Mac security Ping!
If you want on or off the Mac Ping List, Freepmail me.
Posted on 06/18/2010 6:13:52 PM PDT by Swordmaker
Apple silently updated its Snow Leopard malware protection in this week's Mac OS X 10.6.4 update, targeting a Trojan that disguises itself as iPhoto.
Though the new protection wasn't specifically listed in any of Apple's documentation accompanying Mac OS X 10.6.4, security firm Sophos discovered the update in the XProtect.plist file, which contains signatures of potential Mac threats. The new threat, dubbed HellRTS by Apple, has been distributed by hackers since April in the form of iPhoto.
Referred to as OSX/Pinhead-B by Sophos, the Trojan monitors browser activity unbeknownst to Mac users. It also makes a machine remotely accessible to the attacker, who can take complete control of the computer.
"If you did get infected by this malware then hackers would be able to send spam email from your Mac, take screenshots of what you are doing, access your files and clipboard and much more," said Graham Cluley, senior technology consultant with Sophos.
Cluley took a negative response to Apple's secrecy, suggesting that the Cupertino, Calif., company should instead make note that the latest update to Snow Leopard helps to thwart a potentially dangerous Trojan.
"You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons," he wrote on the company's blog.
Last September, Cluley also made note that users upgrading to Snow Leopard would see their version of Flash for Mac downgraded to an older, less secure version. Apple addressed the issue with an update a week later.
Released last August, Snow Leopard came with a built-in antimalware feature. While the previous version of Mac OS X, Leopard, flagged Internet downloads with metadata that alerted users when downloading files from the Web, Snow Leopard added an additional warning when disk images containing known malware installers are opened.
Apple released its latest update for Snow Leopard, Mac OS X 10.6.4, on Tuesday. The security and maintenance update fixed issues that could cause a Mac keyboard or trackpad to become responsive, and also resolved a problem that could prevent some Adobe Creative Suite 3 applications from opening.
LOLOLOLOLOLOLOLOLOLOLOLOLOL
But Mac OSX is uber secure. Why on earth would they need this protection? Also why did they hide it? I wonder if their advertising that they don’t have security issues is going to bite them in the butt.
If you want on or off the Mac Ping List, Freepmail me.
Oh is that the spin? Apple shouldn’t tell people what they are putting on thier computers because it’s only doing what it should.
I wonder how MS would be treated if they did such a thing...installing software without telling users. Hey wait, I bet if someone wanted to they could find several threads about such a thing and where MS got beat up pretty badly for it.
Simple fact, if they are changing my computer they should tell me what changes are being made.
I have to hand to Swordmaker. I usually don’t get along with him because of what I see is a demonic bias towards apple. However he did post this.
Of course no matter what I say I’ll still get accused of being a troll. Must comply with the group think.
This malware is a TROJAN, a program that does exactly what it is intended to do using the intended and built in capabilities of the computer.
In this instance it masquerades as a pirate copy of iPhoto. Why anyone would NEED a pirated copy from an unknown, untrusted source is beyond understanding—especially since it's one that's available as a free Apple app easily downloadable from a safe and secure source at Apple.com!
The only vulnerability here existed in the stupidity of the user at the keyboard until Apple closed that door for this Trojan in Snow Leopard—as it has for the four other known families of Trojans in the wild. Apple is having the OS handle malware. Just as it should.
I guess we can put the whole “only Windows computers get infected by viruses/trojans/hax0rs” myth to rest...
Since iPhoto comes with every Mac, this is a pretty narrow threat. The only people who would be affected by it would be those who for some reason decided to download iPhoto from a peer to peer network instead of using the copy they received from Apple. Sounds like it would mostly affect people with Hackintoshes.
As far as not including a press release, shrug.
The majority of Windows malware infections are the result of user action as well.
Neither Apple nor Microsoft, or any other software publisher except open source publishers, are required to document for public consumption every alteration or inclusion they make in their operating systems or other products, nor do they.
If you think you can find such threads, post them.
“This type of malware is social engineering and has nothing to do with system security.”
Social engineering is a very effective technique. I’ve been saying for years all you have to do is get someone to click on a link or a picture and their PC is yours.
Seems I was right. Nice shrug though.
Strawman. No one has said that Macs can't be invaded by a Trojan. But Snow Leopard makes it very hard.
Even then, OSX and iOS ask for a confirmation and the system password before allowing a program to affect the system. Yeah, if you're determined to install malware on a Mac, you can do it, especially if you've got the system password. Accidentally running a vbs or something that turns your system into a zombie, well, I haven't run virus software on my Macs since I started using them at OSX 1 and still have never had a problem.
And that is where over 95% of the windows viruses come from...users doing things that they shouldn’t. Like installing software that promises free porn.
But I have had many macbots and apple zealots swear by apple and not even needing anti-virus software because mac is that secure. So it would appear as their user base grows the hackers and virus writers will start attacking them more. And then the next charleton will come along to sell their snake oil of the uber secure computer. At first it will be 100% risk free computing. And then as each layer gets beaten they’ll change the definition. Just like the macbots have done over the years. I think the latest definition of a secure OS is an OS that can’t be exploited just sitting on the network. Which by that definition windows 7 is definitely uber secure.
Anyway, I was working on a PC at my college when the I Love You virus came out. I never got infected, cause, as I think we agree, the biggest security problem on most systems is between the keyboard and the chair. I didn't click on the link, but every time one of the emails got into Outlook, a predictable pattern emerged. First, we'd get a frantic email from network services saying "PLEASE delete the email from [whoever] Do NOT click on the link in the email!!!! About ten seconds later, I'd get about fifty emails from faculty members who clicked on the email and had their mailbox taken over and a new flood of emails would come out. Windows fixed this flaw, but I've never run up on anything like this on a Mac. If you want to infect your system, it's possible, but the system will ask you if you're sure you want to do it and require a password.
Being familiar with both systems, user awareness is the best solution. I've never been infected on a PC or a Mac, but I find it much easier to avoid pitfalls on the Mac, and to do so without running virus software.
It was just a matter of time. Hackers can’t resist a system.
If you think you can find such threads, post them.
http://windowssecrets.com/2007/09/13/01-Microsoft-updates-Windows-without-users-consent http://www.ditii.com/2007/10/25/onecare-silently-changes-automatic-updates/ http://news.softpedia.com/news/Microsoft-Secretly-Installs-Firefox-Extension-via-Windows-Update-144443.shtml Do you need more? Or will that be enough to prove my point?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.