Posted on 11/01/2007 8:38:22 PM PDT by Alter Kaker
SAN FRANCISCO — In a backhanded compliment to Apple Inc., online criminals are apparently so impressed with its scorching sales they are sending Macintosh computers an attack typically aimed at machines running Microsoft Corp.'s dominant Windows operating system.
Symantec Corp. researchers said the Web sites serving up the new attack also deploy a Windows version.
"For a while Mac users have enjoyed the benefits of being a small enough population that hackers didn't go after them directly _ that's obviously now changing," said Ben Greenbaum, senior research manager at Symantec Security Response.
Lynn Fox, an Apple spokeswoman, said the Cupertino-based company knows about the threat and urges Mac users to be careful about where they download things from.
"Apple has a great track record for keeping Mac OS X users secure, and as always, we encourage people to install software only from trusted sources," she said in a statement.
Online porn-hunters are the intended victim of the latest ploy, in which visitors to certain explicit Web sites are led to believe they're downloading a free video player when in fact they're installing malicious code onto their Macs.
Once the user authorizes the transaction, the fraudsters can redirect his future browsing to fraudulent Web sites and possibly to steal his information or passwords or simply send ads for other pornographic Web sites and rake in advertising dollars.
For example, a person using an infected computer may think he is going to online auctioneer eBay Inc. or its PayPal electronic payment division but actually be directed to a site that looks legitimate but exists to purloin personal information.
The attack does not target a vulnerability in the Macintosh operating system.
Instead, it requires a user to approve the download, then enter his computer's administrator's password to continue, operations that raise red flags among sophisticated computer users.
Symantec researchers said the Trojan used in the attack is a rejiggered version of one that's been around for a couple years and requires that victims fall for a social engineering trick to work.
Security researchers at Intego, which makes Macintosh antivirus software and discovered the scheme this week, said it underscores the mounting threats to Mac users as the machines grow in popularity.
Windows machines still dominate the PC market, but Apple, which for years commanded just 2 to 3 percent of the U.S. market, has now grown to command an 8 percent chunk, according to market researcher Gartner Inc.
"This is the first really malicious criminal malware (for Macs)," said Intego spokesman Peter James. "We've seen some proof-of-concept malware, we've seen some worms, but this is different."
Where are all those FReepers who constantly respond to virus threats by remarking, “get a Mac...”?
Symantec is desperate to stay relevant.
I wouldn’t put it past them to release the same viruses they “cure”.
Bush’s fault, oh wait, Microsoft’s!! LOL
We-eellll, technically, this isn’t a virus, it’s malware. Still, it attacks the trust of the community.
I'm right here. On my iMac, Mac.
Quoting:
1) Go to a porn site
2) Download a plugin from the porn site
3) Click "OK" that you are downloading a .DMG file.
4) Mount the .DMG
5) Go back to the Finder
6) Double-click the installer
7) Type in your account password
8) Click next a few times
Calling this, "In the Wild," is laughable.
Name an operating system that can't be infected when a user gives an admin password.
Get a Mac.
It targets a vulnerability in the Mac user. Specifically, it targets that smug invulnerable feeling generated by being part of a miniscule market share consisting of computer snobs.
Where are all those FReepers who constantly respond to Mac owners with “You’re too small for malware writers to bother with...”?
Ooops, didn’t see you. Sorry...
Where are all those FReepers who constantly respond to Mac owners with “You’re too small for malware writers to bother with...”?
They’re off somewhere downloading porn.
When they arrive I’ll tell them you’re looking for them.
;-)
It targets that smug invulnerable feeling generated by being part of a minuscule market share consisting of virus-free computer snobs.
So, you admit you’re a computer snob. I’m a Windows user and I’ve never had a virus but I don’t brag about it. It’s a consequence of responsible care of the tools I use to accomplish the work I do with them. I don’t need to be religious about my hardware.
I’m a Mac user. Just one question. What’s a virus?
Any dumb ass stupid enough to download an unknown file, then enter an admin password and allow a program to run deserves what they get.
If you read the article, this does not target a vulnerability in the Mac OS, it targets stupid human behavior.
Get a Mac.
I wouldn’t put it past them to release the same viruses they “cure”.
You and I must have the same Cynicism gene...<: <:
I don’t know what the fuss is all about. I’ve been using both Macs as well as PCs, and in the past five years, I’ve never had a virus successfully attack any of my systems at all. Using a decent, free, regularly updated anti-virus application like AVG, and Windows Defender, and the one-off scans with Ad Aware, has rendered my system more than well to fend of any attacks. I’ve used the computers to download and run more than the average share of software from sometimes unverifiable websites(obsolete drivers, utilities and stuff like that).
The ones I know who’ve had viruses affect their computers, are almost always lax regarding their anti-virus precautionary measures. That goes for both Mac as well as PC users. As for the reason why Macs supposedly suffer fewer virus assaults, the reason is simple: If you are a virus programmer, you don’t want your target audience to be a miniscule component of all computer users around the world. You want something that will make an impact on a huge share of all computer users. That spells Windows.
I’m a PC user, and I’ve never had a virus, and I’ve been using PC’s since the TRash-80.
I DO know what a virus is, I’m surprised you don’t. Look it up.
Although the mac concept is nice (I also used an apple II and IIc long long ago), I don’t like giving Al Gore money, and his association with apple will deter me from using their products.
Also, their inability to play games. And my kids love games.
Oh yes, you can play tetris, but they play MMORPGs and a mac just doesn’t cut the mustard for them.
Mac’s are great for web browsing, for word processing, email, and for graphics / video design, but my kids couldn’t suffer them for gaming reasons, and I couldn’t suffer them anymore than I could suffer driving a pink Volvo with an Al Gore Global Warming sticker on the back of it.
Sorry. Keep your mac, and I’ll keep my PC.
Viva Linux!!!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.