New Trojan horse for the mac

Matt

Senior Member
Joined
May 7, 2007
Messages
861
http://blog.washingtonpost.com/securityfix/2008/06/new_trojan_leverages_unpatched.html?nav=rss_blog

I think this just proves that Macs aren't any safer than Windows... Probably the same for Windows.

This command post by robert sums it up nicely:

Its about somebody showed Mac users that they are vulnerable , if Apple ever gets half as many people using it as there are windows users we will see just how safe they are . If it is made by one man it can be hacked by another. There is no such thing as a safe operating system, just people dumb enough to believe its safe because Steve Jobs and his minions told them it is.
 


Trojan for Macs, so this is a proof that any OS can infect by malwares...
Majority of peoples use Windows that's why lots of malware developers making malwares to Windows, If Mac is majority use of people, it will be vice versa and Windows will probably realize it's safer than Mac.

I think Macs don't have any Internet Security suites was develop for it, so it will be much vulnerable if lots of malware are available on Macs than Windows that has a lot of Internet Security softwares.
 


Nobody writes Viruses for Mac OSX because it's so easy to find them due to pretty much everything software being screened by Apple.
 


Actually, there is some AV software for the mac: http://www.symantec.com/norton/macintosh/antivirus Though I don't think anyone uses it.

But the thing is that people that use macs have the mentality that they can do anything like open attachments on a mac because they are completely safe.

BTW, 50% of PCs being sold that cost more than $1000 are macs, so expect more exploits, mac.
 


There are viruses, for the mac, don't take me the wrong way, I'm just saying they're harder to keep hidden than on PC.
BTW, ClamXav is the best OSX antivirus, and it's free.
 


Well, for now. But as market share climbs, people WILL find flaws.

Anyway, if there is a good AV for Mac, it doesn't matter until Apple realizes that their users need AV, and starts to admit it.
 


Ha, I wonder how Apple will claim that they get no virus' in there famous "Mac Vs Pc" Ad :P
 


Oh, they'll just keep saying that it's virus free, and point that few people have seen it in the wild.
 


Yes Macs are safer, because they run a Unix kernel. If you don't know the difference between the kernels don't talk about how Macs aren't safe. Also, the OS doesn't matter if there is a nitwit clicking on everything on the net and installing anything that pops up. I use MacOSX, Ubuntu 8.10, Windows XP, and trying Windows 7, and I haven't had a virus since I can remember because I PAY ATTENTION TO WHAT GETS INSTALLED ON MY COMPUTER!
 


Last edited:
Wow! Where can I find Ubuntu 10?
The latest version I can find is 8.10.
 


How about trying Ubuntu's site
Link Removed
 


Yes Macs are safer, because they run a Unix kernel. If you don't know the difference between the kernels don't talk about how Macs aren't safe. Also, the OS doesn't matter if there is a nitwit clicking on everything on the net and installing anything that pops up. I use MacOSX, Ubuntu 8.10, Windows XP, and trying Windows 7, and I haven't had a virus since I can remember because I PAY ATTENTION TO WHAT GETS INSTALLED ON MY COMPUTER!

Actually the same is true for Windows (don't get me wrong - I LOVE using Linux as well (OpenSUSE 11.1 64 Bit server works a treat) but if you take the following precautions you don't even need to run any AV software or even any SOFTWARE firewalls (most people don't use the usually very good stuff built into most routers and look at the Router logs).

1) DON'T open ANY email attachment unless you know and trust who sent it.
2) Don't Visit dubious web sites
3) don't download and install ANY software / music etc unless being 100% certain there's no spy/ad/malware in them.

Typical AV software is a pain because it slows the computer down, and often confuses the issue with "False Positives". In any case "who guards the guards" -- if your AV software is the cause of the virus as it could be in the case of "Free downloads / use of torrents" then you are 100% royally hosed up.

4) (in Bold) NEVER EVER run those programs that offer to scan your computer, find drivers etc etc. At the very least they are full of nagware pesterring you to buy something or upgrade to a "pro" version and at worst can install some real nasties on your machine.

5) Block ports and services you don't use via the router options.

6) always check the router logs -- they report on attempts if any for connections to your network from outside, details of stuff sent to the internet (check this if your computer is "always on").

7) always as soon as possible apply the latest security updates from Microsoft, Novell, Apple etc etc.

8) when away from a home network if you don't need it SWITCH OFF the wireless function in your router. Only enable it when you need it and ALWAYS SECURITY PROTECT IT. Even simple WEP is better than nothing.

simple rules which should keep your computer(s) 100% safe.

Cheers
jimbo
 


Last edited:
There is not an actual spreadable trojan for OS X in the wild.
To infect yourself, a user would have to follow these steps on OS X.

First you have to download the worm manually, from a porn site :)
Second, you have to double-click the DMG installer
Third, you have to agree to install
Forth, you have to give it your root password
Fifth, you have to agree again (via OS X)
Sixth, OSX warns you and you have to say "yes" to replace important OS X files

Hmm.. Sounds a lot like the UAC in Vista/Windows 7.. Where ever did Microsoft get the idea for UAC? :)
Any user who gets infected at that point, deserves it :)

That is a lot of work to become infected. Thus is why there is no "spread".

People like to make the point that "Mac has too small of market". Well, this has been said for 10 years now. Now, OS X is anywhere between 4% to 7% (depending on who your source is) WORLDWIDE. That's millions of computers to "attack".

Last year a group offered $10,000 to anybody to make a Trojan for OS X that could be spread - this was sanctioned by large AV companies for a true test. Nobody has stepped up to date to claim the $10K.

The main reason this has not been done, is because unless Mac users suddenly decide that they want to install a program from a porn site, enter there root password, click yes on a prompt that says it's changing important OS X files, it's not really going to spread too far.

BTW i am not saying Mac is the end all perfect OS and is infallible. Just wanted to open your eyes to some of the stuff that is going on behind the scenes. I am overjoyed that MS has decided to implement non-admin user accounts and yes/no prompts for making mods to the computer. I have yet to run into PC's running Windows 7 or Vista infested with numerous viruses, 1000's of separate pieces of malware, AKA common problems I have seen time and again on XP, 2000, 2003, etc.

But to jump all over Apple like this is kind of lame considering the situation.

Take a look at some of the security updates XP does, anything with the word Critical in it, usually means remote code execution or some code that allows an attacker to control your computer. Thing is, you don't even have to go to a questionable porn website, Microsoft packed IE, Windows Explorer, Excel, Word, etc with these flaws, built into the software when you install it!
:eek:
 


Last edited:
I'm not worrying about the trojan, i keep a close eye on what my Mac is doing, i use this little program called Little Snitch, which acts like Zonealarm firewall for PC. It does get annoying sometimes constantly asking for permission, but it's all good.
 


Back
Top