Skip to comments.Apple Snubs Firm That Discovered Mac Botnet, Tries To Cut Off Its Server Monitoring Infections
Posted on 04/10/2012 12:04:43 PM PDT by dickmc
Until it was revealed last week that more than half a million Macs were infected with Flashback malware, Apple had little experience working with the community of security researchers who aim to dissect and shut down botnets. And according to the firm that discovered this new outbreak, it could use a lesson in teamwork.
(Excerpt) Read more at forbes.com ...
I think paranoia is warranted here.
Russians and Chinese develop all the most sophisticated viruses. Yes, a lot of it is stupidity by pranksters with egos, but at the top end with rootkits and botnets, I’m not so sure...
I think it’s a serious game with national security implications and if you think about it, they might be doing dry runs and live tests for more sophisticated versions they are keeping for a special occasion.
If there are government agencies behind some of the top virus, wouldn’t it make sense they would also want to measure its success and progress? No I wouldn’t trust this agency
gotta destroy the evidence
They are doing it for many reasons. To steal money and information. The industrial espionage is just as valuable as the national security information. They are able to rapidly increase their own technology by stealing it from others, without any significant investment.
This was never the case. These so-called "experts" took an uninformed guess... and WAY over-stated the case (by upwards of 90%).
Result? "No Infection Found."
I cannot find anyone I know who picked up this nasty on their Mac...
My wife has been complaining that our Mac has been acting flakey for the last few months. I’ll use your link to check it, thanks.
Have you got a cite for that information? According to whom? Some friends who use Apple are freaking out over this whole thing.
PC’s are very hard to infect with viruses now.
Just so you know.:)
It is possible, if Tim Cook asks nicely and buys the dinner, Microsoft might lend its expertise to Apple.
Well, my 5 Macs are fine. Would like to get some authoritative, non biased estimates of the supposed infection. From what I understand, it requires you to enter your Admin password. Since I run “Click-to-Flash”, i very rarely run Flash anymore. And I know my 9 iOS devises are immune...
I just checked our Mac, no virus.
It was suffering from random reboots for a while, seems to be better now.
Mac users are notorious for complaining when something goes wrong. If there WERE a 600,000 member Macbot out there, the number of infected users would be all over the forums announcing their machines infected and asking for help in removing it. I have been diligently searching to tech and non-tech forums seeking users who are reporting that THEY have Macs that have been infected by this Flashback Trojan... and I am simply NOT seeing them saying they are using the tools provided and found their computers infected. Even on the Apple help forums, at the peak of the news, there were only 217 comments, most asking how do "I detect this?" and reports back about "My computer is clean!" The few that I have found are obvious non-Mac using trolls...
So, WHERE ARE THE INFECTED MACS? I am simply NOT FINDING THEM!
Do any of you Freeper Mac user's have it?
If you want on or off the Mac Ping List, Freepmail me.
None of my Macs have it.
Ed, hoping for a Mac Pro refresh!!!
NOT EVEN ONE CONFIRMED INFECTION YET OUT HERE. Still looking around, of course...
Frankly, I think it really doesn't exist in the wild. I think we are seeing a concentrated spoof attack on these servers... perhaps orchestrated FUD??? I have yet to find ANYONE with a confirmed infection! I have over 200 clients with Macs... all running bare... and not one has had an infection. There should be at least two.
I have not seen one on the major news media comment sections, except the obvious trolls who don't even know how to spell Mac. . . claiming their MACs were infected, or others feigning bitterness that their $3000 and $4000 iMacs they bought to avoid virus infections were a waste of money because they are now infected and how they were going to buy a much more economical and powerful Windows 8 computer for their next computer for under $500!
What I have seen are numerous people using the Terminal commands or the now ubiquitous downloadable Flashback check programs, reporting their machines are "CLEAN!" Not even once have I seen someone post, "I ran the check and found my computer was infected!"
Here's my current take on it:
Because the only other possibility -- that the A/V community has stooped to fabricating huge, worldwide lies -- is extremely troubling. These are the people we trust our computers to, to keep them safe. WTF???!?!!!!
"Symantec said today the number of bots had been cut to 270,000 as of 11 April, whilst yesterday Kaspersky said the number had been reduced to 237,103 as of 8 April. Almost all infected machines are Apple Macs."WOW! Kaspersky was widely quoted on the 10th as confirming the 600,000 number... but they KNEW on the 8th that it was only 237,103??? I smell FISH! Rotten fish!
I am still not finding ANY infected Macs... not one. If true, the infection rate is less than 0.4%...
To see if your Mac is infected:
go to SHELL / New Command
paste in the bold line below
defaults read /Applications/Safari.app/Contents/Info LSEnvironment
-- and RUN.
You should get this error:
The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
You should get this error:
The domain/default pair of (/Users/YOURUSER/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist
If you do, you are clean of this variant!
(Can't hurt anything; those are read-only commands...)
So a company that supposedly specializes in computer security actually is the perpetrator in this attempt to attack Macs... at least that is what this all appears to boil down to. They have been caught red handed, Apple is trying to force a shutdown of the servers playing “host” to the attack attempts.
I still say Symantec, McAfee, and others have done similar... a good way to generate business (tinfoil hat is firmly in place).
And as I have read many articles on this supposed “widespread infection” - I have actually found no actual userland reports of said infection, but lots of paranoia.
Historically, Apple hasn’t had a very good relationship with security researchers. Most companies don’t. It took a long time for Microsoft to wake up and realize they essentially constitute free security research for the company.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.