backtop


Print 21 comment(s) - last by wvh.. on May 9 at 8:06 AM


The recent worm/trojan attacking Apple's Macs is relatively harmless due to its inability to complete its email attack. However, its a sign that Apple users may have to stock up for some future de-worming.  (Source: PetCarePills)
Virus proves insignificant, but may be a sign of things to come

A trojan virus attacking Apple computers, transmitted via pirated iWork software, gained significant attention as it was one of the first viruses to strike the OS X platform.  OS X, the operating system of choice for Mac computers, has enjoyed relative safety from OS-tailored attacks thanks to its small market share, though it has become increasingly vulnerable to cross-platform application-level exploits.

The new virus, written in RealBasic, is an ambitious, but decidedly amateurish effort.  Comments in the code state that the virus's goal is to create the "First Mac OS X Botnet."  The virus also tries to steal email addresses, record keystrokes, and transmit itself via attach hard drives.

Some news outlets reported the virus, dubbed Tored, was a worm; others reported it was a trojan.  It turns out it's both -- or at least tries to be.  Both the email theft and replication to attached drives mimic viral worms like the Conficker worm.  However, the SMTP server that the virus tries to forward itself via is currently inactive.  Thus it is currently limited to trojan-style attacks, via the malware-bundled software.

A trojan typically refers to a virus that users unwittingly download and install.  A worm, on the other hand, can transmit itself over a network, via email or remote login.  Transmission via infected USB is a gray area -- some refer to such viruses as worms, others, trojans.

The virus is perhaps the first "e-mail aware" trojan to attack Macs.  While there have been several Apple-specific trojans over the last few years, this appears to be the first virus to try to behave as a worm as well.  This behavior represents a new kind of attack to the Mac platform, even if this particular attack was poorly executed.

States Graham Cluley, senior technology consultant at Sophos, "A lot of Mac fans think that for something to be a worm then it requires no user interaction to spread.  Although there are some Windows worms like that (for instance, Sasser and Code Red), many of the pieces of malware that we consider to be worms (for instance, The Love Bug, Anna Kournikova, etc.) did require user interaction and spread quite successfully."

Perhaps the most amusing aspect of the new virus was that its would-be emails featured this message, in hopes of targeting Macs -- "For Mac OS X ! :(If you are not on Mac please transfer this mail to a Mac and sorry for our fault :)"

Mr. Cluley states, "The good news is that Tored doesn't appear to be a very serious threat, and no-one is likely to encounter it. A much more serious threat for Mac users are the Trojans that are being planted on Websites posing as an attractive download.”

In January, trojans aboard pirated copies of iWork ‘09 and the Mac version of Adobe Photoshop CS4 infected over 5,000 computers.  While lacking the ability to spread autonomously, they formed what is believed to be the first Mac botnet.


Comments     Threshold


This article is over a month old, voting and posting comments is disabled

HaHa
By StraightPipe on 5/7/2009 9:54:11 AM , Rating: 5
"I said Ha-Ha"

//Nelson




Here it comes...
By DASQ on 5/7/2009 1:43:20 PM , Rating: 5
Can't wait to see the spin on this by Apple.
'Mac's accidentally safer!'




5000!
By tlampen on 5/7/2009 3:50:13 PM , Rating: 4
5000 MACs! THAT'S LIKE ALL OF THEM!!!




By saint1415 on 5/7/2009 5:20:42 PM , Rating: 1
Simply look at the marketshare and look at all the hacking conventions...OS X got hacked faster than Vista...Safari faster than IE and Chrome...oh and lets not forget the mobile phone market that someone evidently had a 0day exploit at pwn2own and wouldnt give it up for the few thousand they were going to give him to...crosshairs have shifted as the economy has changed...the coders are now realizing those with Macs have more money than most of the M$ crowd...just give it a few months and there will be a nice infectious worm out there that nobody will notice until it's way too late...




By borismkv on 5/7/2009 5:33:43 PM , Rating: 3
Let's also not forget that the majority of new Apple users are the ones who got fed up with viruses in the first place. This is a prime target. The same idiots who couldn't figure out how to avoid clicking on pop-ups and banner ads that said "FREE!!!" went to Apple. But they still never learned how to stop clicking on banner ads and pop-ups. I give Apples theoretical security lead 2 years tops.


Well..
By EnzoFX on 5/7/2009 6:08:36 PM , Rating: 1
It's not like my safety comes down to my selection in OS... I choose an OS for more important reasons, and choose to be safe by other means, i.e. antivirus, firewall, etc. etc...

I choose OS X




RE: Well..
By dare2savefreedom on 5/7/2009 10:24:20 PM , Rating: 3
It's not like my [desire to preserve freedom in the world] comes down to my selection in OS... oh wait YES it does.

I choose Linux!


Virii
By croc on 5/7/2009 6:12:53 PM , Rating: 3
My Sun box, running Solaris 10 and Netscape, needs no AV because it's inherently safe... Even safer than Macs! You have to love the 'security through obscurity' approach.




User and not platform error
By wvh on 5/9/2009 8:06:34 AM , Rating: 2
People have loved news stories with vague threats about OSX and Linux virus and worms infections for years already. While obviously any OS had, has and will have security problems – they're more similar than not in their structure, purpose and code after all – show me first a real large-scale OSX/Linux security disaster instead the media of warning us that "it's coming any day now".

Besides, for any platform, downloading cracked and backdoored versions of software is user error and not platform error. I'm not a Mac fan, but news stories about 5000 people downloading illegal software tells us nothing about the platform or its security. It only tells us that end-users are dumb. Which is hardly a news-worthy conclusion...




"Trojan virus?"
By mechBgon on 5/7/2009 10:57:06 AM , Rating: 1
Jason, if you want a catch-all term for malicious software, I suggest using the word "malware" instead of "virus," or taking the time to get the distinctions down between worms, trojans, viruses and exploits.




Macs are inherently safer.
By reader1 on 5/7/09, Rating: -1
RE: Macs are inherently safer.
By fyleow on 5/7/2009 10:13:57 AM , Rating: 5
A vertical monopoly does nothing to computer security. The attack vector is isolated solely to the operating system which operating system vendors have full control. NetBSD is more secure than OS X and it runs on commodity hardware without the need of a vertical monopoly.


RE: Macs are inherently safer.
By MrPeabody on 5/7/2009 10:17:28 AM , Rating: 5
Government-mandated Windows monopoly? Oh, you must be talking about this:

http://www.usdoj.gov/atr/cases/ms_index.htm

. . . though I think you may have mistaken a few of the details.


RE: Macs are inherently safer.
By Motoman on 5/7/2009 11:10:35 AM , Rating: 5
...here's your sign. They should issue them with Apple products...

Anyway, for the Nth time, there is one reason - and one reason only - why Macs have been "safer" than PCs when it comes to malware. That reason is because they are a marketplace failure.

I'm not going to bother getting exact statistics, because the proportions are way too out of whack to make a difference. Windows is ~95% of the personal computer market. Apple is ~5%, and somewhere in the ~0% you have Linux, SkyOS, and Bob's Pet Project.

When a would-be ha><or wants to cause some havok, the stated point is to cause havok...i.e. make a big impact. If you took down all the worlds Macs...well, who cares? 95% of the planet is unaffected. So no one in their right mind (granted that a hacker is in any right mind to begin with) would ever bother writing malware to target Macs - they are an insignificant target. Hence, essentially all malware is written to attack the only target of any value - Windows.

It is fully ironic that as Apple does indeed seem to be gaining more marketshare, they are gaining also the attention of malware creators. The blindness required by the Apple faith, which among other things includes the parables about Macs being immune to malware, has served no purpose other than to herd Apple users like sheep into one big kennel, totally unaware that they are utterly exposed and ready for slaughter.

Get it straight: Macs have not ever been "safer" than PCs. The truth is that Macs have never have enough significance to draw the attention of malware creators. Welcome to reality...we like to call this place "Earth."


RE: Macs are inherently safer.
By artemicion on 5/7/2009 1:39:41 PM , Rating: 2
This is 100% trolling, but . . .

quote:
It is fully ironic that as Apple does indeed seem to be gaining more marketshare, they are gaining also the attention of malware creators.


It's actually not fully ironic at all. (Well, I guess your assertion that it is ironic is ironic . . .) An ironic outcome would be one that is not expected. Increased attention from malware creators is the expected result of increased marketshare . . .

Now that I'm done being a jerk, I'll point out that even if the increased security of Mac OSX isn't necessarily deserved, in the sense that it's design isn't inherently better than Windows, the bottom line is that it *is* more secure because it has low market share, which is an asset (though admittedly not necessarly deserved).

Of course that doesn't at all address the fact that Macs are (imo) overpriced. But they are more secure. If I had infinite money and had to buy a computer for a tech-clueless friend, I'd buy a Mac simply because I know that it's less likely that someone would write malware for it because it has low marketshare. Or a linux machine, though I think everybody would agree linux is more cumbersome to use than OSX.


RE: Macs are inherently safer.
By Motoman on 5/7/2009 3:05:05 PM , Rating: 2
quote:
It's actually not fully ironic at all. (Well, I guess your assertion that it is ironic is ironic . . .) An ironic outcome would be one that is not expected. Increased attention from malware creators is the expected result of increased marketshare . . .


...sigh. Can't argue with that, as I failed to properly structure my irony...

The point I was trying to get across is that Apple's "safeness" has always been a side-effect of their lack of success - and yet, the "safeness" has perpetually been touted as a main feature. Now that Apple is slowly becoming less of a failure, their "safeness" is dwindling. There's irony in there somewhere...I'm sure of it.


RE: Macs are inherently safer.
By artemicion on 5/8/2009 1:02:42 AM , Rating: 2
Ah I see what you were trying to say. Yes, that is ironic.

But, (and this might be a stretch), maybe Apple is doing it on purpose. This is totally speculation on my part, but maybe Apple says to themselves, we're going to overprice our hardware so less people buy it, that way we can build a rep for being "secure". Sure, we don't move as many machines as HP or Dell do, but we pull in more profit per machine so in the end we make a good amount of money.

It'd be an ingenious little business plan - focus on chic and "secure" (albeit a false sense of security). Who cares if you're catering to the computer illiterate if you're raking in $1,000 per Macbook Pro?


RE: Macs are inherently safer.
By yomamafor1 on 5/7/2009 1:03:13 PM , Rating: 5
First of all Macs are NOT inherently safer. Mac OSX was the first OS to be cracked at the Black Hat convention, followed by Windows Vista.

Secondly, vertical integration has nothing to do with increased safety, but rather reduced cost. This is very ironic because Macs are actually MORE expensive than the PC.

Trolling much?


RE: Macs are inherently safer.
By mondo1234 on 5/7/2009 2:14:34 PM , Rating: 2
I think that they couldn't get any of the machines to drop on day one. On day two the Mac dropped because of an exploit in safari, Vista dropped on day three because of flash.
I dont know if they ever got the Linux (Ubuntu?) machine to drop.


RE: Macs are inherently safer.
By MRwizard on 5/8/2009 6:03:25 AM , Rating: 1
No, no black or white hat hacker in the world wants to spoil the "security" of an open source OS


RE: Macs are inherently safer.
By omglol on 5/7/2009 3:32:30 PM , Rating: 1
Pirks? Is that you?


“So far we have not seen a single Android device that does not infringe on our patents." -- Microsoft General Counsel Brad Smith














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki