|
|
a virus for Mac's
|
|
|
|
Senior User
Join Date: Jul 2002
Location: Florida
Status:
Offline
|
|
oh well I was wondering how long before this started.
Fake Video Trojan Targets Macs
pcworld
The first-ever "fake codec" Trojan malware for the Apple Macintosh was identified yesterday by Intego, a maker of Internet security software for the Mac.
A fake codec pretends to be a free video codec -- often it's posted on a pornography site -- to fool victims into downloading it. It's not a video codec at all, however. Rather, it's a piece of malware intended to compromise the victim's machine. Although there are many Microsoft Windows-based fake-codec Trojans posted on porn Web sites today, Intego's find is thought to be the first Macintosh-based fake codec.
"This is definitely the first fake codec for the Mac," says Alex Eckelberry, CEO of antispyware company Sunbelt Software. "There are a lot of these for Windows, and they use social-engineering tactics to get someone to download it. This one, the first for the Mac, changes the desktop DNS to hijack it and redirect the user to various sites."
Eckelberry says the Web site Adultbookings.com is one place this has been found, but that fake codecs typically are distributed by professional malware writers to many sites.
"They get paid for this," Eckelberry says, adding that the debut of the first fake codec for the Macintosh suggests that professional malware writers now regard the Macinitosh to be as worthy a target as Windows.
|
|
|
|
|
|
|
|
|
Moderator Emeritus
Join Date: Mar 2004
Location: Copenhagen
Status:
Offline
|
|
Just to get them both out of the way right away:
1. A virus for Mac’s what?
2. That’s not a virus, it’s just malware.
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Aug 2006
Location: The deep backwoods of the PNW
Status:
Offline
|
|
This is old news.
It does, however much Apple apologists will deny it, show that there are enterprising haxz0rz out there interested in exploiting the Mac. While this particular exploit requires quite a bit of user intervention, it can't be entirely ignored...it's not a major threat, but it could be the first doorway into Mac attacks...
|
Sell or send me your vintage Mac things if you don't want them.
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Oct 2001
Location: San Diego, CA, USA
Status:
Offline
|
|
Originally Posted by shifuimam
It does, however much Apple apologists will deny it, show that there are enterprising haxz0rz out there interested in exploiting the Mac.
Haven't Apple apologists always said there are enterprising hackers out there interested in exploiting the Mac, while Mac-bashers were the ones arguing that the Mac was only safe by reason of obscurity?
|
Chuck
___
"Instead of either 'multi-talented' or 'multitalented' use 'bisexual'."
|
|
|
|
|
|
|
|
Senior User
Join Date: Jul 2002
Location: Florida
Status:
Offline
|
|
Originally Posted by Oisín
Just to get them both out of the way right away:
2. That’s not a virus, it’s just malware.
ok ya got me there. wrong title to use.
but all the same, we've been lucky in having not to deal with that garbage. but with the popularity of the iphone and Mac's gaining in the pc market. it's only a mater of time before we do have a virus or two.
|
|
|
|
|
|
|
|
|
Moderator Emeritus
Join Date: Mar 2004
Location: Copenhagen
Status:
Offline
|
|
Haven’t there already been several pieces of malware very similar in nature to this one for OS X?
A computer is only ever as safe as its user’s intelligence; that’s as true of a Mac as it is of a Windows machine.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status:
Offline
|
|
There have been a few proof of concepts types, but this is the first one in the wild that is actually somewhat harmful.
|
"The natural progress of things is for liberty to yield and government to gain ground." TJ
|
|
|
|
|
|
|
|
Baninated
Join Date: Aug 2007
Location: i have moved to another location per peter's message
Status:
Offline
|
|
I do believe it would be "Macs" and not "Mac's". The ' makes is possessive while just the s makes it plural.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status:
Offline
|
|
Why even call this proof of concept ?
What's the farkin concept here, that some users are gullible ?
-t
|
|
|
|
|
|
|
|
|
Senior User
Join Date: Jul 2002
Location: Florida
Status:
Offline
|
|
with only 3% of the pc market in the past, malicious code writers consider us unworthy of their efforts. until now. I knew that damn iphone would get them out. oh well,
ON GUARD.
Originally Posted by Oisín
Haven’t there already been several pieces of malware very similar in nature to this one for OS X?
A computer is only ever as safe as its user’s intelligence; that’s as true of a Mac as it is of a Windows machine.
|
|
|
|
|
|
|
|
|
Moderator Emeritus
Join Date: Mar 2004
Location: Copenhagen
Status:
Offline
|
|
Originally Posted by pinenuts
I do believe it would be "Macs" and not "Mac's". The ' makes is possessive while just the s makes it plural.
