backtop


Print 117 comment(s) - last by JKflipflop98.. on Nov 6 at 8:52 PM


Mac users are now at risky of getting a nasty virus.  (Source: Listmania)

If it you approve, you are a sad noob, and your Mac is infected.  (Source: Intego)
Mac: Hi PC, I'm not feeling so hot today... PC: Oh, I know ALL about that. I think you have a virus!

Security experts by and large agree that security via obscurity is not a wise model for protecting customers over the long term.  That's exactly the model Apple has employed successfully for some time now.  However, its luck finally appears to be running short.

Hot on the heels of a newly discovered iOS exploit that allows access to locked iPhones, new reports [1] [2] from security research firms 
SecureFirm and Intego reveals that a new trojan is targeting Mac users using a vulnerability in OS X's Java player.

According to the 
Intego report the new malware, trojan.osx.boonana.a, is really a reworked version of the Koobface malware, which has attacked Windows in the past.  The malware acts as a worm when it spreads and as a trojan when it is infecting your computer.

Users may encounter the worm via links posted on Facebook, MySpace, Twitter, and other websites.  When clicking the link, the applet attempts to run.  Users can stop the infection before it starts by denying the applet permission to run when OS X's Java player pops up a dialogue.

If they allow the applet to run, they may get another warning if they have a Mac antispyware program like VirusBarrier X6’s Anti-Spyware installed.  If they don't get the warning, or choose to disregard it, the applet will attempt to make a connection with a remote server and installs a rootkit, backdoor, command and control, and other elements.  These files are copied to an invisible folder -- .jnana -- in the user's home directory.

If the virus is allowed to carry out its infection process, the unsuspecting Mac user may find themselves part of a botnet.  When they log on social networks, the virus will post links to spread the infection.  It may also send spam e-mail via their logged-in accounts

Other variants of this virus target Windows and Linux, making it a rare true cross-platform virus.  All these viruses share the fact that they use the Java player as a route of attack.  According to 
Intego, other OS X-specific versions of the virus have shown up, but most are broken or try to connect to offline servers.

The malware could become potentially more dangerous in the future if it is able to eliminate the warnings from the Java player and/or change the name/location of the infection directory, making it hard for virus removal software to find it.

While it does not appear that this virus takes advantage of any unique flaws in Apple's version of Java, some security experts say that Apple's Java player may have more vulnerabilities than Window's.  That's because Apple makes its own Java player, which according to an e-mailreportedly attributed to Apple Chief Executive Steve Jobs, is always a version behind the official Linux/Windows builds from Sun and Oracle.

Apple is reportedly considering ditching its Java player in future versions of OS X, such as OS X 10.7 "Lion".  Similarly it's considering rejecting Flash, another multimedia web technology.  Ultimately these efforts may eliminate some routes of attack, but now that Apple is being targeted it must realize -- there is 
always a back door.

 



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: More pleasing fantasies for the truly insecure
By testerguy on 10/28/2010 12:09:14 PM , Rating: -1
quote:
Give me a little while and i'll get one infected just for you.


Give ME a little while and I'll show you that you still haven#t got one infected, just for tony.

quote:
talk about a false sense of reality... Windows isn't perfect, we all get that... you apparently are having trouble understanding that neither is your candy coated mac!


Talk about a huge sense of insecurity. Nobody is claiming OSX is perfect. The simply fact is that it's more secure than Windows. Whether that's due to the fact that it's less of a target or not, is irrelevant. It's still less prone to be the subject of viruses.

quote:
for now... but will it remain that way forever?


Do you know the answer to this question? For any platform? No. Most irrelevant point of the day.

quote:
i disagree. removing software from a device because your device can't handle it is not a feature. again i should have the choice to install it!


I agree that it isn't a feature not to have flash, and there should be an option to turn it on. It is also, however, not due to the inability of the device to handle it. It is rather, due to the fact that the use of flash on any device impacts on performance and battery life in an unacceptable way.

quote:
i'm posting this from a macbook pro running osx 10.6.

quote:
The macbook is my work computer because we actually support about 150 of them along side our windows 7 support. I elected to assist in the mac side of the support because i and one of my coworkers know the most about them


Well, what a ridiculous coincidence. You know the 'most' about macs whilst also believing all of the criticisms you stated above, I wonder where you gained such knowledge. Surely you didn't gain that knowledge by not buying such inferior products? What does that say about your decisions? Or more accurately, about your honesty. It just so happens that you managed to claim the one scenario in which you could be using a Mac without actually having purchased it. Hmmmm.

I too prefer Windows to OSX, but really I feel ashamed to be associated with a lot of people on here who have such an unnatural hatred for all things Apple. Your inability to face the facts that Windows has more of a threat of viruses than OSX is not because you actually believe it, but because you're so insecure about people who choose to use Apples that you have to go out of your way to criticise. Look at all the posts on here, people overjoyed that a virus has the potential to infect a system. Wow, happy days.

It's tragic really.


By Luticus on 10/28/2010 12:44:22 PM , Rating: 3
quote:
Give ME a little while and I'll show you that you still haven#t got one infected
working on it... i'll let you know when/if it gets infected and the steps to remove it. Just gotta find a test machine that i can image. I'll probably get it done after work if my "workload" permits.

quote:
Nobody is claiming OSX is perfect.
HAH, talk to tony and many more like him/her for about 5 seconds....

quote:
The simply fact is that it's more secure than Windows
i disagree, the ONLY thing "more secure" about mac (if this even still counts) is that it's based on bsd and thus has a stronger security model by default than windows, windows is made the flawed structure go away with the introduction of UAC which emulates the linux/unix root/user account privileged system.

quote:
It's still less prone to be the subject of viruses
nobody is arguing that windows doesn't get more viruses... that's unanimously true.

quote:

Do you know the answer to this question? For any platform? No. Most irrelevant point of the day.
trends in the iphone/ipod/ipad world are pointing to the fact that apple is moving toward this. It could be incorrect but i wouldn't put it past them.

quote:
due to the fact that the use of flash on any device impacts on performance and battery life in an unacceptable way.
if you run flash on an "as needed basis" like i do on my windows phone then the impact is not nearly as bad.

quote:
Well, what a ridiculous coincidence. You know the 'most' about macs whilst also believing all of the criticisms you stated above, I wonder where you gained such knowledge.
i got my skills with mac from a combination of virtualization, linux/unix knowledge that i apply to the mac platform, a friend who owns a mac which i used to study the platform, and through demoing mac computers at mac stores. Among other places, not to mention i have this uncanny ability to "read"... and there are plenty of places on the internet with mac documentation.

quote:
Surely you didn't gain that knowledge by not buying such inferior products? What does that say about your decisions? Or more accurately, about your honesty.
To date i have owned/posessed only 2 devices made by apple. the first was an ipod shuffle that was given to me for christmas which broke a long time ago (it was a software problem that i quit fixing, no i did not sabotage it) and the second is my current macbook pro that i did not, nor ever would, pay for. As for my honesty, i think that i'm fairly honest about my knowledge/skills/devices owned.

quote:
i don't hate apple devices, i hate the smug customer base and it's lie driven marketing... granted the marketing aspect seems to be going away now.

quote:
Look at all the posts on here, people overjoyed that a virus has the potential to infect a system
i am not overjoyed that a virus has the potential to hurt people or their systems, i was overjoyed that there may have been some slight chance these smug pricks who think their overpriced computers are better than mine because theirs were build by apple's outsourcing and mine was built by me and runs windows...

I am currently in the process of testing this virus and hopefully will be able to develop a fix or at least a guide on detection and removal if it warrants it.

quote:
You know the 'most' about macs whilst also believing all of the criticisms you stated above

I am a regular user of many different operating systems to include all windows 7 and below, windows server 2003 - 2008, debian, fadora, kubuntu, ubuntu, mandriva/mandrake, mint, osx .0 - .6, windows mobile, and ios... the criticisms i stated anywhere on here (besides where i'm being clearly sarcastic just to get a few laughs) are not something i just believe, but know to be 100% true. There are just as many issues regarding mac as there are windows. they might be about different things but there are issues none-the-less, that much i can assure you of.

i have no hate for my macbook pro, i just prefer Windows/Debain to it 100%.

Say what you like... unless you're a tech who knows his stuff you won't stand a chance at discrediting me, and if you are a tech who is in fact good and well informed about all of these platforms then you'll know by reading my posts my credentials are in order. I don't like to brag but i live on all things technology. If you want to argue history you'd probably win, but if there's one thing i know it's computer tech.


By INeedCache on 10/29/2010 10:03:16 AM , Rating: 1
"Talk about a huge sense of insecurity. Nobody is claiming OSX is perfect. The simply fact is that it's more secure than Windows. Whether that's due to the fact that it's less of a target or not, is irrelevant. It's still less prone to be the subject of viruses."

Do you realize just how nonsensical that statement is? You're saying it's more secure than Windows, yet the fact that it's much less of a target is irrelevant. The fact that it's much less of a target is TOTALLY relevant, as without it being on about equal footing as far a marketshare and being targeted, you, nor anyone else, can back up the claim it's more secure than Windows.

You also mention an unnatural hatred amongst some for all things Apple. That may be. But you should also then mention the unnatural feeling of superiority most Apple users exhibit toward any and all competitors. People overjoyed that a computer could get infected? Well, what do you expect when the Apple Kool-Aid gulpers weigh in on any and every article regarding Windows infections with their typical superior, smug attitude "It can't happen to us." It certainly CAN happen to them. Forgot to mention that. Or do you expect human nature to be one-sided?

Is OSX more secure than Windows 7? You can believe and claim whatever you wish. But the FACT is we will never know, as it will never come close to achieving the market share necessary for even a loose comparison. If you believe otherwise, your illogic is even worse than displayed here in this more or less laughable diatribe.


"The Space Elevator will be built about 50 years after everyone stops laughing" -- Sir Arthur C. Clarke














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki