Another OS X Trojan Paves Way for Mac Zombie Army

CommanderFrank

CommanderFrank

Cat Can't Scratch It
Joined
May 9, 2000
Messages
75,399
It’s been a long time coming, but the Mac is finally getting the attention deserved as a major computer operating system. Hackers are beginning to target Macs on a greater scale lately, forcing Apple to accept the fact that OSX is vulnerable to attack at long last.

And for a cyber criminal, the best kind of botnet to run would be one comprised of machines whose owners think they'll never be infected.
Click to expand...
 
It only makes sense... most Apple buyers are not the brightest bunch of folk. They are overpaying for a fancy casing, while the inside is the same as any other computer (intel parts even in macs now!)

So it only makes sense.... target the rich, dumb people who do not protect what they have because they mostly believe they are safer with their mac. Rich people have more money, are not using any antivirus because the "mac genius" at the store (literally the name), says that PCs only need virus protection...... and they have macs, why not target them?
 
Dman2280 said:
It only makes sense... most Apple buyers are not the brightest bunch of folk. They are overpaying for a fancy casing, while the inside is the same as any other computer (intel parts even in macs now!)

So it only makes sense.... target the rich, dumb people who do not protect what they have because they mostly believe they are safer with their mac. Rich people have more money, are not using any antivirus because the "mac genius" at the store (literally the name), says that PCs only need virus protection...... and they have macs, why not target them?
Click to expand...

Just seems kinda strange, because I know I've seen many [h]ard users claim they don't run anit-virus on their pc machines. "Only idiots get a virus" is a common enough saying around here when the discussion comes up, but this place is also pretty quick to jump on mac users anytime a virus (however benign) pops up for mac with a big "see told you so! macs are vunerable too!" It's like a total disconnect.

http://hardforum.com/showthread.php?t=1563906
i.e. Lots of people in this thread claim not to need anti-virus.

Personally I run Kaspersky on my macbook as a 'just-in-case' measure. Never found a problem, but you never know when a site/app might be compromised or something new comes out.
 
Those people that don't run AV on Windows are just as dumb as typical mac users. AV is not a magic fix, but it is one more layer of security, especially when using one of the quality free options.

I don't currently run AV on my Macbook because the only thing I use it for is xcode dev. If I did anything else with it, I definitely would though. It's not really "viruses" that are a concern, its trojans, bad java apps, and injection through 3rd party software such as Flash or Adobe PDF that are the real vulnerabilities (just like on the PC side). As the Mac market share has increased, it will become a bigger target. The other reason availability of exploits is currently lower is really that Macs have a near 0 market share outside the US. As most malware originates from Eastern Europe or SE Asia, they just don't have Mac systems to work with. That has been changing though, especially overseas iOS development.
 
Burning_Monk said:
Just seems kinda strange, because I know I've seen many [h]ard users claim they don't run anit-virus on their pc machines. "Only idiots get a virus" is a common enough saying around here when the discussion comes up, but this place is also pretty quick to jump on mac users anytime a virus (however benign) pops up for mac with a big "see told you so! macs are vunerable too!" It's like a total disconnect.

http://hardforum.com/showthread.php?t=1563906
i.e. Lots of people in this thread claim not to need anti-virus.

Personally I run Kaspersky on my macbook as a 'just-in-case' measure. Never found a problem, but you never know when a site/app might be compromised or something new comes out.
Click to expand...

Wow...I just read the first page of that thread and ...wow.

ANyway, I know a few Mac peeps who have been hit with trojans and did not know it until after their bank accounts got compromised. At least banks understand their stupidity and let them have money to replace their lost funds. (Not that they deserve it, since, by virtue of running a mac, they like giving money away anyway)
 
Burning_Monk said:
Just seems kinda strange, because I know I've seen many [h]ard users claim they don't run anit-virus on their pc machines. "Only idiots get a virus" is a common enough saying around here when the discussion comes up, but this place is also pretty quick to jump on mac users anytime a virus (however benign) pops up for mac with a big "see told you so! macs are vunerable too!" It's like a total disconnect.

http://hardforum.com/showthread.php?t=1563906
i.e. Lots of people in this thread claim not to need anti-virus.

