BlackHole RAT Trojan Targets Mac OS X

[CommanderFrank]

The problem with becoming more mainstream and popular with greater market share is you tend to attract a whole new set of ‘friends’. This is the new reality Mac users are going to face in the near future. Many are living under the misconception that the Mac operating system can’t be infected. The new reality is that it will be. Sophos has identified a variant of the darkComet Trojan named Blackhole RAT aimed directly at Mac X.

According to Sophos senior security advisor Chester Wisniewski, the Mac OS X variant is "very basic," with a mix of German and English in the user interface.

 

[Knight_of_BAAWA]

The Genius Bar recommends that you use more magic unicorn dust to prevent infection.

 

[wizdum]

The Genius Bar recommends that you use more magic unicorn dust to prevent infection.

Naw, just buy a new computer, that will fix it.

 

[Ashbringer]

Interesting fact, Sophos in Greek means drop dead.

 

[450]

No!!! My mac isn't immune!

 

[xxEIEIOxx]

The Genius Bar recommends that you use more magic unicorn dust to prevent infection.

Love it. That's gonna be my email signature to anything I send to anyone with a Mac.

 

[Kaitian]

Naw, just buy a new computer, that will fix it.

And if that new computer gets infected? The genius bar keeps recommending a new computer?

 

[onlytrueromeo]

SB to all infected mac users: You're using it wrong.

 

[onlytrueromeo]

SJ*

 

[EmptyPockets]

Actually, they will just charge $400 to temporarily fix it (by removing any popups of the virus). It's not enough to get another Mac, but just enough to get the drones to pay. After four or five visits, then they will recommend to buy another Mac.

 

[ravensteel]

It's probably true about this Mac Trojan, but I question if it's true since it's coming from an Anti-virus company. I'm sure Sophos would be happy if this happened more in OSX as it would give them more customers.

 

[timta2]

Exactly. This is another scare that probably won't be seen in the real world, just the SophosLabs. It would be nice if they described the mechanism by which it works, but we know why they don't. It's because it would be like this...

1. Download Malware
2. Double Click Malware
3. Enter Username/Password to authenticate installation of Malware

 

[timta2]

[Actually, they will just charge $400 to temporarily fix it (by removing any popups of the virus). It's not enough to get another Mac, but just enough to get the drones to pay. After four or five visits, then they will recommend to buy another Mac.

Don't forget that there are Mac users out there that have more technical knowhow, knowledge, and experience than you probably do regardless of platform. We could sit here and generalize about certain groups, including PC enthusiasts all day, but that won't make any of it true, or right.

 

[lovelyx]

Will this be another empty promise?

 

[phide]

I'm shaking in my boots over here and so on and so forth.

 

[ryken]

THERE ARE MAC VIRUSES YOU ARE VULNERABLE!


(btw: buy our anti-virus)

 

[Cerulean]

Eat binary Mac FANBOOOOOOOOOOOOOOYYYYS! hah

 

[Evil]

The only possible way this will actually infect OSX is through root and if a user lets other users access root they deserve to get infected.

 

[Exavior]

The only possible way this will actually infect OSX is through root and if a user lets other users access root they deserve to get infected.

you mean like most of the windows viruses?

 

[stop!theradio]

Don't forget that there are Mac users out there that have more technical knowhow, knowledge, and experience than you probably do regardless of platform. We could sit here and generalize about certain groups, including PC enthusiasts all day, but that won't make any of it true, or right.

Don't try to act all high and mighty just because you know magic and have access to unicorn dust. I heard you can buy a spell from the app store that creates a game-capable machine (aka not a Mac) out of thin air. Why don't you buy that app and then blow off some steam in the form of gaming? Owait, that app probably costs three times more than what it would take to actually build the machine in question. NVM LAWL.

 

[bacon]

The only possible way this will actually infect OSX is through root and if a user lets other users access root they deserve to get infected.

It could however effect the user account though. The kernel may be safe but someones facebook might stop working.

 

[DeFex]

"You should always buy your apps from the app store, otherwise you might get a trojan like this one we prepared earlier." - Apple.

 

[TechLarry]

This has been "predicted" for some 15 years now.

I guess it's accurate. The Mac has about 4 viruses that matter I think

At that rate they'll catch up to the PC base's multi-million by.... oh.... it don't matter. We ain't living beyond 2012 anyway they say.

 

[InorganicMatter]

Popping up a fake "Administrator Password" window to phish the target.

So you have to give it permission. It's not really a big threat then. Unlike Window's simple Yes/No dialogue that results in users smashing Yes as fast as they can while cursing under their breath, Mac OS and other *nix-flavored systems pop up root challenges far less frequently, but make it clear to the user that giving an application your root password is potentially an extremely dangerous thing that should never be taken lightly.

 

[ManofGod]

My only real concern is learning how to remove them. If it is in just the user account, that should not be to difficult. However, if it is in the root of the system, that would be much more complicated.

Personally, I do not give two wits about the MAC virus debate. My only concern is being ready to take care of the customer.

 

[Bambi]

1 new virus every year. Snooze.

I will take any mac "virus" over Antivirus2kxx any day.

 

[Arcygenical]

Love it. That's gonna be my email signature to anything I send to anyone with a Mac.

Sure, be one of those dicks. Just sink to their level.

This is why humans kill themselves at war.

 

[conholster]

hmmm.... on slashdot the headline is "Backdoor Trojan For Windows Ported To Mac OS"...same story. Besides everyone should know by now that macos has no security whatsoever.

 

[Knight_of_BAAWA]

So you have to give it permission. It's not really a big threat then. Unlike Window's simple Yes/No dialogue that results in users smashing Yes as fast as they can while cursing under their breath, Mac OS and other *nix-flavored systems pop up root challenges far less frequently, but make it clear to the user that giving an application your root password is potentially an extremely dangerous thing that should never be taken lightly.

Yet Mac lusers have been brainwashed into believing that "It just works" and that the Mac is completely safe, so there's no harm in giving a password. After all: that must be what Steve Jobs wanted.