Posted on 05/27/2011 7:14:04 AM PDT by for-q-clinton
The once relatively virus-free Apple Mac ecosystem has been tainted forever by a nasty malware scam and you sense an age of innocence has ended. It’s a deadly shock to that ecosystem because now a second variant bug has arrived that requires no password.
The malware first manifested itself when Mac users noticed ads for a product called Mac Defender that promised to protect them against malware and viruses. However, it turned out Mac Defender was actually a piece of malware that becomes active on a desktop after a user is suckered into entering a password, and floods the screen with pop-up pornography sites.
Since then a number of variants – MacGuard, MacSecurity and MacProtector - have arrived.
According to security firm Intego, the goal of this fake antivirus software is to trick users into providing their credit card numbers to supposedly clean out infected files on their Macs.
New variant requires no passwords
Intego has discovered a new variant of this malware that functions slightly differently. It comes in two parts.
The first part is a downloader, a tool that, after installation, downloads a payload from a web server. As with the Mac Defender malware variants, this installation package, called avSetup.pkg, is downloaded automatically when a user visits a specially crafted website.
If Safari's "Open ‘safe’ files after downloading" option is checked, the package will open Apple's Installer, and the user will see a standard installation screen.
If not, users may see the downloaded ZIP archive and double-click it out of curiosity, not remembering what they downloaded, then double-click the installation package. In either case, the Mac OS X Installer will launch.
“Unlike the previous variants of this fake antivirus, no administrator's password is required to install this programme. Since any user can install software in the Applications folder, a password is not needed,” Intego said in a warning note.
“This package installs an application - the downloader - named avRunner, which then launches automatically. At the same time, the installation package deletes itself from the user's Mac, so no traces of the original installer are left behind.”
The second part of the malware is a new version of the MacDefender application called MacGuard. This is downloaded by the avRunner application from an IP address that is hidden in an image file in the avRunner application's Resources folder. (The IP address is hidden using a simple form of steganography.) Intego VirusBarrier X6’s Anti-Spyware feature detects this operation:
“Intego considers that the risk for this new variant to be medium, in part because the SEO poisoning has been very efficient in leading Mac users to booby-trapped pages, but also because no password is required to install this variant.”
Many times the 'higher level' languages are harder to write in, harder to use, and more prone to errors.
I have used a higher level language that was the opposite of all that, but I found it to be one of the few exceptions to the rule.
Windows 7 is very secure and locked down if you download and use Microsoft Security Essentials. Download the Windows updates too and you are covered. You don't need a brain to do those two things
and your home computer is covered. Corporate systems want more security but they employ IT guys to do this
Apple is not more secure than Windows 7 it is more expensive
Windows threads? There are rarely Windows threads these days.
My first small computer (~1974) was a DEC PDP-8L (mag core, 4096 12-words of memory, an ASR-33 TTY and punched paper tape for I/O. I programmed it in PDP-8 assembler. Toggled in the paper tape boot loader at the front panel on switches. Those were the days!
In 1981 I ran RT-11 on an LSI-11/23, and later RSX-11/M. I was mainly doing engineering -- among other things, I designed an infrared earth sensor for use on geosynchronous communications satellites for IntelSAT in 1983 on the LSI-11/23.
In 1985 I was did a bunch of work on one of Cornell's VAX-11/780 machines, learned VAX DCL and EDT, and assisted with the engineering work on their computer-aided design facility. I later consulted there as a system admin and had an Ultrix DECstation 3100 as my personal desktop. That was the fastest Unix workstation around (MIPS RISC-based) and kicked some serious butt for those days.
So,.... yes. I've retained a fondness for DEC gear. It's a shame they didn't survive.
A million times nothing is still nothing.
No, you probably got slammed for saying "MAC." The proper usage is "Mac"... not all upper case. It isn't an acronym. "MAC" is used by trolls. "MAC" is a cosmetic or a Media Access Control in computer terminology. "Mac" is the short nickname for the Macintosh computers line manufactured by Apple Inc. Trolls insist on using MAC, despite being told the proper usage to irritate Mac users... and they will do so repeatedly after being told the difference. That is why you probably got slammed.
I intended to stress those words to get through to you... you don't seem to be getting the message. I thought maybe shouting would do it. You've been harassing Mac users for ten years, according to your own words... and now you are back. Being smug about your unwelcome advice that was USELESS during those ten years. Why should we listen to you now and pat you on the back for useless advice. Our decision to ignore you was validated for ten years. I think ignoring you now is an equally valid option. Your "Nyah, Nyah, Hyah, I told you so!" attitude about a single, easily avoided trojan is just as worthless as your ten years of previous worthless advice.
I dunno.... is your kid ugly?
Nope, you have just been merely rude for ten years... and are repeating what you have told us is a pattern of behavior, and are being called on the carpet for that behavior.
(rolls eyes)
Me too. EDT could run circles around any editing package on an IBM type machine, or even word processing software on Modern PC's.
What I found most interesting was what the DEC CE told me. When I would call in for service, I would give the problem to the person at DEC SERVICE. He told me that I wasn't talking to a person, I was talking to a VAX.
The voice software that is around today (available commercially) still pales in comparison.
While working on the 11/870 and using EDT, I also had an AT&T 3B2/300 desktop mini at home (SysV Unix), and no decent screen editor (unless you count vi). So I took the sources for MicroEMACS which were fairly new then, and rewrote the keyboard definitions and macro handling so that it aped EDT... called it "edtmacs". Got it running on SysV, ported it to BSD, MS-DOS, MacOS (yikes!), and even back to the VAX, just because. And used it on a proprietary embedded industrial process control computer I designed in the late 80's.
All because I couldn't give up EDT's power. There was a company whose name I don't recall who produced a slick EDT for the IBM-PC, so I must not have been alone in my loyalty. :)
> I was talking to a VAX.
Now, THAT must have been way cool!
More like scary. I've have listened to plenty of Synthesized voices on the phone, and I can always tell.
Until that C.E. told me, however, I did not know that the voice on the Service Line was from a computer.
I also had a MAC SE (way back then), and it had voice software which would read any TEXT material to me. I could change from male to female voices, change the speed, and alter the inflection slightly. It was pretty good, but one could still tell it was synthesized.
Later on, I had Voice software on a PC. It sucked.
I visited Drudge this weekend and the thing tried to get me.
I posted a screen shot of it here:
http://tinypic.com/view.php?pic=30cc083&s=7
I had to force quit Safari to make it go away.
Glad you caught it before it caught you. But man I can so see most mac users clicking OK to that.
LMFAO! How many more qualifiers do you need? I think at the 3rd qualifier...it's pretty much over. You know one could do the same for windows as well. Or Linux.
Really? Ok, let's see that list that has plagued the latest version of windows. After all we are only talking about OSX here and not the previous disaster of an OS OS9.
But I'll even concede and let you show the THOUSANDS of self-replicating viruses going back to Vista the previous OS for Windows. Heck if you will show Thousands than I'll even say XP is fair game.
Or was that just another Macbot insult that macbots NEVER do and will say it never happened when called out on it later?
BTTT
I find it funny that they take calling a Mac MAC as an insult. I honestly did it because I didn’t know the difference way back when and still do it because for some reason it sets off their OCD and they can’t talk or see straight until it’s fixed. Just like when referring to a “virus” in the general terms of a virus as most computer users understand it to be. They start twitching and shaking and don’t understand anything when you call it a MAC and use virus in the generic sense.
Do that and they avoid the whole issue that the MAC had a real world virus that they said would be impossible because the user would have to enter his password to catch that virus.
Let me translate that for the macbots: “Mac had a real-world malware infect their machine which they were assured it would be impossible to get infected without using their admin password.”
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.