Mac FUD Ping!
If you want on or off the Mac Ping List, Freepmail me.
Posted on 06/10/2009 10:02:05 PM PDT by Swordmaker
Two new pieces of malware for Apple computers have been found in the wild according to security firm Sophos.
The first, Tored-Fam, is a worm that spreads via email attachments and is simply a variant on the well known Tored family of malware that has been in circulation since last year. [NEW? Not by a long shot!—Swordmaler] The worm collects email addresses and attempts to forward itself on.
Analysis if the worm’s source code by Sophos suggests it is being used to build a Mac botnet dubbed Raedbot. This is being assembled by a malware writer dubbed Ag_Raed, who is based in Tunisia.
The second piece of malware is a Trojan called Jahlav-C which is embedded in an apparent pornography site online. It masquerades as an Activex video codec that needs to be downloaded in order to run the site’s content.
“I've got a theory that although many people are undoubtedly buying Apple computers because they're beautifully designed and well-marketed, there will also be some people who have dumped Windows because they are fed up with all of the spyware, pop-ups and virus attacks," said Graham Cluley, senior technology consultant for Sophos.
“Indeed, some of the people who may well have suffered a lot from those kind of attacks in the past may be exactly the same kind of folk who visit the grubbier areas of the internet in the wee small hours of the morning. And they may feel that one of the side benefits of switching to a Mac is that they now don't have to worry about all of those nasty things while they're err.. watching nasty things.”
A video of the Jahlav-C attack can be seen here.
Actually, neither of these is new... this is rehashed FUD about a well known Trojan Horse masquerading as a Video Codex (from early 2008) and the Tored-Fam was first observed in January... where it was attached to a "pirated" version of a FREE Beta (one that could be safely downloaded from Apple) of iWork'09 on two bit-torrent sites which reported that the downloads of the infected file were in "the dozens."
Although the two self pro-discoverers of the purpose of the imbedded malware—a couple of Symantec security wonks who did not even report their finding to their own employer, choosing instead to publish in The Virus Bulletin, an obscure $150/year subscription Blog—claimed in late May that the botnet was over 20,000 Macs large, no one has independently found an infected member of this Mac Raedbot in the wild. Even Symantec reports the threat as infecting 0-50 computers. Probably true because it includes the number ZERO.
Both require social engineering to trick the user into downloading them and installing them, giving administrator name and password, and ignoring warnings that the file is an executable.
If you want on or off the Mac Ping List, Freepmail me.
Yeah, I was getting an odd sense of deja vu from this article. It seemed like old (and I mean really old) news.
And once again, you cannot infect a Mac just by connecting it to the Internet. You most assuredly can do so with (ahem) you-know-what OS— within minutes, in fact.
“. . . two self pro-discoverers . . .” should read “. . . two self pro-claimed discoverers . . . “
AGGH! Make that “. . . self-proclaimed...”
0% of the Mac malware, and a large percentage of the Windows malware, attack a vulnerability known as the OPERATING SYSTEM.
That is, Windows, the OS, can be attacked without the USER doing anything. Mac OS cannot.
I am unaware of any Mac malware that does not require some action on the part of the USER to approve and permit the attack -- consciously.
That's a big difference. Tech writers are, as a group, ignorant asses when it comes to this sort of thing.
Have you seen the Sophos videos on YouTube that supposedly show Malware in the wild infecting (or trying to but valiantly stopped by Sophos AntiVirus!!!)?
And who put together the supposed infecting web site?
bookmark
Uh, Sophos?
Of course it is old recycled FUD! Ad revenue is down so they had to dig up something eye catching and found this old stinking garbage.
OMG! So now the Mac users who view "nasty things" are the ones who were previous Windows users......UGH...the snobbery in that statement is utterly sickening.
It boggles the imagination to think that individuals sit at a computer terminal (probably in their mom’s basement) with the sole goal of doing harm to others.
They are too cowardly to “bully” face to face, so they do it that way. Public execution, anyone?
Computer “zombies” and “botnets” are big business for various criminal groups. The people creating these things are not social misfits, they are professional criminals.
!
So now the Mac users who view "nasty things" are the ones who were previous Windows users......UGH...the snobbery in that statement is utterly sickening.“Indeed, some of the people who may well have suffered a lot from those kind of attacks in the past [previous windows users] may be exactly the same kind of folk who visit the grubbier areas of the internet in the wee small hours of the morning. And they may feel that one of the side benefits of switching to a Mac is that they now don't have to worry about all of those nasty things while they're err.. watching nasty things.”
users......UGH...the snobbery in that statement is utterly sickening.
On further review, I don't see how this could be refuted; no matter how much it insinuates it actually says very little. I have been suckered by a phishing attack via a preacher who suckered for it and passed it on in good faith. And what was the bait of the attack? Precisely the paranoia that anyone feels if they have ever had any suspicion (never mind the reality) that their computer was infected.So I don't see the need to feel embarrassment over being counted among those who avoid being vulnerable to viruses.
My favorite tech support acronym: PEBCAK. Problem Exists Between Chair And Keyboard.
Frequently known as the ID 10 T problem.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.