And here I thought I’d gotten that all out of the way all quickly and stereotypically.
|
|
|
|
|
|
|
|
|
Moderator Emeritus
Join Date: Mar 2004
Location: Copenhagen
Status:
Offline
|
|
Originally Posted by Gator Lager
with only 3% of the pc market in the past, malicious code writers consider us unworthy of their efforts. until now. I knew that damn iphone would be them out. oh well,
ON GUARD.
That argument’s old as time, but a lot less reliable and trustworthy.
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Mar 2001
Location: USA
Status:
Offline
|
|
A virus for "Mac's" what?
|
|
|
|
|
|
|
|
|
Moderator Emeritus
Join Date: Mar 2004
Location: Copenhagen
Status:
Offline
|
|
Originally Posted by RAILhead
A virus for "Mac's" what?
Gah!
|
|
|
|
|
|
|
|
|
Moderator Emeritus
Join Date: Sep 2001
Location: Arizona
Status:
Offline
|
|
|
I like chicken
I like liver
Meow Mix, Meow Mix
Please de-liv-er
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Jul 2005
Location: Cooperstown '09
Status:
Offline
|
|
I am shutting this thing down before I get infected!
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status:
Offline
|
|
Oh hai, dis iz a good viruz. Its bringz you pron !!11!1oneone
-t
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Aug 2004
Location: FFM
Status:
Offline
|
|
Originally Posted by Big Mac
There have been a few proof of concepts types, but this is the first one in the wild that is actually somewhat harmful.
There has been some "Office installer" malware, that was out in the "wild" and it was harmful since it deleted your home folder. So this is actually not a new situation at all.
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Jan 2001
Location: Helsinki, Finland
Status:
Offline
|
|
Malware and trojans are easy to create, but the real trick is getting them distributed.
This case is somewhat significant in the sense that there are actually more than one site where you can catch it, as opposed to some random torrent item.
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: May 2001
Location: Brisbane, Australia
Status:
Offline
|
|
But I trusted this porn site! Why would they lie to me?
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Dec 1999
Status:
Offline
|
|
You have to download it, open the image, run the installer, then enter your admin login/password. It also doesn't self propagate so no one else is at risk.
This is like giving your car keys to a car thief.
|
"…I contend that we are both atheists. I just believe in one fewer god than
you do. When you understand why you dismiss all the other possible gods,
you will understand why I dismiss yours." - Stephen F. Roberts
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Mar 2006
Status:
Offline
|
|
Yep - to reinforce this, it's like someone ringing your doorbell, you answer the door, they ask you whether you would mind giving them the keys to the house, you give them the keys, and then are outraged that you get robbed, and say your house is insecure!
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Dec 1999
Status:
Offline
|
|
Originally Posted by peeb
Yep - to reinforce this, it's like someone ringing your doorbell, you answer the door, they ask you whether you would mind giving them the keys to the house, you give them the keys, and then are outraged that you get robbed, and say your house is insecure!
Reminds me of that Monty Python sketch about the encyclopedia salesman. Knocks on the door and convinces the woman that he's really a burglar, and that he's only there to burgle. She finally believes him and lets him in, then he tries to sell her a set of encyclopedias.
|
"…I contend that we are both atheists. I just believe in one fewer god than
you do. When you understand why you dismiss all the other possible gods,
you will understand why I dismiss yours." - Stephen F. Roberts
|
|
|
|
|
|
|
|
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
Originally Posted by turtle777
Why even call this proof of concept ?
What's the farkin concept here, that some users are gullible ?
-t
Actually, yes, that's it completely. We Mac users tend to be ummmmm.....trusting. And bad people can take advantage of that. Anything free is worth what you pay for it. If it looks too good to be true, it probably is. There's one born every minute. Yep, they're all true.
Critical thinking is important in anything, and especially in interacting with people one doesn't know. 'nuf said?
|
Glenn -----OTR/L, MOT, Tx
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Nov 2003
Location: The back of the room
Status:
Offline
|
|
Originally Posted by olePigeon
This is like giving your car keys to a car thief.
... dressed as a valet.
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: May 2001
Location: Brisbane, Australia
Status:
Offline
|
|
It's kind of tough to sympathise with any "victims" of this though. Part of me think they kind of deserve it for being so gullible.
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Mar 2006
Status:
Offline
|
|
Well they don't 'deserve it', but you can't prevent all stupidity.
|
|
|
|
|
|
|
|
|
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
Gullible people deserve a wake up call, not being victimized. It's called "being naive." You know, innocent, unlearned, etc. Gullibility is inversely proportional to world experience and knowledge. "No, you can't get the clap from a toilet seat, and there's nobody in Nigeria that really wants to give you any money-they want to clean you out. This is an old scam, don't fall for it." Being accessible to your acquaintances that don't have experience in this sort of thing, and most importantly not sounding like a jerk when they say something silly, are better than anything to not only help them not be victimized but cut down on the gullible population-and thus the potential payoff for the bad guys. Who should rot in hell, by the way.
|
Glenn -----OTR/L, MOT, Tx
|
|
|
|
|
|
|
|
Professional Poster
Join Date: Nov 2004
Location: eating kernel
Status:
Offline
|
|
So if you don't watch porn, you're safe?
|
Signature depreciated.
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: May 2001
Location: Brisbane, Australia
Status:
Offline
|
|
Originally Posted by C.A.T.S. CEO
So if you don't watch porn, you're safe?
Yeah, all two of us.
|
|
|
|
|
|
|
|
|
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
That depends, C.A.T.S..... Where does the porn come from? ANYTHING from the Internet is suspect. On the other hand, the big "trap" for Mac users was an offered screenshot of Tiger months before the actual release was announced-and it still required the user to run the attachment or whatever it was to "infect" his computer. Porn is just the most common entrée being used. Game keys, hacked software, all sorts of things are used to induce users to click on the wrong thing. So just "not watching porn" won't insulate you from hazards.
|
Glenn -----OTR/L, MOT, Tx
|
|
|
|
|
|
|
|
Grizzled Veteran
Join Date: Aug 2002
Status:
Offline
|
|
So, let me get this straight...First, I have to find a site with this trojan, download the fake codec, launch the installer, and then enter my password to get this trojan up and running? Geez, so much for Mac ease of use.
(
Last edited by MallyMal; Nov 3, 2007 at 12:03 AM.
)
|
|
|
|
|
|
|
|
|
Moderator Emeritus
Join Date: Apr 2001
Location: Fort Lauderdale, FL
Status:
Offline
|
|
dude, i'm soo good at clicking only the proper links when I'm on a page full of filth. good luck!
|
ice
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by Oisín
Just to get them both out of the way right away:
1. A virus for Mac’s what?
2. That’s not a virus, it’s just malware.
Damn it, I was about to go for a post saying #1...
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status:
Offline
|
|
Originally Posted by MallyMal
So, let me get this straight...First, I have to find a site with this trojan, download the fake codec, launch the installer, and then enter my password to get this trojan up and running? Geez, so much for Mac ease of use.
Nice.
-t
|
|
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Feb 2007
Status:
Offline
|
|
Im so pissed about this, I am going to stop by the Apple shop to complain, the only reason I bout MAC was because there are no viruses, and now there are.
Is there anything we can do to protect ourselves until Apple fix this?
|
|
|
|
|
|
|
|
|
Senior User
Join Date: Aug 2004
Location: Preston, England.
Status:
Offline
|
|
Originally Posted by The Yorkshire Rapper
Im so pissed about this, I am going to stop by the Apple shop to complain, the only reason I bout MAC was because there are no viruses, and now there are.
Is there anything we can do to protect ourselves until Apple fix this?
You're kidding right?
(And it's "Mac" not "MAC")
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Jan 2002
Location: PDX
Status:
Offline
|
|
Originally Posted by The Yorkshire Rapper
...I am going to stop by the Apple shop to complain...
Please let us know how that goes.
|
|
|
|
|
|
|
|
|
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
Originally Posted by The Yorkshire Rapper
Im so pissed about this, I am going to stop by the Apple shop to complain, the only reason I bout MAC was because there are no viruses, and now there are.
Is there anything we can do to protect ourselves until Apple fix this?
If you're serious and not just posting silly stuff, then relax. The whole "virus" thing with Macs (please, not "MAC"-that's something different) is overblown. It takes user intervention to install anything that can do damage to your Mac, and as long as you're not clicking on "free stuff!" or "unlock all that software-free!!!!" downloads, you should be fine. Just don't expect to take advantage of people offering stuff that seems way too good to be true-they're not to be trusted.
|
Glenn -----OTR/L, MOT, Tx
|
|
|
|
|
|
|
|
Baninated
Join Date: Oct 2002
Location: In yer threads
Status:
Offline
|
|
|
|
|
|
|
|
|
|
|
Moderator Emeritus
Join Date: Mar 2004
Location: Copenhagen
Status:
Offline
|
|
I wonder which regular is having lots of fun with this Yorkshire Nutter account...
(My instincts tell me it’s Demonhood)
|
|
|
|
|
|
|
|
|
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
Originally Posted by Oisín
I wonder which regular is having lots of fun with this Yorkshire Nutter account...
(My instincts tell me it’s Demonhood)
Unfortunately, with all the stuff this account has posted, I'm thinking it's a legit-and terribly misguided-person.
|
Glenn -----OTR/L, MOT, Tx
|
|
|
|
|
|
|
|
Professional Poster
Join Date: Nov 2004
Location: eating kernel
Status:
Offline
|
|
Originally Posted by esXXI
You're kidding right?
(And it's "Mac" not "MAC")
Just ignore him, he is just a troll.
|
Signature depreciated.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|