Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: Swordmaker
Hi Swordmaker,

Kaspersky claims to have confirmed the ~1/2 million infected computers, of which he says probably 98% are running OS-X.

http://www.pcmag.com/article2/0,2817,2402715,00.asp

I'm willing to believe Kaspersky; he's often run around with his hair on fire, but he seems to have done a good job of checking on this one.

I'd say, at this point, this looks to be the first big "Java-bites-OS-X" event that didn't get stopped quickly enough. F-Secure has a page with good information (quite technical) here:
http://www.f-secure.com/weblog/archives/00002336.html

118 posted on 04/06/2012 2:51:44 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 83 | View Replies ]

To: dayglored; All

Please quit bashing Macs. It gets tiresome.

Coming on the thread to gloat about a story that is weeks old (Swordmaker warned us not to download from a pop-up back in February, if I remember right).

I don’t get the hostility from PC enthusiasts toward thos of us who prefer Macs. There must be some deep insecure anxiety in their precious liitle hearts.

Happy Mac user since the original IIe.


119 posted on 04/06/2012 5:42:43 PM PDT by jacquej
[ Post Reply | Private Reply | To 118 | View Replies ]
To: dayglored
Kaspersky claims to have confirmed the ~1/2 million infected computers, of which he says probably 98% are running OS-X.

We are STILL not seeing large numbers of people reporting finding the malware existing on their computers. This simply does not compute with the reports of what Kaspersky and Dr. Web are reporting... I would be more suspicious of a false bombing attack with a few computers forging signatures than that many Macs being infected from the few non-popular website so far identified carrying the Trojan such as:

godofwar3.rr.nu
ironmanvideo.rr.nu
killaoftime.rr.nu
gangstasparadise.rr.nu
mystreamvideo.rr.nu
bestustreamtv.rr.nu
ustreambesttv.rr.nu
ustreamtvonline.rr.nu
ustream-tv.rr.nu
ustream.rr.nu

Can you conceive of hundreds of thousands of Mac users—no make that millions of Mac users (counting the immune ones without JAVA installed), visiting THOSE websites—in just a couple of months, and either being tricked into, or drive by installing, the Trojan? Frankly. I can't.

And what's with 98% of the signatures being OSX???? This is a JAVA script vulnerability! When have you known Windows users to have such a complete install of a patch to any vulnerability that almost ALL hits from a cross platform bot are from a non-Windows source??? Doctor Web on first report said 56% were Macs... now, suddenly Kaspersky says 98% are Macs? What gives? I simply don't believe it.

I think the OS signatures are being spoofed by the Trojan, an easy thing to do—since Mac users are NOT reporting finding the Trojan in large numbers on the forums! Mac users are notorious for reporting problems when they find them—and they simply are not reporting this.

123 posted on 04/06/2012 7:36:49 PM PDT by Swordmaker
[ Post Reply | Private Reply | To 118 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson