many Microsoft Windows-based fake-codec Trojans posted on porn Web sites today, Intego's find is thought to be the first Macintosh-based fake codec.

"This is definitely the first fake codec for the Mac," says Alex Eckelberry, CEO of antispyware company Sunbelt Software. "There are a lot of these for Windows, and they use social-engineering tactics to get someone to download it. This one, the first for the Mac, changes the desktop DNS to hijack it and redirect the user to various sites."

Eckelberry says the Web site Adultbookings.com is one place this has been found, but that fake codecs typically are distributed by professional malware writers to many sites.

"They get paid for this," Eckelberry says, adding that the debut of the first fake codec for the Macintosh suggests that professional malware writers now regard the Macinitosh to be as worthy a target as Windows.

[Oisín]

Just to get them both out of the way right away:

1. A virus for Mac’s what?
2. That’s not a virus, it’s just malware.

[shifuimam]

This is old news.

It does, however much Apple apologists will deny it, show that there are enterprising haxz0rz out there interested in exploiting the Mac. While this particular exploit requires quite a bit of user intervention, it can't be entirely ignored...it's not a major threat, but it could be the first doorway into Mac attacks...

[Chuckit]

Originally Posted by shifuimam 

It does, however much Apple apologists will deny it, show that there are enterprising haxz0rz out there interested in exploiting the Mac.

Haven't Apple apologists always said there are enterprising hackers out there interested in exploiting the Mac, while Mac-bashers were the ones arguing that the Mac was only safe by reason of obscurity?

[Gator Lager]

Originally Posted by Oisín 

Just to get them both out of the way right away:


2. That’s not a virus, it’s just malware.

ok ya got me there. wrong title to use.
but all the same, we've been lucky in having not to deal with that garbage. but with the popularity of the iphone and Mac's gaining in the pc market. it's only a mater of time before we do have a virus or two.

[Oisín]

Haven’t there already been several pieces of malware very similar in nature to this one for OS X?

A computer is only ever as safe as its user’s intelligence; that’s as true of a Mac as it is of a Windows machine.

[Big Mac]

There have been a few proof of concepts types, but this is the first one in the wild that is actually somewhat harmful.

[pinenuts]

I do believe it would be "Macs" and not "Mac's". The ' makes is possessive while just the s makes it plural.

[turtle777]

Why even call this proof of concept ?

What's the farkin concept here, that some users are gullible ?

-t

[Gator Lager]

with only 3% of the pc market in the past, malicious code writers consider us unworthy of their efforts. until now. I knew that damn iphone would get them out. oh well,
ON GUARD.

Originally Posted by Oisín 

Haven’t there already been several pieces of malware very similar in nature to this one for OS X?

A computer is only ever as safe as its user’s intelligence; that’s as true of a Mac as it is of a Windows machine.

[Oisín]

Originally Posted by pinenuts 

I do believe it would be "Macs" and not "Mac's". The ' makes is possessive while just the s makes it plural.

And here I thought I’d gotten that all out of the way all quickly and stereotypically.

[Oisín]

Originally Posted by Gator Lager 

with only 3% of the pc market in the past, malicious code writers consider us unworthy of their efforts. until now. I knew that damn iphone would be them out. oh well,
ON GUARD.

That argument’s old as time, but a lot less reliable and trustworthy.

[RAILhead]

A virus for "Mac's" what?

[Oisín]

Originally Posted by RAILhead 

A virus for "Mac's" what?

Gah!

[Lateralus]

[rickey939]

I am shutting this thing down before I get infected!

[turtle777]

Oh hai, dis iz a good viruz. Its bringz you pron !!11!1oneone

-t

[TETENAL]

Originally Posted by Big Mac 

There have been a few proof of concepts types, but this is the first one in the wild that is actually somewhat harmful.

There has been some "Office installer" malware, that was out in the "wild" and it was harmful since it deleted your home folder. So this is actually not a new situation at all.

[Judge_Fire]

Malware and trojans are easy to create, but the real trick is getting them distributed.

This case is somewhat significant in the sense that there are actually more than one site where you can catch it, as opposed to some random torrent item.

[- - e r i k - -]

But I trusted this porn site! Why would they lie to me?

[olePigeon]

You have to download it, open the image, run the installer, then enter your admin login/password. It also doesn't self propagate so no one else is at risk.

This is like giving your car keys to a car thief.

[peeb]

Yep - to reinforce this, it's like someone ringing your doorbell, you answer the door, they ask you whether you would mind giving them the keys to the house, you give them the keys, and then are outraged that you get robbed, and say your house is insecure!

[olePigeon]

Originally Posted by peeb 

Yep - to reinforce this, it's like someone ringing your doorbell, you answer the door, they ask you whether you would mind giving them the keys to the house, you give them the keys, and then are outraged that you get robbed, and say your house is insecure!

Reminds me of that Monty Python sketch about the encyclopedia salesman. Knocks on the door and convinces the woman that he's really a burglar, and that he's only there to burgle. She finally believes him and lets him in, then he tries to sell her a set of encyclopedias.

[ghporter]

Originally Posted by turtle777 

Why even call this proof of concept ?

What's the farkin concept here, that some users are gullible ?

-t

Actually, yes, that's it completely. We Mac users tend to be ummmmm.....trusting. And bad people can take advantage of that. Anything free is worth what you pay for it. If it looks too good to be true, it probably is. There's one born every minute. Yep, they're all true.

Critical thinking is important in anything, and especially in interacting with people one doesn't know. 'nuf said?

[zro]

Originally Posted by olePigeon 

This is like giving your car keys to a car thief.

... dressed as a valet.

[- - e r i k - -]

It's kind of tough to sympathise with any "victims" of this though. Part of me think they kind of deserve it for being so gullible.

[peeb]

Well they don't 'deserve it', but you can't prevent all stupidity.

[ghporter]

Gullible people deserve a wake up call, not being victimized. It's called "being naive." You know, innocent, unlearned, etc. Gullibility is inversely proportional to world experience and knowledge. "No, you can't get the clap from a toilet seat, and there's nobody in Nigeria that really wants to give you any money-they want to clean you out. This is an old scam, don't fall for it." Being accessible to your acquaintances that don't have experience in this sort of thing, and most importantly not sounding like a jerk when they say something silly, are better than anything to not only help them not be victimized but cut down on the gullible population-and thus the potential payoff for the bad guys. Who should rot in hell, by the way.

[C.A.T.S. CEO]

So if you don't watch porn, you're safe?

[- - e r i k - -]

Originally Posted by C.A.T.S. CEO 

So if you don't watch porn, you're safe?

Yeah, all two of us.

[ghporter]

That depends, C.A.T.S..... Where does the porn come from? ANYTHING from the Internet is suspect. On the other hand, the big "trap" for Mac users was an offered screenshot of Tiger months before the actual release was announced-and it still required the user to run the attachment or whatever it was to "infect" his computer. Porn is just the most common entrée being used. Game keys, hacked software, all sorts of things are used to induce users to click on the wrong thing. So just "not watching porn" won't insulate you from hazards.

[MallyMal]

So, let me get this straight...First, I have to find a site with this trojan, download the fake codec, launch the installer, and then enter my password to get this trojan up and running? Geez, so much for Mac ease of use.

[IceEnclosure]

dude, i'm soo good at clicking only the proper links when I'm on a page full of filth. good luck!

[besson3c]

Originally Posted by Oisín 

Just to get them both out of the way right away:

1. A virus for Mac’s what?
2. That’s not a virus, it’s just malware.

Damn it, I was about to go for a post saying #1...

[turtle777]

Originally Posted by MallyMal 

So, let me get this straight...First, I have to find a site with this trojan, download the fake codec, launch the installer, and then enter my password to get this trojan up and running? Geez, so much for Mac ease of use.

Nice.

-t

[The Yorkshire Rapper]

Im so pissed about this, I am going to stop by the Apple shop to complain, the only reason I bout MAC was because there are no viruses, and now there are.

Is there anything we can do to protect ourselves until Apple fix this?

[esXXI]

Originally Posted by The Yorkshire Rapper 

Im so pissed about this, I am going to stop by the Apple shop to complain, the only reason I bout MAC was because there are no viruses, and now there are.

Is there anything we can do to protect ourselves until Apple fix this?

You're kidding right?

(And it's "Mac" not "MAC")

[::maroma::]

Originally Posted by The Yorkshire Rapper 

...I am going to stop by the Apple shop to complain...

Please let us know how that goes.

[ghporter]

Originally Posted by The Yorkshire Rapper 

Im so pissed about this, I am going to stop by the Apple shop to complain, the only reason I bout MAC was because there are no viruses, and now there are.

Is there anything we can do to protect ourselves until Apple fix this?

If you're serious and not just posting silly stuff, then relax. The whole "virus" thing with Macs (please, not "MAC"-that's something different) is overblown. It takes user intervention to install anything that can do damage to your Mac, and as long as you're not clicking on "free stuff!" or "unlock all that software-free!!!!" downloads, you should be fine. Just don't expect to take advantage of people offering stuff that seems way too good to be true-they're not to be trusted.

[Kevin]

Originally Posted by Oisín 

1. A virus for Mac’s what?

Took my question.

And I am wondering how many Mac users have been infected.

And before anyone replies to York again read this thread

http://forums.macnn.com/82/applicati...-sony-discman/

[Oisín]

I wonder which regular is having lots of fun with this Yorkshire Nutter account...

(My instincts tell me it’s Demonhood)

[ghporter]

Originally Posted by Oisín 

I wonder which regular is having lots of fun with this Yorkshire Nutter account...

(My instincts tell me it’s Demonhood)

Unfortunately, with all the stuff this account has posted, I'm thinking it's a legit-and terribly misguided-person.

[C.A.T.S. CEO]

Originally Posted by esXXI 

You're kidding right?

(And it's "Mac" not "MAC")

Just ignore him, he is just a troll.