backtop


Print 70 comment(s) - last by FredEx.. on Jun 13 at 7:07 PM


A Mac service technician used spyware to take shots of unsuspecting young women, some of whom were undressed.   (Source: yavamospillaos.wordpress.com)

The malware would pop up OS X messages that looked like system warnings, like this one. The warnings were designed to lure young women to take their computer with them while showering.  (Source: Notebooks.com)

Trevor Harwell's plot was foiled after police searched his computers after a victim received a tip from a local service tech.  (Source: Fullerton Police Department)
Obviously he didn't get the memo that Mac's are unaffected by malicious software

Trevor Harwell, a 20-year-old Los Angeles, California area certified Mac repair specialist is in a load of trouble after police discovered his unusual hobby -- installing spyware on female clients' Macs and using it to take naughty pictures of them remotely.

The young man's scheme was discovered when one of the victims took her Mac to a local Apple, Inc. (AAPL) Genius Bar, complaining that her Mac was popping up odd OS X system warnings.  

The warnings were actually fake, but designed to look like standard system warnings.  One of the warnings informed her, "You should fix your internal sensor soon. If unsure what to do, try putting your laptop near hot steam for several minutes to clean the sensor."

The message reportedly was designed to try to trick the female victims into taking the computer with them into the shower.

The Apple technician then discovered a piece of Mac malware called Camcapture installed on the machine.  They informed the young woman, "You need to call police."

After contacting the police, Mr. Harwell's Fullerton, California residence was raided and police seized electronics.  Thousands of images were found on the seized computers, all whom thus far have been identified as residents of Los Angeles and Orange County.  Mr. Harwell was arrested Wednesday.

Mr. Harwell's scheme was sophisticated.  Not only did the installed software allow for remote control commands of the webcam, according to Fullerton police spokesman Andrew Goodrich, "It would let his server know that the victim's machine was on. The server would then notify his smartphone... and then the images were recorded on his home computer."

The photos contained women both dressed and unclothed.  The popups apparently tricked several women into taking their laptops with them into the bathroom while showering (to give the laptop its requested "steam" treatment.

Mr. Harwell's business was named Rezitech and was operated out of his home.  Police believe there may be more victims out there, still.  Those who had contact with Mr. Harwell are advised to look in the "/Library/WebServer/Documents" folder where the spyware was typically installed.

Apple fans tend to have the false perception that Macs aren't affected by malware or that only some minuscule percentage are affected by it.  In reality, the platform is home to a diverse and growing body of malware, much like its operating system counterpart from Microsoft Corp. (MSFT), Windows.  A recent malware attack infected 1 in 20 Mac computers, according to service technician reports.  That'd be akin to a virus on Windows that infected 65 million Windows PCs -- almost unheard of [source].

Mr. Harwell had a fundamentalist upbringing, reportedly, attending Biola University, a small, private evangelical Christian college in southern California.  Many of the victims were Biola students, and police believe he may have compromised university systems as well.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Very sad indeed...
By ie5x on 6/10/2011 10:49:31 AM , Rating: 1
... to know that some people will do whatever they are told, even if its giving a shower to the laptop. But then, gullibility is a given trait of Apple customers.




RE: Very sad indeed...
By makken on 6/10/2011 11:28:52 AM , Rating: 2
Unfortunately, it's not limited to Apple customers.

Back when I was in college, a dormmate of mine asked me to help her fix her laptop keyboard which just stopped working suddenly.

I ask her if she's spilled anything on her laptop, and she replies with "No... but I do bring it into the shower with me."

I stare at her blankly for a few seconds, not sure if she was pulling my leg. This prompts her to elaborate: "Yeah, I like having the music playing while I'm taking a shower, sometimes it'll get a little water on it if I have to change the song. Why? could that have broken it?"

I spend the next hour or so explaining why its a bad idea to bring electronic devices into the shower with her.


RE: Very sad indeed...
By MrTeal on 6/10/2011 11:33:33 AM , Rating: 5
quote:
I stare at her blankly for a few seconds, not sure if she was pulling my leg. This prompts her to elaborate: "Yeah, I like having the music playing while I'm taking a shower, sometimes it'll get a little water on it if I have to change the song. Why? could that have broken it?"


You: "That doesn't make any sense. I'd have to see it in person to say for sure."


RE: Very sad indeed...
By Alexstarfire on 6/10/2011 2:28:41 PM , Rating: 2
+1 for that reply. :)


RE: Very sad indeed...
By Samus on 6/10/2011 5:05:19 PM , Rating: 2
my girlfriend brings certain electronic devices into the shower with her...i don't mind, makes my job easier.


RE: Very sad indeed...
By mostyle on 6/11/2011 6:11:26 AM , Rating: 2
quote:
electronic devices into the shower with her


Batteries qualify as electronic? :)


RE: Very sad indeed...
By FredEx on 6/13/2011 7:03:41 PM , Rating: 2
Laptops can run on batteries.


RE: Very sad indeed...
By XZerg on 6/10/11, Rating: 0
RE: Very sad indeed...
By Alexstarfire on 6/10/2011 2:31:56 PM , Rating: 2
As bad as rape? I hope you never get into legislation.

It's certainly bad, but saying that is just silly. If her picture ended up on the front page of a national newspaper, popular magazine, and/or popular website then it might be different... but we know that didn't happen.


RE: Very sad indeed...
By XZerg on 6/10/11, Rating: 0
RE: Very sad indeed...
By Alexstarfire on 6/10/2011 3:02:16 PM , Rating: 3
IDK how I'd see her after that. It doesn't really matter though since it still wouldn't be as bad as rape.


RE: Very sad indeed...
By MrTeal on 6/10/2011 3:04:50 PM , Rating: 2
quote:
How are you going to see your daughter after you coming across some inappropriate pictures of her that some pervert uploaded?


Hopefully the same way you looked at her before. It's not like you found out she's a porno star or something.


RE: Very sad indeed...
By XZerg on 6/10/2011 3:20:37 PM , Rating: 3
Simply put it would royally mess up a father's head - mine would. There are things in life that regardless of how hard you try to forget, especially the emotionally damaging events, you can't. Remember Lawrence Fisbourne and his daughter incident?

Or think about it from a child's perspective. how would a mother explain to her child about the picture that the child's friends keep using to make fun of it or vulgar comments about it?

I just feel that people doing all this pr0n0 related stuff don't even contemplate about the family perspective or future. Just focusing on some easy cash and short-term benefits instead of longer term.


RE: Very sad indeed...
By derricker on 6/10/2011 7:07:44 PM , Rating: 2
You're already very messed up if you can equal the Fishburne situation, a full blown prostitute, by choice btw as she had millions already, to a daughter of yours, a human being, being in a possible privacy compromised situation, by whatever the reason.

What?? would you stop loving her if you (and half the world) happen to see her f****g her boyfriend, specially if she didn't intend that to be seen by anybody else?


RE: Very sad indeed...
By superstition on 6/10/2011 7:29:24 PM , Rating: 2
Make sure she has FGM and you'll feel much better!

(ugh)


RE: Very sad indeed...
By FredEx on 6/13/2011 7:07:13 PM , Rating: 2
A work associates daughter posed fully nude in Playboy's Girls of the ACC, when she was at a college in the ACC. He got over it.


RE: Very sad indeed...
By n00bxqb on 6/10/2011 6:08:08 PM , Rating: 2
Like anyone is going to go looking for pictures of random naked girls. Have you seen what's on the internet ? Why do you think Playboy is going bankrupt ?


There are other ways
By Etern205 on 6/10/2011 9:39:27 AM , Rating: 2
to create steam, like cooking a pot of water.




RE: There are other ways
By Brandon Hill (blog) on 6/10/2011 9:42:09 AM , Rating: 5
Is that a "she needs to be in the kitchen" joke? ;)


RE: There are other ways
By dananski on 6/10/2011 10:23:34 AM , Rating: 5
Not only that, but people actually believed that there was good cause to put their laptop in the bathroom and take a shower. Because we all know how much steam helps electrical components! And these are meant to be university students! Once upon a time, university places were for smart people.


RE: There are other ways
By Souka on 6/10/2011 11:00:20 AM , Rating: 4
But these are Mac owners...to them "it just works" is their level of knowledge of technology.

Apple owners do what their told...
http://imagesarchive.org/archive/wp-content/upload...


RE: There are other ways
By nafhan on 6/10/2011 11:18:12 AM , Rating: 3
quote:
And these are meant to be university students
In my experience (and depending on the university), being a student often just means the student's parents are willing to pay for them to go through college - regardless of ability.


RE: There are other ways
By Murloc on 6/10/11, Rating: 0
RE: There are other ways
By Alexstarfire on 6/10/2011 2:24:54 PM , Rating: 1
How did you get rated down for making fun of Mac peoples intelligence while another guy got rated up to a 5?


RE: There are other ways
By runutz on 6/13/2011 5:35:02 PM , Rating: 2
maybe because the other guy's intend was to blast "Fundamentalists" and not mac owners?

Just a wild guess, but...


Hmm...
By judasmachine on 6/10/2011 10:23:07 AM , Rating: 5
Before I condemn him, I'm going to need to see more evidence.




RE: Hmm...
By phantom505 on 6/10/2011 11:05:15 AM , Rating: 5
Hopefully there is a compelling body of evidence.


RE: Hmm...
By Gio6518 on 6/10/2011 5:43:36 PM , Rating: 5
I wonder if he accidently captured some video of Tony Swash chocking his chicken while holding a picture of Steve Jobs...


RE: Hmm...
By Tony Swash on 6/10/2011 7:47:49 PM , Rating: 3
quote:
I wonder if he accidently captured some video of Tony Swash chocking his chicken while holding a picture of Steve Jobs...


Dude please - it's pictures of Phil Schiller :)


RE: Hmm...
By Gio6518 on 6/10/2011 11:28:17 PM , Rating: 2
quote:
Dude please - it's pictures of Phil Schiller :)


LOL nicely done !


RE: Hmm...
By sstteevveenn on 6/10/2011 11:12:18 AM , Rating: 2
yep, poidh!


misrepresenting facts again...
By thornburg on 6/10/2011 11:12:37 AM , Rating: 4
quote:
A recent malware attack infected 1 in 20 Mac computers, according to service technician reports. That'd be akin to a virus on Windows that infected 65 million Windows PCs -- almost unheard of.


Um, the "1 in 20" Macs is 1 in 20 Macs that required service or repair.

I'm a PC & Mac tech, and 19 in 20 PCs that I work on have virus or malware infections. Does that mean 95% of PCs are infected? No, it doesn't.




RE: misrepresenting facts again...
By GuinnessKMF on 6/10/2011 12:24:51 PM , Rating: 2
So it's entirely impossible in your mind that service technician's reports weren't used to determine how many Macs were infected, used estimates as to how many Macs are currently in use, and then did this crazy thing called math to figure out the ratio.


RE: misrepresenting facts again...
By UnWeave on 6/10/2011 1:37:48 PM , Rating: 2
If you checked the DailyTech article linked to, you'd find:

"Andy says that in the past about 0.2 percent of service Macs were suffering from some kind of malware -- "most always DNS trojans." Now that number soared to around 5.8 percent, mostly thanks to MacDefender..."

That is ~1 in 20 Macs serviced found to have malware installed. This article, however (as thornburg correctly pointed out), seems to suggest that 1 in 20 Macs were infected. I don't have actual numbers or estimates from security firms to hand, but I think it is fair to assume the actual fraction is smaller. Yes, it's growing, but the claim of 1 in 20 is clearly unfounded.


By Alexstarfire on 6/10/2011 2:36:51 PM , Rating: 3
It's not fair nor safe to assume anything other than roughly 1:20 macs serviced were infected. The actual ratio could be higher or lower or even the exact same. You could make a far better guess if you knew the ratio of macs that were/are serviced. We don't know the number or the ratio though.


By Justin Case on 6/11/2011 5:28:18 PM , Rating: 2
quote:
I think it is fair to assume the actual fraction is smaller.


What exactly is the logic behind that?

If 20% of cars serviced at a garage have a Celine Dion CD in the glovebox, is it "fair to assume that the actual fraction is lower"?

For all you know, maybe every single Mac that wasn't serviced is infected with MacDefender.

Unless people brought in their Macs to be serviced because they detected they were infected with MacDefender (which doesn't make much sense, because the software that detects it will also clear it, and therefore it won't be there when they take it to the shop), then the sample should be fairly random.


Couple confusing issues here
By lagomorpha on 6/10/2011 3:18:45 PM , Rating: 4
He was a fundamentalist Christian and a Mac user and still wanted to see women naked? I'm mostly shocked that he didn't have loads of pictures of naked men.

"The popups apparently tricked several women into taking their laptops with them into the bathroom while showering (to give the laptop its requested "steam" treatment."

*facepalm* Are women really this stupid?




RE: Couple confusing issues here
By lagomorpha on 6/10/2011 3:23:00 PM , Rating: 2
Actually scratch that, they were stupid enough to buy Macs in the first place. It shouldn't be surprising they decided to bring them in the shower to "steam clean the sensor".


By Justin Case on 6/11/2011 5:34:14 PM , Rating: 2
Mac laptops are decent, though still a bit overpriced. Desktops are ridiculously overpriced, and anything running iOS is crippleware, so closed and proprietary it even makes M$ blush, but OSX laptops are decent value for money. Terrible keyboards, but nice screens, and the same hardware specs of a good PC.

Which doesn't invalidate the fact that they're bought mostly by people who don't know much about computers, and aren't really willing to learn, so they're more likely to fall for this kind of stuff (same with the original version of Mac Defender, that required user intervention and still managed to spread like wildfire).


RE: Couple confusing issues here
By superstition on 6/10/2011 7:27:33 PM , Rating: 2
"He was a fundamentalist Christian and a Mac user and still wanted to see women naked? I'm mostly shocked that he didn't have loads of pictures of naked men.

*facepalm* Are women really this stupid?"

Your commentary is hardly a beacon of insight.


Well...
By bernardl on 6/10/2011 10:58:13 PM , Rating: 2
Am I the only one to find that the last chapter of the article, where Mr. Mick once more unleashes his strange hate for Macs, is totally out of place?

That is if this is still supposed to be some form of journalism.

Cheers,
Bernard




RE: Well...
By Bonesdad on 6/12/2011 10:58:14 AM , Rating: 3
not the only one at all, don't think anyone is surprised though. Dailytech is hardly a beacon of journalistic integrity.


This is Tech News?
By emmettc on 6/10/2011 11:54:44 AM , Rating: 3
Really??




i knew it!
By 85 on 6/10/2011 9:33:47 AM , Rating: 2
I KNEW IT!!!

It really was Apple's fault!




By wordsworm on 6/10/2011 10:34:38 AM , Rating: 2
Hot girl in the shower can turn me on. I can see that it might have a similar effect on a computer. But wow... I can't believe the ladies fell for that.

"How do I turn on my laptop?"
"Just do a little strip tease first, and it'll turn on and get warmed right up."




Spying, eh?
By snikt on 6/10/2011 10:44:14 AM , Rating: 2
This guy got caught? Hmmmm, he's hiding it wrong...




We want proof
By nukunukoo on 6/10/2011 3:27:07 PM , Rating: 2
I want to see those pix and/or videos, else I'll have to call it fake.




Observation
By wgbutler on 6/12/2011 11:15:37 PM , Rating: 2
quote:

Mr. Harwell had a fundamentalist upbringing, reportedly, attending Biola University, a small, private evangelical Christian college in southern California


I find it interesting that Jason Mick goes out of his way to speculate on the perpetrator's religiosity, even though it has nothing to do with the story.

It's strange how, depending on one's religious background, the religion will either be showcased and yelled from the rooftops, as in Harwell's case (even if has nothing to do with the crime or the story), or covered up and glossed over, as was the case in this situation:

http://www.telegraph.co.uk/news/uknews/law-and-ord...

I guess the whole "tolerance" principle doesn't equally apply to all viewpoints...




You're misusing it wrong.
By Chudilo on 6/10/2011 10:25:08 AM , Rating: 1
You're misusing your Apple product wrong :)




since he's a Mac tech
By senbassador on 6/11/2011 12:11:41 AM , Rating: 1
He must been having a magical moment with magic stick.




f**k you
By Queonda on 6/10/11, Rating: -1
RE: f**k you
By Camikazi on 6/11/2011 9:42:11 AM , Rating: 2
Ha complaining about others stereotyping you and what you use while in the same sentence stereotyping other people. You're funny and a hypocrite at the same time.


Password
By shompa on 6/10/11, Rating: -1
RE: Password
By JasonMick (blog) on 6/10/2011 9:51:50 AM , Rating: 5
quote:
The only way the computers could be infected was if the users provided the program/the "hacker" with Root password.

If you give someone Root, nothing is secure. Not Apple, Not Android/win/linux/unix.

Not necessarily true. You are uninformed. Several pieces of Mac malware require no root password to install and run... e.g. recent versions of MacDefender.

I don't know if this particular guy was that sophisticated, but to say that it's impossible to infect Macs w/out the root password is just flat out ignorant.


RE: Password
By MrTeal on 6/10/2011 10:18:11 AM , Rating: 5
He doesn't need to be that sophisticated, he had physical possession of the computer and likely the root password as well. If he wanted, he could have cloned the entire hard drive.

I have an Asus laptop, and had some issues with the ribbon cable to the monitor being flaky and the screen going crazy. It was under warranty, so I sent it in for the free repair. Before I did, I imaged the drive and installed a clean copy of the OS. Taking you computer in with all your files to any of these Geek Squad/Apple Tech where most of the techs are teenagers or Comp Sci dropouts makes no more sense than taking your car in to the mechanic to get the brakes worked on with all your tax records boxed in the back seat.

These girls are probably lucky this guy was just a pathetic pervert instead of a criminal. I'd bet a good number of them had their online banking site bookmarked, with their client number and password saved in the browser.


RE: Password
By Flunk on 6/10/2011 10:30:45 AM , Rating: 2
Spying on people without their knowledge is criminal. Don't try to downplay the magnitude of his crimes. A lot of people would rather have their credit card info stolen than their privacy invaded.


RE: Password
By MrTeal on 6/10/2011 10:56:12 AM , Rating: 3
Sorry, you're right on the fact that he definitely is a criminal. I'm sure to them they don't think that they were lucky. He could have stolen all their money/destroy their credit rating as well though, and I think that there's a higher probability of that happening than having your image taken.

Either way, taking your computer to some random guy for service is incredibly risky with how connected they are to most people's lives.


RE: Password
By Justin Case on 6/11/2011 5:39:32 PM , Rating: 2
quote:
Spying on people without their knowledge is criminal.


Unless it's done by the US government, in which case it's "protecting your freedom".

BTW, if you spy on people with their knowledge, is that still spying...?


RE: Password
By Strunf on 6/10/2011 12:04:19 PM , Rating: 2
I don't know what bank you are in but the one I use doesn't have a password, it gives you a key that you have to type in a kind of calculator to get the answer, convenience has a price that in this I sure don't want to pay!

If I had the problem you had I would probably do the same BTW did you erase your HD with the right tools?... still if your problem was the hard drive how would you be able to delete your data?
Better safe than sorry but at some point you'll have to trust someone. These girls just meet the wrong guy and in this life everyone will meet a lot of wrong guys, if it's not your IT support guy, it's your mechanic, or your lawyer or your wife...


RE: Password
By MrTeal on 6/10/2011 12:23:02 PM , Rating: 2
Like a SecurID fob? That's definitely more secure than just requiring a UN/PW, but at least to my knowledge most banks don't do that.


RE: Password
By Makaveli on 6/10/2011 12:42:13 PM , Rating: 2
I with TD Bank in Canada.

And its easy web access remembers the ip you login from.

So as soon as you login from an ip it doesn't have stored for me you don't even get a password prompt it goes straight to the secret answer password page.


RE: Password
By honkj on 6/10/11, Rating: -1
RE: Password
By frobizzle on 6/10/2011 11:01:25 AM , Rating: 5
Tinfoil hat a little too snug today, pal?


RE: Password
By Alexstarfire on 6/10/2011 2:52:51 PM , Rating: 2
It's like every time an article about malware on OS X comes up peopel make up more and more ridiculous numbers for the amount of malware and/or viruses on the PC. Millions of different malware programs? I really really doubt that unless you count every version of every piece of malware which simply makes no sense.


RE: Password
By Alexstarfire on 6/10/2011 2:54:13 PM , Rating: 2
FRACK.

people*


RE: Password
By phantom505 on 6/10/2011 10:58:43 AM , Rating: 3
He knew how to create web services at a minimum.


RE: Password
By Bonesdad on 6/12/2011 11:00:51 AM , Rating: 2
I got a laugh out of the comment about being "sophisticated" in the article. The popup message he devised was anything but sophisticated...though amazingly, some folks fell for it.


RE: Password
By Daemyion on 6/10/2011 2:21:38 PM , Rating: 1
I never got the whole "root passwd is what really matters".

What really matters is the end user. If you get access to everything the user does on a single user machine what does root access give you to do that the user account doesn't?

Root isn't the login you use for cc transactions, saving your important documents or "playing your music in the shower", and since those are the things that are important for malicious parties, how does the fact that a super user account exist save you?

As long as you have user access, arguably you have access to the most important thing in the machine - the user.


RE: Password
By FastEddieLB on 6/11/2011 5:15:05 PM , Rating: 2
PEBKAC

Problem Exists Between Keyboard And Chair


"We can't expect users to use common sense. That would eliminate the need for all sorts of legislation, committees, oversight and lawyers." -- Christopher Jennings














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki