experts by and large agree that security via obscurity is not a wise
model for protecting customers over the long term. That's
exactly the model Apple has employed
successfully for some time now. However, its luck finally
appears to be running short.Hot on the heels of a newly
discovered iOS exploit that allows access to locked iPhones,
new reports   from
security research firms SecureFirm and Intego reveals
that a new trojan is targeting Mac users using a vulnerability in OS
X's Java player.According to the Intego report
the new malware, trojan.osx.boonana.a, is really a reworked version
of the Koobface malware, which has attacked Windows in the past.
The malware acts
as a worm when it spreads and as
a trojan when it is infecting your computer.Users
may encounter the worm via links posted on Facebook, MySpace,
Twitter, and other websites. When clicking the link, the applet
attempts to run. Users can stop the infection before it starts
by denying the applet permission to run when OS X's Java player pops
up a dialogue.If they allow the applet to run, they may get
another warning if they have a Mac antispyware program like
VirusBarrier X6’s Anti-Spyware installed. If they don't get
the warning, or choose to disregard it, the applet will attempt to
make a connection with a remote server and installs a rootkit,
backdoor, command and control, and other elements. These files
are copied to an invisible folder -- .jnana -- in the user's home
directory.If the virus is allowed to carry out its infection
process, the unsuspecting Mac user may find themselves part
of a botnet. When they log on social networks, the virus
will post links to spread the infection. It may also send spam
e-mail via their logged-in accountsOther variants of this
virus target Windows and Linux, making it a rare true cross-platform
virus. All these viruses share the fact that they use the Java
player as a route of attack. According to Intego,
other OS X-specific versions of the virus have shown up, but most are
broken or try to connect to offline servers.The malware could
become potentially more dangerous in the future if it is able to
eliminate the warnings from the Java player and/or change the
name/location of the infection directory, making it hard for virus
removal software to find it.While it does not appear that
this virus takes advantage of any unique flaws in Apple's version of
Java, some security experts say that Apple's Java player may have
more vulnerabilities than Window's. That's because Apple makes
its own Java player, which according to an
e-mailreportedly attributed to Apple Chief Executive Steve Jobs,
is always a version behind the official Linux/Windows builds from Sun
and Oracle.Apple is reportedly considering ditching its Java
player in future versions of OS X, such as OS X 10.7 "Lion".
Similarly it's considering
rejecting Flash, another multimedia web technology.
Ultimately these efforts may eliminate some routes of attack, but now
that Apple is being targeted it must realize -- there is always a
quote: "My Apple product makes me morally superior to everyone who doesn't have one. Press 'like' to be inadvertently infected with a virus that you're just too cool to be bothered with."
quote: We would even say that today, the Windows operating system is more secure than Mac
quote: Mac users warned of growing virus threathttp://news.techworld.com/security/3245158/mac-use...There are now 5,000 ‘strains’ of malware that target the Mac and the company says it is seeing 500 new Mac-specific samples appearing every month.“We would even say that today, the Windows operating system is more secure than Mac , simply because Microsoft has been working proactively on security for many years,” he added
quote: My aunt's two year old MBP was infected a few months ago, with what I don't know.
quote: Nobody has any evidence that that any mac has been infected with malware.
quote: An argument is put forward that it's because of low market share and thus Macs are difficult to find and not knowing any Mac users so infections are hard to spot.
quote: The fact is that as long as you avoid evidence you can claim anything is true or not true. I prefer the real world and empirical evidence based reasoning, call me old fashioned.
quote: There is no evidence of actual Mac infections.
quote: There is evidence of millions of Windows PCs being infected.
quote: End of story.
quote: Surely Tony is a troll?
quote: hey have the cheek to point the finger at everyone else in order to take the focus off of the weaknesses in Windows and to take umbrage when someone points out the security short comings of their chosen OS.
quote: he gets hit by a bus
quote: I just love Windows fans. They run an OS - out of choice - that is so insecure that it has spawned and continues to nourish a vast world wide industry making malware and they have the cheek to point the finger at everyone else in order to take the focus off of the weaknesses in Windows and to take umbrage when someone points out the security short comings of their chosen OS.
quote: I think it occurred without the users knowledge before apple released a security patch, now it will pop up a warning showing you there is an unauthorized applet trying to run
quote: With OSX you are almost always running as root, but just like nix, you have to enter your password for most things that alter anything at the system level.
quote: you can make X+X=80085 regardless what X is.
