Jump to content

A Trojan for Mac User

Envying

By Envying,
in Reader News and Reviews

 Share
22 posts in this topic

Recommended Posts

A Nonny Moose
A Nonny Moose
Posted
Posted

It's a real exploit and not a proof of concept thing? I'm amazed.

 

Reading about it, it appears to be a very interesting piece of social engineering. Similar to the abc.com player, you're prompted to download something from the porn site (since it seems to be confined to porn right now). This is supposed "to make videos" play right, but in reality, it turns out to be the trojan. It's root level also, so it's a little harder to remove.

 

Practice safe porn.

yoda75
yoda75
Posted
Posted
Wow, while this isn't contracted by simply visiting a website this is still a major blow to OS X.

If you have the trojan, here is how to remove it:

Macworld's Solution

 

Well I don't know if I'd categorize this as a major blow. All this shows is that OSX is coming under the radar of one person or group that writes malicious code. It's been a long time coming but I'm not worried too much. Like with any other type of app, you still have to approve and run an installer with your admin password. Honestly, if you're visiting porn sites and accept a download and type in your password then you deserve getting infected. No OS is ever going to be able to completely compensate for user stupidity.

fryke
fryke
Posted
Posted

It's a trojan. That's been possible since the very beginning. It depends on the "dumb user", basically. It's not like this thing propagates automatically through the 'net creating slave machines that infect even more Macs automatically. It's simply a case of "Do you want to install software from a pornsite and give your admin-user's password while you're at it?" kinda {censored}. Just _don't_ is the answer.

Headrush69
Headrush69
Posted
Posted
Reading about it, it appears to be a very interesting piece of social engineering. Similar to the abc.com player, you're prompted to download something from the porn site (since it seems to be confined to porn right now). This is supposed "to make videos" play right, but in reality, it turns out to be the trojan. It's root level also, so it's a little harder to remove.

 

Practice safe porn.

An OS can only do so much to protect itself from its users. At some point you can't prevent a lot of social engineered attacks.

 

Frankly, if any site requires me to download a special viewer/helper app for any "standard" format such as a video, its a site I don't visit.

apowerr
apowerr
Posted
Posted

I find some of the above replies mildy hypocritical for the Mac Commuinity in general. I don't want to start a flame, but many times I have heard 'Saying that careful users don't get viruses doesn't make up for how insecure Windows is' or ' it's not the user's fault'.

cmdshft
cmdshft
Posted
Posted

Juts wait, this will bring all the Windows fanboys screaming out of the woodwork.

 

Goddamn, I hate fanboys. I am so glad that I sit the fence for all sides.

 

Anyway, this is an interesting bit, but not too much of a threat, really. You just gotta be extra smart and resourceful for your porn now. LOL

thestevo
thestevo
Posted
Posted

So, this a blow to OS X?

 

Hm... Well, give me a few moments and I'll whip up an applescript app, since that would be the easiest. We'll name it something like... XBox 360 Emulator, and simply have it get root permissions and delete everything it possibly can. That way we'll strike another blow toward OS X security. Mindless sheeple will download and run it happily only to find their machine not as they intended.

 

Unfortunately, operating systems must manipulate data through software of some kind. Much like identity theft, it will always be possible to fool the person making decisions into making the wrong one. As protection increases so will the effort to crack it, much like this community is the example of. You can't effectively limit the power of the applications without limiting the power of the user.

 

As for the comparison to Windows, it is possible to run without protection and not get hit too bad. I've ran machines for a couple months that I knew I would wipe, installed antivirus out of curiosity and was fine. There have also been machines that weren't clean then too, just depends on what you run into. However, the difference here is that this requires the user's action for it to happen. Not all viruses for Windows do. A true compromise of security does not include the discretion of the user.

iestyn
iestyn
Posted
Posted

When I first read this story, I was pretty shocked...

A trojan? On OSX?

 

But the thing is, this was always possible. And it will always be possible. There's no amount of net security you could have that would stop these kind of attacks.

 

I was almost expecting the report to say that this was a virus, and could spread throughout macs around the globe. But nope, it's just a fake application.

 

Gotta be vigilant in future!

Headrush69
Headrush69
Posted
Posted
I find some of the above replies mildy hypocritical for the Mac Commuinity in general. I don't want to start a flame, but many times I have heard 'Saying that careful users don't get viruses doesn't make up for how insecure Windows is' or ' it's not the user's fault'.

I understand what you are suggesting, but I would say that the difference between the two depends on the definition of "being careful"

 

Careful in this case meaning not to do the obvious steps to download this piece of software.

This is in comparison to "being careful" meaning to take to extra steps in order to avoid some viruses. (remove ActiveX, prevent Flash, etc)

 

I find in discusses about Windows Viruses/Spyware when people say if you take care Windows it's just as secure, they are talking about this second reasoning.

Sure this is true, but if you have to modify/prevent "normal" web surfing, this isn't a really practical solution.

 

Did that make sense?

 

So in other words being careful for this situation means not to do something, while being careful in the Windows case means taking additional preventative steps, so for THIS comparison they aren't really the same.

CLiDE FTW!!1
CLiDE FTW!!1
Posted
Posted
This isn't that scary. One could easily write a game that when ran POP-UPs appear by calling pages on the creators site. Just because it does this doesn't make it a virus.

Have you even read the article?

 

When the malicious DNS server is active, it hijacks some web requests, leading users to phishing web sites (for sites such as Ebay, PayPal and some banks) or to web pages displaying ads for other pornographic web sites, according to Intego.

 

The Trojan also installs a root crontab which checks every minute to ensure that its DNS server is still active, the company said. Since changing a network location could change the DNS server, this cron job ensures that, in such a case, the malicious DNS server remains the active server.

 

How is this not scary? You install this Trojan, go Log onto "PayPal.com", and BAM, they have your PayPal account, along with banking information.

 

I'd rather download a virus that nukes my hard drive than download one that makes a donation of a few thousand dollars from my savings account.

Forceman
Forceman
Posted
Posted
Have you even read the article?

How is this not scary? You install this Trojan, go Log onto "PayPal.com", and BAM, they have your PayPal account, along with banking information.

 

I'd rather download a virus that nukes my hard drive than download one that makes a donation of a few thousand dollars from my savings account.

 

Assuming you can find the porn site, assuming you download the codec, assuming you install it, assuming you use PayPal. The trojan does alot of assuming and is targeted at users not the OS.

 Share
Go to topic listing
×
×
  • Create New...