Personally I run Kaspersky on my macbook as a 'just-in-case' measure. Never found a problem, but you never know when a site/app might be compromised or something new comes out.
Click to expand...

You sir do have some very vaild points, and for those who do not run AV, have a firewall/AV system in play like Astaro, to stupid to install AV, or have some massive balls.

I will admit, I am one of those that will jump on the mac hate thread and state, "I told you so". But I also run AV on all my gaming boxes, laptop's and servers. Imo you're stupid if your not running some sort of AV or malware protection. In this day of age, everyone should be running some sort of AV, there is no need or want to not be running AV.
 
Oddly, this is only targeting Chinese Mac users (the trojan is a Chinese language PDF). How big is that market?

It is the usual trojan social engineering - if the trojan can fool the user into granting permission, there is little the OS writer can do about it, be they Apple or Microsoft.

Dman2280 said:
blah blah dumb rich blah blah rich dumb blah blah
Click to expand...

With a demeanor like yours, is it any wonder that you're resentful of people who don't live in their mom's basement?
 
evilsofa said:
Oddly, this is only targeting Chinese Mac users (the trojan is a Chinese language PDF). How big is that market?

It is the usual trojan social engineering - if the trojan can fool the user into granting permission, there is little the OS writer can do about it, be they Apple or Microsoft.



With a demeanor like yours, is it any wonder that you're resentful of people who don't live in their mom's basement?
Click to expand...

No, where do you get that from? Your ass? wtf does that have to do with anything, man?

And no, you're wrong... I honestly just bought my first house at 22, after graduating from college and getting a 0% loan on my home... kthx.
 
As a tech, I don't wish this on mac users (I support a bunch of them on my networks). However at the same time, If I hear one more mac user claim that it is impossible for them to get a virus/trojan, I may just strangle them.
 
Dekoth-E- said:
As a tech, I don't wish this on mac users (I support a bunch of them on my networks). However at the same time, If I hear one more mac user claim that it is impossible for them to get a virus/trojan, I may just strangle them.
Click to expand...

Be sure to let me help you strangle them LOL. :D

In related news, the RDF is starting to show signs of wear and cracks are starting to form in it. Without Unkie Steve and his Apple-fu recharging it, it could soon be a thing of the past.
 
Burning_Monk said:
Just seems kinda strange, because I know I've seen many [h]ard users claim they don't run anit-virus on their pc machines. "Only idiots get a virus" is a common enough saying around here when the discussion comes up, but this place is also pretty quick to jump on mac users anytime a virus (however benign) pops up for mac with a big "see told you so! macs are vunerable too!" It's like a total disconnect.

http://hardforum.com/showthread.php?t=1563906
i.e. Lots of people in this thread claim not to need anti-virus.

Personally I run Kaspersky on my macbook as a 'just-in-case' measure. Never found a problem, but you never know when a site/app might be compromised or something new comes out.
Click to expand...

A lot of the people in that threat are just as stupid as Mac users that run no protection, but when they say "Only idiots get a virus" they're being completely truthful. You don't need AV to protect your computer completely, but if you run with no AV you have to take other precautions like using programs that look into processes and break down the svchost. It's not a perfect system, but it's no less secure then using an AV product from Norton or McAfee. Also the people that say "I told you so" when referring to Mac security obviously aren't referring to you. You use an AV product that doesn't happen to be Norton or McAfee, why are you offended by that statement.
 
Burning_Monk said:
Just seems kinda strange, because I know I've seen many [h]ard users claim they don't run anit-virus on their pc machines. "Only idiots get a virus" is a common enough saying around here when the discussion comes up, but this place is also pretty quick to jump on mac users anytime a virus (however benign) pops up for mac with a big "see told you so! macs are vunerable too!" It's like a total disconnect.

http://hardforum.com/showthread.php?t=1563906
i.e. Lots of people in this thread claim not to need anti-virus.

Personally I run Kaspersky on my macbook as a 'just-in-case' measure. Never found a problem, but you never know when a site/app might be compromised or something new comes out.
Click to expand...

Yes, those are [H]ard users. This group of people thinks that they know enough and can avoid viruses without installing anti-virus software. Are they idiots? I don't know. There's this saying "You know enough to be dangerous". In this case to yourself. Anyway, this is a much much smaller group, and is not a representative of the general public. Apple gave the public the general impression that Mac is impervious to virus through their AD campaign and toting OSX to be superior than Windows in this area. As a matter of fact, Apple has done the public a lot of good by attacking Windows susceptibility to virus. The general PC users are much more aware of viruses and therefore install anti-virus software on their system. At the same time, the general Mac users are surfing along with their air of superiority. By the way, you know you run Kaspersky on your Macbook for the same 'just-in-case' reason for all other PC users. Why is Apple not telling the general public about your 'just-in-case' reason?
 
How do u get Virus/Trojen????

i've been running PCs and macs for last 8 years and i've yet to see one in my computer. no i don't have security system so can't tell if it's there but.... haven't had any real problems either.
 
Dman2280 said:
It only makes sense... most Apple buyers are not the brightest bunch of folk. They are overpaying for a fancy casing, while the inside is the same as any other computer (intel parts even in macs now!)

So it only makes sense.... target the rich, dumb people who do not protect what they have because they mostly believe they are safer with their mac. Rich people have more money, are not using any antivirus because the "mac genius" at the store (literally the name), says that PCs only need virus protection...... and they have macs, why not target them?
Click to expand...

There are MAGNITUDES of more clueless people running windows.


Newsflash: 99% of daily computing tasks can be run on a single core processor with 1GB of ram. Thus people have moved past the "I must get the most powerful computer EVAR1!11!!!" and more to the "Well I want something that doesn't look like it was designed by a retarded chimp". If you want a plastic, ugly, crappy battery life laptop, then have at it. Personally I'll give up the little extra power and slight increase in price because I value a well thought out, elegant machine that has the best support in the industry, great battery life, and amazing resale value.
 
Bound4Earth said:
A lot of the people in that threat are just as stupid as Mac users that run no protection, but when they say "Only idiots get a virus" they're being completely truthful. You don't need AV to protect your computer completely, but if you run with no AV you have to take other precautions like using programs that look into processes and break down the svchost. It's not a perfect system, but it's no less secure then using an AV product from Norton or McAfee. Also the people that say "I told you so" when referring to Mac security obviously aren't referring to you. You use an AV product that doesn't happen to be Norton or McAfee, why are you offended by that statement.
Click to expand...
Ryan711 said:
There are MAGNITUDES of more clueless people running windows.


Newsflash: 99% of daily computing tasks can be run on a single core processor with 1GB of ram. Thus people have moved past the "I must get the most powerful computer EVAR1!11!!!" and more to the "Well I want something that doesn't look like it was designed by a retarded chimp". If you want a plastic, ugly, crappy battery life laptop, then have at it. Personally I'll give up the little extra power and slight increase in price because I value a well thought out, elegant machine that has the best support in the industry, great battery life, and amazing resale value.
Click to expand...
I support the contents of these quotes.
 
darkpaw said:
Those people that don't run AV on Windows are just as dumb as typical mac users. AV is not a magic fix, but it is one more layer of security, especially when using one of the quality free options.

It's not really "viruses" that are a concern, its trojans, bad java apps, and injection through 3rd party software such as Flash or Adobe PDF that are the real vulnerabilities (just like on the PC side). As the Mac market share has increased, it will become a bigger target. The other reason availability of exploits is currently lower is really that Macs have a near 0 market share outside the US. As most malware originates from Eastern Europe or SE Asia, they just don't have Mac systems to work with. That has been changing though, especially overseas iOS development.
Click to expand...

Agreed. But you missed one other important reason...
The increased market share for Windows 7. When combined with one of the better free AV packages, it's a much tougher target for malware.
 
Ryan711 said:
Newsflash: 99% of daily computing tasks can be run on a single core processor with 1GB of ram.
Click to expand...

Maybe if you run 10 year old software, or don't mind waiting on the computer.

Try loading office 2007 or 2010 on a system with 1 GB ram and a single core CPU. Then try running more than one application at a time. You can always go get a cup of coffee while you are waiting.

Now if you said 2GB ram, a fast single core (3Ghz or better), and a fast drive, than I might agree with you.
 
scbjmshpv said:
How do u get Virus/Trojen????

i've been running PCs and macs for last 8 years and i've yet to see one in my computer. no i don't have security system so can't tell if it's there but.... haven't had any real problems either.
Click to expand...

Run XP. Browse. Or install XP pre-SP2 not behind a firewall and your computer will be infected in minutes. I've seen this happen before.

I used to use a work laptop running XP with whatever A/V it was running. I believed that thing was dirty no matter what "cleaning" applications I ran. Once XP dies malware will take a major hit.
 
nutzo said:
Maybe if you run 10 year old software, or don't mind waiting on the computer.

Try loading office 2007 or 2010 on a system with 1 GB ram and a single core CPU. Then try running more than one application at a time. You can always go get a cup of coffee while you are waiting.

Now if you said 2GB ram, a fast single core (3Ghz or better), and a fast drive, than I might agree with you.
Click to expand...
You missed his point big-time.
 
Mac users are such dummies! :D

Go ahead, listen to that Apple "genius" and believe everything his puppet nerd ass says
 
With reagrds to those H users that dont run AV on their PCs there is a logic to it.

In my experience of PC support I've seen ALL the AV suites and programs beaten by the current modern trojans/drve-bys. That includes MSE/Nod/Kaspersky/Norton/Avira etc. etc.

The modern trojans are written daily so if you are going to get hit then your are gonna get hit. The AV apps just give a basic level of defence against older nasties and more trivial threats. They cannot keep up.

So if you are a hardcore H User then chances are you are prepared to take the risk and when you get hit you just flatten and rebuild. You know when you've been hit trust me. Doing that is just as quick as spending 3+ hours virus scanning your HDD in another PC with three different AV scanners. These things are a bitch to clean off and a run of Malware-Bytes doesnt cut it.

So yes, running without an AV app for some more experienced users is not so stupid. Especially if you dont run financials on it.

Me? I run MSE on all my machines. I tell my customers to do it so I live by the rules I set.
 
i think this virus was smart and attacked the very core (lol) of apple first cas jobs looks pretty infected to me.
 
Burning_Monk said:
Just seems kinda strange, because I know I've seen many [h]ard users claim they don't run anit-virus on their pc machines. "Only idiots get a virus" is a common enough saying around here when the discussion comes up, but this place is also pretty quick to jump on mac users anytime a virus (however benign) pops up for mac with a big "see told you so! macs are vunerable too!" It's like a total disconnect.
Click to expand...

I think the point here is that mac user's are 'dumb users' and therefore should most certainly have anti-virus installed. I recommend running everyone else run antivirus on their machines, though I do not run one on mine. Simply because my data is already very well protected and I could recover from the most devastating and vigilant virus with maybe a little downtime. This event though has been non-existent on my PC for the last >10 years. Not to mention there hasn't been a virus I couldn't thwart and I've disinfected hundreds of PCs in the last 10 years. The only time I've reformatted is when the user has no concern for their data and would rather not pay the time it takes to remove a virus over reinstall.

So rather than take up all my CPU cycles for the next 5 years I'd rather deal with some downtime on a PC should the event arise. If I'm wary of anything in particular I do run a sandbox with AV in VMWare that I can load up for such an occasion (though I don't use this very ofthen at all).

But every PC, especially those with kids or the unexperienced should have anti-virus.
 
scbjmshpv said:
How do u get Virus/Trojen????

i've been running PCs and macs for last 8 years and i've yet to see one in my computer. no i don't have security system so can't tell if it's there but.... haven't had any real problems either.
Click to expand...

Ask the only Mac user on my network at work. She has had the most virus infections this year. I don't know what she signs up for but after only 3 weeks with the company she had shit loads of emails containing viruses coming to her inbox. every day 4 or 5 windows based viruses were found and removed, and 3 or 4 mac viruses were found. that went on for about 3 months before i finally got through her head to stop clicking on every file that is attached to her email.
 
i've been running PCs and macs for last 8 years and i've yet to see one in my computer. no i don't have security system so can't tell if it's there but.... haven't had any real problems either.
Click to expand...
lol, I can only imagine how much crap is on your systems.
But hey, ignorance is bliss I guess. :rolleyes:
 
KENNYB said:
Run XP. Browse. Or install XP pre-SP2 not behind a firewall and your computer will be infected in minutes. I've seen this happen before.

I used to use a work laptop running XP with whatever A/V it was running. I believed that thing was dirty no matter what "cleaning" applications I ran. Once XP dies malware will take a major hit.
Click to expand...

Unfortunately, this has happened to me. Fresh install of XP, but forgot to setup the firewall. When i finally got through the driver installations and installed the antivirus, the pc was already infected. I had to reformat and start over.

I should make it a point that firewalls are more critical than AVs and should be installed first before anything else.

AV's tend to slow down my PC a lot and every time i scanned, there wasn't anything, so i eventually just skipped them. I still reinstall them about once a month for a complete scan, but then take them out afterwards. Hadn't had any major infections throughout my XP carreer. It's always stopped from the USB drive (Don't click on the drive icon, always use the address bar) or the internet cache. e-mails that i don't recognized are automatically marked as spam, and i refuse to accept attachments.

The next time i had a major infection was in Windows 7 and got duped by a pop-up that looked like an MSE dialog (It's in a thread here somewhere).

Last time i got infected was when we moved to a new office and i was setting up the PC's and a guy came in for an interview. Boss asked me why his sample programs weren't working so i plugged it in before i had windows explorer configured and failed to see that the folders were actually EXE's. I quickly realized that the little sh*t brought an infected thumbdrive to an interview and i had to start over (thank goodness i hadn't setup the router yet). Oldest trick in the book and i've been had, took me a while to get over that. I leant my netbook so he could continue the interview, but he pretty much blew it when he infected the boss's laptop.

Note to applicants. Getting your potential boss's computer infected does not help with your job prospects.

So far MSE's only alerted me to cookies (which i usually clear anyway), and executables that i wouldn't have run anyway. So i can't say that it's actually helped me. But it doesn't use much resources anyway so i leave it on just in case i do screw up.
 
The funny thing is, apple drones don’t even realize the significance of a proprietary ecosystem
 
I for one am happy to see this, might finally start to kill off people clamoring for Mac's in our office now..
 
AthlonXP said:
This true, but it will take some time.
Click to expand...

Probably not nearly long enough.

It's not just the stereotype of the ADHD basement dwellers that are going and breaking into websites (that's assuming that they're actually doing that, as opposed to being script kiddies) because they're bored and looking for a challenge. With scammers now being able to make money from creating massive botnets, there's got to be some level of R&D happening so downtime from XP support going bye-bye is minimized.

Doesn't even account for the numbers of people that are going to continue using outdated OS's regardless if they're going to be vulnerable as a result, because they don't see the benefit to upgrading, maybe they'll only do it if their system drive crashes and burns, and simply can't get security patches anymore.
 
It used to be that I was smarter than most virii/trojans/malware out there (10+ years ago) and I could easily detect it and strip it out of my system. Now, not only do I not pay nearly as much attention to software and hardware anymore, but they've gotten so much more sophisticated that I want the extra layer of protection of an AV.
 
You must log in or register to reply here.
Back
Top