quote: by Luticus on October 28, 2010 at 9:57 AMSpeaking of burning sensations...To everyone out there who paid for a mac: that burning sensation you feel in your anus right now... don't worry about it, it's just Jobs pulling out and putting on a condom so he can finish up... ya know, he doesn't want to get infected and all.:-)Oh man, this is too much fun.
quote: Users can stop the infection before it starts by denying the applet permission to run when OS X's Java player pops up a dialogue. . . If they allow the applet to run. . .While it does not appear that this virus takes advantage of any unique flaws in Apple's version of Java...
quote: It's one of those days again. A supposed security threat appears, and the internet loses its collective brain and starts panicking like Alpha and Omega's kingdom come. This time around, it's a trojan horse thing (it's a trojan, worm, and root kit all in one, though) that targets Mac OS X and Windows. As it turns out, though, the threat this thing poses is not very large (at this point in time).The original report comes from SecureMac, which warns Mac OS X users of a trojan horse called Boonana. It supposedly spreads via links on social networking sites (worm), so for instance clicking a link would take you to a website which executes a Java applet (trojan). This applet would download an installer which, SecureMac claims, modifies system files to bypass the system's password. After that, it acts like a rootkit. It runs upon startup, loads up local web and IRC servers, joins a botnet, employs a DNS changer, and a bunch of other stuff.The problem is that while SecureMac claims that the attack is completely silent, without any user intervention or password dialogs, Intego claims the contrary. In their report, they say the initial Java apple portion throws up a nice Java warning cancel/allow dialog, meaning everything works as intended and the threat level of this attack is low.A side note from Intego is that they claim the malware is 'broken' or downloads the wrong files, implying that the attack could technically work silently without throwing up dialogs, but just not right now. My personal opinion is that since both claims come from security vendors, we should probably unpanic, make a nice cup of tea, and go about our daily lives.Want to be safe? Uninstall Java, disable it, whatever. What on earth are you using it for anyway in your web browser? Oh, and also, this is a cross-platform attack and works on Linux and Windows too (although it probably throws up warning dialogs there, too), but heck, "ZOMG EXPLOITROOTKIT MAC OS X LOLOL!!1!1!" draws in the crowds more. Alas.
quote: Its a Java exploit that is theoretically cross platform.
quote: there are no reports of any Mac or Mac user actually being compromised
quote: security companies trying to frighten Mac users
quote: in order to be theoretically comprised a Mac user would have to give permission
quote: A side note from Intego is that they claim the malware is 'broken' or downloads the wrong files
quote: Apple is in the process of dumping Java and is well into the process of dumping Flash. Both are crap and both will not be missed.
quote: I should be able to install whatever i want on my own computer. I will not be told what i can and can not install by jobs or anyone else. Doing away with java and flash is retarded and shouldn't be job's choice to make. If they don't want to put it on by default that's one thing but block me from installing it is insane!
quote: It's Windows that is the security disaster and not Mac.
quote: lol, are you basing that off of anything? Or do you simply mean to say that since Windows was at one point insecure that it is just as, and always will be, insecure?Try reading up on the latest news.http://lifehacker.com/5518787/famous-hacker-calls-... / http://www.neowin.net/news/hacker-says-windows-is-...http://www.tomshardware.com/news/hack-windows-secu...Then we have articles likehttp://www.eweek.com/c/a/Security/Why-Is-the-Mac-O...where the author gives no evidence of the code in OSX being more secure than Windows, just false arguments like "OSX disables services that may allow for vulnerability", which I hope I don't have to explain how that is not better security.
quote: show me an example of a single mac that has been compromised
quote: Windows that is the security disaster and not Mac
quote: You can install Flash and Java on your Mac
quote: No Flash on the iPhone and iPad is feature not a bug.
quote: If you don't own Apple products why are you getting in a such a froth
quote: if you do own Apple products I assume it's because you want to
quote: Either way please stop whining.
quote: Give me a little while and i'll get one infected just for you.
quote: talk about a false sense of reality... Windows isn't perfect, we all get that... you apparently are having trouble understanding that neither is your candy coated mac!
quote: for now... but will it remain that way forever?
quote: i disagree. removing software from a device because your device can't handle it is not a feature. again i should have the choice to install it!
quote: i'm posting this from a macbook pro running osx 10.6.
quote: The macbook is my work computer because we actually support about 150 of them along side our windows 7 support. I elected to assist in the mac side of the support because i and one of my coworkers know the most about them
quote: Give ME a little while and I'll show you that you still haven#t got one infected
quote: Nobody is claiming OSX is perfect.
quote: The simply fact is that it's more secure than Windows
quote: It's still less prone to be the subject of viruses
quote: Do you know the answer to this question? For any platform? No. Most irrelevant point of the day.
quote: due to the fact that the use of flash on any device impacts on performance and battery life in an unacceptable way.
quote: Well, what a ridiculous coincidence. You know the 'most' about macs whilst also believing all of the criticisms you stated above, I wonder where you gained such knowledge.
quote: Surely you didn't gain that knowledge by not buying such inferior products? What does that say about your decisions? Or more accurately, about your honesty.
quote: i don't hate apple devices, i hate the smug customer base and it's lie driven marketing... granted the marketing aspect seems to be going away now. quote: Look at all the posts on here, people overjoyed that a virus has the potential to infect a system i am not overjoyed that a virus has the potential to hurt people or their systems, i was overjoyed that there may have been some slight chance these smug pricks who think their overpriced computers are better than mine because theirs were build by apple's outsourcing and mine was built by me and runs windows...I am currently in the process of testing this virus and hopefully will be able to develop a fix or at least a guide on detection and removal if it warrants it. quote: You know the 'most' about macs whilst also believing all of the criticisms you stated above I am a regular user of many different operating systems to include all windows 7 and below, windows server 2003 - 2008, debian, fadora, kubuntu, ubuntu, mandriva/mandrake, mint, osx .0 - .6, windows mobile, and ios... the criticisms i stated anywhere on here (besides where i'm being clearly sarcastic just to get a few laughs) are not something i just believe, but know to be 100% true. There are just as many issues regarding mac as there are windows. they might be about different things but there are issues none-the-less, that much i can assure you of.i have no hate for my macbook pro, i just prefer Windows/Debain to it 100%.Say what you like... unless you're a tech who knows his stuff you won't stand a chance at discrediting me, and if you are a tech who is in fact good and well informed about all of these platforms then you'll know by reading my posts my credentials are in order. I don't like to brag but i live on all things technology. If you want to argue history you'd probably win, but if there's one thing i know it's computer tech.
quote: Look at all the posts on here, people overjoyed that a virus has the potential to infect a system
quote: You know the 'most' about macs whilst also believing all of the criticisms you stated above
quote: This does not take away from the fact that it's still a mac exploit.
quote: should be able to install whatever i want on my own computer. I will not be told what i can and can not install by jobs or anyone else. Doing away with java and flash is retarded and shouldn't be job's choice to make. If they don't want to put it on by default that's one thing but block me from installing it is insane!
quote: Actually, it's a user exploit. In fact, it doesn't even work correctly on many Macs. It doesn't do anything unless the user allows it and enters an administrator password so it can install. It's classic social engineering. A trojan that tries to trick the user into installing it. Nothing more, nothing less.
quote: Jobs isn't choosing for you, they're just choosing not to install it for you. You're free to install Flash and Java yourself if you choose. No one is blocking you from installing it. Pure FUD.
quote: MS Windows doesn't install either one for you, you have to go install it yourself. Linux doesn't install flash for you, and may or may not install Java.
quote: You're welcome to hate Apple/Jobs, just quit spouting inaccurate info and FUD.
quote: See ipod, iphone, ipad... now there's talk of a mac store opening up for the mac computers. If they go completely to a mac store for software distribution on the mac then how long until you "can't" install it. As i stated above, this is a growing trend with apple and while this might not ever become a reality i certainly wouldn't put it passed them.
quote: my point is that these types of viruses will only get worse from here on...
quote: if you want to stay in a sugar coated bubble, or frolic in a meadow of denial... fine.
quote: I don't like the way that apple does business sometimes and i don't particularly care for the amount of control i feel apple/jobs have over what i can and can't do with the computer/devices i paid for. seeing as this exact thing has been a reoccurring theme in just about every apple/mac article I've read in the last year or two i really don't think this statement is too far off.
quote: They won't lock down the Mac the way they have iOS devices.
quote: nothing objectively significantly better or worse as far as business practices go.
quote: I'm glad Apple switch to x86 based systems 4 years ago
quote: Apple recommends AV software for Mac OS X
quote: If you understand that windows has it's place and that people are morons for choosing it then ever better!
quote: This should read: If you understand that windows has it's place and that people are NOT morons for choosing it then ever better! :-)