backtop


Print 117 comment(s) - last by JKflipflop98.. on Nov 6 at 8:52 PM


Mac users are now at risky of getting a nasty virus.  (Source: Listmania)

If it you approve, you are a sad noob, and your Mac is infected.  (Source: Intego)
Mac: Hi PC, I'm not feeling so hot today... PC: Oh, I know ALL about that. I think you have a virus!

Security experts by and large agree that security via obscurity is not a wise model for protecting customers over the long term.  That's exactly the model Apple has employed successfully for some time now.  However, its luck finally appears to be running short.

Hot on the heels of a newly discovered iOS exploit that allows access to locked iPhones, new reports [1] [2] from security research firms 
SecureFirm and Intego reveals that a new trojan is targeting Mac users using a vulnerability in OS X's Java player.

According to the 
Intego report the new malware, trojan.osx.boonana.a, is really a reworked version of the Koobface malware, which has attacked Windows in the past.  The malware acts as a worm when it spreads and as a trojan when it is infecting your computer.

Users may encounter the worm via links posted on Facebook, MySpace, Twitter, and other websites.  When clicking the link, the applet attempts to run.  Users can stop the infection before it starts by denying the applet permission to run when OS X's Java player pops up a dialogue.

If they allow the applet to run, they may get another warning if they have a Mac antispyware program like VirusBarrier X6’s Anti-Spyware installed.  If they don't get the warning, or choose to disregard it, the applet will attempt to make a connection with a remote server and installs a rootkit, backdoor, command and control, and other elements.  These files are copied to an invisible folder -- .jnana -- in the user's home directory.

If the virus is allowed to carry out its infection process, the unsuspecting Mac user may find themselves part of a botnet.  When they log on social networks, the virus will post links to spread the infection.  It may also send spam e-mail via their logged-in accounts

Other variants of this virus target Windows and Linux, making it a rare true cross-platform virus.  All these viruses share the fact that they use the Java player as a route of attack.  According to 
Intego, other OS X-specific versions of the virus have shown up, but most are broken or try to connect to offline servers.

The malware could become potentially more dangerous in the future if it is able to eliminate the warnings from the Java player and/or change the name/location of the infection directory, making it hard for virus removal software to find it.

While it does not appear that this virus takes advantage of any unique flaws in Apple's version of Java, some security experts say that Apple's Java player may have more vulnerabilities than Window's.  That's because Apple makes its own Java player, which according to an e-mailreportedly attributed to Apple Chief Executive Steve Jobs, is always a version behind the official Linux/Windows builds from Sun and Oracle.

Apple is reportedly considering ditching its Java player in future versions of OS X, such as OS X 10.7 "Lion".  Similarly it's considering rejecting Flash, another multimedia web technology.  Ultimately these efforts may eliminate some routes of attack, but now that Apple is being targeted it must realize -- there is 
always a back door.

 



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: More pleasing fantasies for the truly insecure
By Tony Swash on 10/28/2010 11:53:56 AM , Rating: -1
quote:

lol, are you basing that off of anything? Or do you simply mean to say that since Windows was at one point insecure that it is just as, and always will be, insecure?

Try reading up on the latest news.
http://lifehacker.com/5518787/famous-hacker-calls-... / http://www.neowin.net/news/hacker-says-windows-is-...
http://www.tomshardware.com/news/hack-windows-secu...

Then we have articles like
http://www.eweek.com/c/a/Security/Why-Is-the-Mac-O...
where the author gives no evidence of the code in OSX being more secure than Windows, just false arguments like "OSX disables services that may allow for vulnerability", which I hope I don't have to explain how that is not better security.


Lots of hypothesis and no evidence equals piss poor reasoning.

I notice still no evidence of actual macs getting actually infected whilst the web is awash with voluminous evidence of actual windows PCs getting actually infected.

We can argue about the whys and wherefores forever but the simple fact is that Windows PCs gets infected in their millions while Macs don't. If you think that statement is untrue please do offer some evidence about actual infection rates and patterns to contradict it.


By Luticus on 10/28/2010 12:09:59 PM , Rating: 2
I'm in the process of finding a test machine now that i can infect.


By inighthawki on 10/28/2010 12:16:57 PM , Rating: 2
So you're saying that some of the lead security experts who develop hacks for a living don't count as a valid reference? Wow, what are you expecting, a complete run down of each OSs source code and analysis by a dozen third parties?


By gamerk2 on 10/28/2010 12:31:35 PM , Rating: 3
Your statement is provablly false: My sisters Mac got infected.

Your argument also ignores the fact there are 10x the Windows PCs on the market; of COURSE they will have more PC's infected by some virus or another. Likewise, PC's, having the larger user base, is a far more tempting target for people creating viruses.

Now that Macs are gaining share, combined with their piss-poor anti-virus measures, you will see Macs get exploited far more. I'm saying this as a programmer who regularlly attends confrences where your precious platform is laid open for us to play with. Macs have about as much security today as Windows ME had when it released. The only difference is that the people who create viruses tend to ignore your platform. That doesn't make it safe.


By fsardis on 10/28/2010 1:05:57 PM , Rating: 3
http://www.theregister.co.uk/2010/10/28/adobe_read...

oh so much fun... this one is cross platform too and unpatched.
so if OSX is so superior, how come it is not immune?


"You can bet that Sony built a long-term business plan about being successful in Japan and that business plan is crumbling." -- Peter Moore, 24 hours before his Microsoft resignation














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki