Skip to comments.
Malware authors take aim at growing number of Macs
Houston Chronical ^
| July 23, 2008
| Dwight Silverman
Posted on 07/23/2008 8:56:26 PM PDT by Swordmaker
In November, I wrote that many Windows users who are switching to the Mac are doing so because they're fed up with viruses, spyware and other threats aimed at the platform. Many are victims of malware that often relies on social engineering to infect a system. They're enticed into taking some action that places malevolent code on their machines. In other words, these users' bad computing habits are a major cause of their own woes.
These security-clueless folks, I wrote, are now bringing those bad habits to the Macintosh platform, and according to a new story on Times Online, the bad guys are starting to notice. With Apple's market share now around 8.5 percent -- and growing quickly, with sales of almost 2.5 million Macs in the last quarter -- these Mac newbies are a tempting target for profit-minded cybercriminals.
(Excerpt) Read more at blogs.chron.com ...
TOPICS: Business/Economy; Computers/Internet
KEYWORDS: hackers; maccult; macviruses; viruses
To: 1234; 50mm; 6SJ7; Abundy; Action-America; acoulterfan; aristotleman; af_vet_rr; Aggie Mama; ...
MAc malware FUD article from the Houston ChroniclePING!
It's the fault all of those "security-clueless" Windows to Mac switchers...
Mac FUD Ping!
If you want on or off the Mac Ping List, Freepmail me.
2
posted on
07/23/2008 9:03:17 PM PDT
by
Swordmaker
(Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
To: Swordmaker; ShadowAce
In other words, these users' bad computing habits are a major cause of their own woes.Ay yi yi. Tech ping!
3
posted on
07/23/2008 9:04:43 PM PDT
by
rabscuttle385
("When you can't make them see the light, make them feel the heat." Ronald Reagan)
To: All
The "OSX/Hovdy-A Trojan" referred to in the article has never been seen in the wild. In fact, it is not even a proof-of-concept malware.
As reported here on FR, Hovdy-A was merely a discussion in a hackers forum about how malware writers MIGHT exploit a newly found vulnerability in OSX. They postulated that it might be included in an Applescript that someone might download... another suggested that it be put into an Applicationhe suggested a Poker game. Some even went so far as to write some sample scripts... none of which were actually workable.
The list of things that Hovdy-A "does":
- disable system logging and delete system log files
- start PHPShell and web server
- start ARD, VNC and SSH services
- disable system updates
- open ports in the firewall
- disable third party security software
- install LogKext keylogger
- steal various password hashes and keys which may be used to compromise other systems
was merely speculation offered by various comments on the thread about the ARDAgent vulnerability. The fact is that it does NONE of those things.
The last comment in the Sophos listing for OSX.Hovdy-A, "OSX/Hovdy-A will also attempt to use the ARDAgent vulnerability to obtain root access," is particularly funnyit is ONLY through exploiting the ARDAgent;s permission to run as ROOT would it be able do ANY of the preceding list items!
If this "trojan" could do all of what was listed, it would have garnered a far higher threat rating than "slightly-higher-than-low."
The vulnerability can be negated by simply moving ARDAgent to another directory, renaming ARDAgent, changing the permissions of ARDAgent, or merely running ARDAgent for yourself.
4
posted on
07/23/2008 9:35:13 PM PDT
by
Swordmaker
(Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
To: Swordmaker
I picked up some kind of persistent pop up on my 6 month old iMac from a eMail link to a you tube video yesterday and I had to do a force quit of my Camino browser. I should have written down what it said but it claimed it was a anti adware for windows XP and I don't have MSFT on my box.
The wording was poor grammar similar to the “All your bases are belong to us”
5
posted on
07/23/2008 9:46:25 PM PDT
by
tubebender
(Why does a round pizza come in a square box?)
To: tubebender
I picked up some kind of persistent pop up on my 6 month old iMac from a eMail link to a you tube video yesterday and I had to do a force quit of my Camino browser. I should have written down what it said but it claimed it was a anti adware for windows XP and I don't have MSFT on my box. I don't use Camino. However, Safari has a built in Pop-Blocker that is very good.
6
posted on
07/23/2008 10:00:02 PM PDT
by
Swordmaker
(Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
To: Swordmaker
I am running the Camino blocker but the one yesterday was more that a simple pop up.
7
posted on
07/23/2008 10:21:46 PM PDT
by
tubebender
(Why does a round pizza come in a square box?)
To: rdb3; Calvinist_Dark_Lord; GodGunsandGuts; CyberCowboy777; Salo; Bobsat; JosephW; ...
8
posted on
07/24/2008 5:26:15 AM PDT
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: tubebender
I am running the Camino blocker but the one yesterday was more that a simple pop up.Try disabling flash, and see if it goes away.
9
posted on
07/24/2008 6:25:08 AM PDT
by
Calvinist_Dark_Lord
((I have come here to kick @$$ and chew bubblegum...and I'm all outta bubblegum! ~Roddy Piper))
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson