backtop

Software Malware Hits OS X; No Major Damage
Tuan Nguyen (Blog) - February 16, 2006 1:59 PM
Print E-mail del.icio.us 22 comment(s) - last by Bonrock.. on Feb 17 at 1:10 PM
But OS X users remain adamant that their system is highly secure and much less likely to suffer than a Windows system

Circulating reports are saying that Apple users have their first major case of malware infecting OS X. Understandably, OS X users rarely -- if ever -- have to worry about viruses and spyware running rampant on their systems. A number of factors of course, contribute to this. First of all, OS X is based entirely on a different OS architecture with entirely different security models than Windows XP. The second factor is that OS X isn't as widely used. A lot of power users argue that even if OS X was as popular, infection rates would hardly change simply because of the fact that OS X is considered to be a "superior" OS, containing a myriad of UNIX/Linux features not found on a Windows environment.

The malware, classified as a worm, appears to be an instant-messaging worm that anti-virus outfit Sophos calls OSX/Leap-A. According to Sophos, OSX/Leap-A deletes files from a user's computer and leaves other files behind.

Some aliases that OSX/Leap-A is known under are:
  • CME-4
  • MacOS/Leap
  • MacOS/Leap!tgz
  • OSX.Leap.A
  • OSX/Leap
Windows users on the other hand face spyware, viruses, trojans, and a heap of other software and system attacks on a daily basis.

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
In a way....
By cscpianoman on 2/16/2006 2:16:26 PM , Rating: 2
In a way I'm not surprised. Someone, somewhere, somehow would have figured out how to program something for OSX.

OSX at the moment is infinitely more secure compared to Windows, but it's not 100% secure; this malware proves that. There is no way to have a 100% secure system.

I suspect that now someone has done it; another will follow. Probably at a slower pace than Windows, but I can guarantee there will be more to follow.




RE: In a way....
By Stoene on 2/16/2006 2:37:21 PM , Rating: 2
Perhaps, the arts'y types that use Mac's are just not good at writing malware/virus/spyware programs.


RE: In a way....
By aguilpa1 on 2/16/2006 3:26:03 PM , Rating: 2
no OS is secure,

Mac people like to be different under the pretext of being "artistic"....whatever, they don't realize how technically illiterate they are making themselves by hiding behind "pretty" overpriced non-upgradable boxes.

Computers are technological marvels meant to be understood and examined in depth, not appliances to hide behind.


RE: In a way....
By Homerboy on 2/16/2006 3:31:10 PM , Rating: 1
haha this is some of the funniest crap I've read in a long time. Keep these replies coming!


RE: In a way....
By aguilpa1 on 2/16/2006 3:33:14 PM , Rating: 2
you make as much sense as a pompous waiter...


RE: In a way....
By Questar on 2/16/2006 3:33:27 PM , Rating: 2
quote:
Computers are technological marvels meant to be understood and examined in depth, not appliances to hide behind.


Why?

Cars are technological marvels that I couldn't care less about understanding in depth. Push the gas, it goes, push the brake it stops.

PCS networks technological marvels that I couldn't care less about understanding in depth. Dial a number, a few seconds later I'm talking to someone.

Computers are "meant" to be examined in depth. They are tools.


RE: In a way....
By Questar on 2/16/2006 3:34:31 PM , Rating: 2
Bah, when do we get edit functions?

Computers are NOT meant to be studied in depth.


RE: In a way....
By hiscross on 2/16/2006 3:54:20 PM , Rating: 2
This is nuts. Computers wirk for people, not the other way around. Just because the world has accepted the unnecessary complexity of most systems is a reflection of them. Mac peopke learned long ago that Mac's work for them, not the other way. I'm typing this on a Dell winxpsp2 so I know the difference (I'm using someone elses system, if won't waste a penny of my own money on this thing).I also agree that all OS's can be hacked. It's just so simple to do on windows grade school kids do it all the time.


RE: In a way....
By slashbinslashbash on 2/16/2006 8:03:26 PM , Rating: 2
Ok, I agree that no OS is secure. Not even OpenBSD.

Not all Mac users are "artistic" and some of us have arrived back at Macs after years of putting together our own PCs with Windows and Linux OSes, and finally figuring out that we like the prettiness and Unix-ness of OSX. I don't know how building a PC from the ground up gives you "in depth" knowledge or understanding of a computer. OSX actually makes it a lot easier to program and hack around with the OS, which is where the *real* "in depth" computer knowledge comes... not in "RAM goes in this slot, hard drive plugs in here."

Plus, those who just want an appliance will get it. No muss, no fuss. It just works. You pay a bit more, but for that you get wireless networking that "just works" with none of that constant system tray popping up BS that you seem to get 50% of the time with Windows wireless networking. You get *real* GPU's (ATI 9200 w/ 32MB VRAM on the $500 Mac mini) instead of Intel Integrated Crapola900 with shared RAM.

Plus I don't know what you mean by non-upgradable. Macs use, and have always used, the same RAM and hard drives used in PC systems (sometimes with slight variations, e.g. SCSI drives when PCs were using IDE, or RAM with certain CAS timings). Video cards and CPU's have been problematic and only available in niche markets, but with the new Intel-based Macs the CPU's will be easily upgradable, and maybe (although this might be too much to wish for) they will accept normal video cards as well, or dual Mac/PC video cards will become more prevalent. In any case, Macs use the exact same GPU's, they just require slightly different video BIOS/firmware/whatever.


RE: In a way....
By Plasmoid on 2/16/2006 8:20:13 PM , Rating: 2
OS's with no I/O at all or completly secure so there.

No real world widely compatible and fully featured OS is 100% secure but its not for lack of trying. Its more down to the way the internet, communication protocols and ease of use is integrated together.

I have no doubt a less fully features, working on only certain hardware and awkward to use OS could be 100% secure, but of course no one would use it.

Im guessing Mac OS being secure is a combination of no one to infect making it less wortwhile to make a virus for and of course hackers not having Mac's to actually test and code on. Now if somone started making a virus that could be ported to any OS easily...


I wouldn't feel so confident.
By bunnyfubbles on 2/16/2006 3:52:12 PM , Rating: 2
quote:
But OS X users remain adamant that their system is highly secure and much less likely to suffer than a Windows system


The main reason OSX has been more secure has been because it hasn't been targeted (less users = less reason to try and exploit them). The more people adopt Apple/OSX the more they come under fire.

If and only if Apple can gain significant ground on windows would I make a claim either way on seccurity. However until then I wouldn't feel so safe with OSX. Why? Well if I get a problem with windows, chances are I'm not the first and someone already has found a solution. Second, there's all the wonderful programs out there to deal with such problems...crapcleaner, spybot, adaware, MS antispyware, spyware blaster, antivir...all free to boot. Where do you even begin with OSX?

I've got an older G3 iBook and I've never worried about malware, and I probably won't have to because I don't use it like I do my desktop, mostly for note taking in classes and other light work with little browsing. But if I did have to use it more I guess I'd have to take the time to really know my way around OSX and the online community to find ways to fix such problems if they did happen to me, or do happen to me because I guess I'm not invulnerable to them even though I think I'm pretty safe.




RE: I wouldn't feel so confident.
By Araxen on 2/16/2006 4:14:12 PM , Rating: 1
The main reason why there isn't as much malware and such is that they were on a RISC processor not a x86 processor. I expect to see more malware and such on OS X as Apple's Intel Mac's become more prevelant.


RE: I wouldn't feel so confident.
By andrep74 on 2/16/2006 5:10:36 PM , Rating: 2
Flame bait? Or are you just that ignorant? WTF does RISC vs. CISC have to do with it??? It's the platform , not the architecture. You could argue that CISC chips of ten years ago are more RISC than most RISC chips are today; yet there were still more vulnerabilities in the popular platforms than the lesser-used ones (there were more vulnerabilities in the less-complex CISC chips running Windows 95 than there are for today's more complex RISC chips running OS/X).

The TI-89 OS is less secure than Windows, but there aren't any worms written for that platform (which is based on a MC68000, btw). The truth is, Windows has so many exploits because it's both easy to exploit and it's a popular platform.


RE: I wouldn't feel so confident.
By plinden on 2/16/2006 11:56:26 PM , Rating: 2
Where's the rolls-eyes icon?

If you read about it, you would see that this malware was written for the PPC processor. It doesn't affect the Intel/Universal binary applications


By zsdersw on 2/16/2006 8:46:18 PM , Rating: 2
For all the ivory tower talk and posturing of "elitist" Mac fanatics (and devotees of other non-Windows OS's, for that matter), what they won't talk about is the human factor of computer and network security. The blame is directed toward, and the fix must accordingly come from, Microsoft or the company/product-du-jour.

How is it, then, that some Windows users don't get viruses and spyware... even without antivirus programs and spyware killers? Is it a Jesus thing? No... it's a smart thing. Stupidity carries a price (or at least it should, anyway).. and in this Internet and Information Technology age we live in, the price of stupidity includes things like spyware and viruses.

I'd really like to see people stop blaming Microsoft for the consequences of people leaving passwords taped to the sides of their monitors, clicking on the "Win A Free TV!" pop-up windows, clicking on the links in the "Update Your Account Info" emails, and searching far and wide on the Internet for "information" that is neither accurate nor important.

Did the computer/OS/Internet fail you... or did *you* fail you? More often than not, it's the latter.




By kelmon on 2/17/2006 3:00:32 AM , Rating: 2
To a large degree, I do agree with you. People should try to be safe and educated when using a computer today because there is so much of this stuff flying around and it tends to get more and more sophisticated. This said, should we accept that we have to be educated in these things? It's fine to talk about being careful and educated when we think of the younger age groups that grew up with computers, and eventually we all will be, but the older generation (not all, I should note) don't get it and OS and application manufacturers should do their best to ensure that potential (and known) holes in security are filled rather than leaving it up to the user to ensure that no "bad" software arrives on their computer.

In regards to this specific trojan, it could (theoretically, at least) be stopped by having the operating system ask the user to acknowledge that they are starting an application the first time that a .app file is run, or have it check archive files being received over the network for executables in the same way that it already alerts to applications being downloaded. Sure, we can leave it up to the user to ensure that what they are downloading or receiving from a chat buddy is OK but there are simple ways of preventing harm.

At the end of the day the chain is only as strong as its weakest link. I highly agree that the human factor is most probably the weakest link these days but surely all steps that can be employed to protect that link should be rather than "hoping" that it doesn't fuck-up.


By zsdersw on 2/17/2006 6:52:14 AM , Rating: 2
Yes, we should accept that we have to be educated in these things. Education, in some form, is required to do just about everything in life and using a computer that is connected to the Internet or to an intranet is no exception.

Microsoft and others don't just "leave it up to the user". If they did, no patches or fixes would ever be introduced. The ultimate responsibility rests with the user to take advantage of both the features of and fixes for the operating systems they use. These features and fixes were provided for the user's benefit. If the user doesn't apply them or chooses to remain ignorant about them, is that Microsoft's fault? No, it's not.

Training and education are readily available. The tips, warnings, patches, and fixes are also readily available. Choosing to remain ignorant is every person's right... but with that right comes responsibility for the consequences of that choice.


hmm
By spwrozek on 2/16/2006 2:15:49 PM , Rating: 5
I think the reason that OSX doesn't get attacked so much is because it is not widely used. If it was widely used and Apple became anything like Microsoft, which would most likely happen, then people would attack it. OSX isn't better then Windows, it is different. Just like you have different versions of linux. Something works best for each individual person. Microsoft is attacked because they are on top and people do not like their business model.

I personally lost all respect for Apple with the ad they have on TV basically telling PC users that they suck and an Intel CPU was crap, until it was on a Mac.




...
By xelpmoc on 2/16/2006 6:13:51 PM , Rating: 3
No OS is safe from stupid users.




We'll see
By Griswold on 2/16/2006 4:37:13 PM , Rating: 2
Windows users on the other hand face spyware, viruses, trojans, and a heap of other software and system attacks on a daily basis.

Potentially . I havent had any spyware, virus or trojan alert in more than 2 years - yet I still keep my scanners up to date. Not using certain software and especially not working under admin rights goes a long way.

As does on OSX. If you happen to run into that new worm while fidling with your apple box under admin rights, you would be in for a surprise, if this worm had any (operational) malicious payload, which it apparently doesnt have - yet.




There are several factors here...
By Bonrock on 2/17/2006 1:10:09 PM , Rating: 2
I think a few things are happening here.

1. Windows was the low-hanging fruit. Two years ago, there were lots of security vulnerabilities in Windows, most users didn't have a firewall, etc. As a result, it was really easy for jerks (because let's face it, that's what they are) to write viruses/worms targeting Windows. Since then, the release of Service Pack 2 and a barrage of monthly security updates from Microsoft have made Windows XP a much more secure OS than it originally was. It still has flaws, obviously, but they are becoming harder to find, and it thus becomes more tempting to target other platforms as well.

2. Obviously, another reason so many viruses/worms target Windows is that more people use Windows, so a virus writer can affect more people. As Macs become more popular, they will start to be more tempting targets. Right now, Macs are still around 3% of the market. Just wait until they hit 15 or 20%, and then we'll see how much malware targets them.

3. Macs were largely used by diehard fans, many of whom were technically savvy. As more and more people switch to Mac, the average Mac user becomes dumber and dumber. This will surely aid the spread of viruses/malware when there are more people who don't understand that you shouldn't run a program sent to you in an e-mail entitled "Hot pix of my teenage daughter."

And by the way, as a Windows user, I have to disagree with this DailyTech article's statement that I must deal with spyware, viruses, etc. on a daily basis. I have my firewall enabled, automatic Windows Updates enabled, and antivirus software and Windows Defender both on auto-protect. Sure, that's a lot of defenses to have to use, but once they're there, I am almost never conscious of them. In fact, most of the time, I don't think about malware until I read an article like this one that reminds me about it.




"I f***ing cannot play Halo 2 multiplayer. I cannot do it." -- Bungie Technical Lead Chris Butcher

DailyTech Poll
Which web browser do you use on your primary personal machine? 






44 Comments







botimage
Copyright 2009 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki