Miscreants have released a sophisticated Trojan into the wild that targets Mac users, according to Intego, a company that markets security software that runs on OS X. The malicious Trojan, dubbed OSX.RSPlug.A, is making the rounds on several porn websites. When Mac users try to view some videos, the site feeds them a page that …
Balmer is probably behind this...
Fortunately for Mac owners there is a very simple way around this vicious and devastating attack.
Simply install a program called Boot Cap.
Boot Cap is very clever because it literally Boots out the security plagued OSX operating system and places a Cap over it -- Windows!
From then on you can enjoy stable, secure, efficient, beautiful, innovative, cool, fast, compatible and cost effective Vista like the rest of the grown ups in the world of computing.
Social engineering, or cyber-Darwinism?
Well, I always make a point of entering my admin password at the request of a porn site pop-up.
OS X, Linux or Windows - If you are daft enough to fall for this, you deserve everything you get.
Just In Time
Our business just got a request from marketing for a Mac, the first we'll try out. It's comforting to know that malware is out there for them as well. Thanks!
So where's the completely unwarranted crowing from Windows fans and the equally invalid "it doesn't really count because (fill in specious reasoning here)" replies from the Mac cult?
Cue flame war in ...3...2..1
Suggesting that Mac users are as dumb as Windows users just makes me visualize the I'm a Mac/PC guys telling yo mama jokes.
What's that I hear?
Is that the galloping hooves of irony? (yes, anthropomorphised, irony is a horse)
Having Mac fanbois crow about not having a full user-base despite soooo safe. They now have a larger base, and look what's happened.
It shows yet again that all platforms have *some* kind of hole and that the scum out there who write this are just playing the numbers. Except now, your OS doesn't have the history and pedigree of AV programs that Windows does.
Congratulations. You became a statistic. I'm going to go horse riding.
The weakest point...
of any system is the user sadly. Those pathetic meat bags are a real security hazard, surprised Symantec not tried marketting a straight jacket as a universal firewall againt possible human judgement attacks. Although installing anything by Norton falls in that same category.
As the others have said though, odd we haven't had the usual fanboi comments yet...or are they all busy downloading some new codec for Quicktime to see the latest Jobsy porn :P
Bring on our lizard over lords to protect the world from those terrible meat bags infecting the world!
Bad news for Gates and his bank manager...
Mac popularity is gaining enough that moreand more people are bothering to code malware for it.
However, its when there are peices of malware specifially targetting Ubuntu too that Gates will really have to admit he's lost the monopoly and needs to start being nice to his customers again.
wow, some of you folks in the mac camp are really worked up over this... And some are actually seem disappointed that the M$ purists aren't making a bigger stink over a trojan exclusively written for Mac's that prey on peoples most basic weaknesses: the never ending quest for something for nothing combined with unwarranted trust.
I'm also surprised that the *nix folks aren't in here poking fun at the other two sides just for the lack of something else better to do.
As for me, I have taken the philosophy that any technologically advanced society is only as strong as it's laziest programmer, hardware manufacturer or service provider. To translate, if builders built buildings the way the computer industry is cranking out hardware, software and services, the next woodpecker that comes along is going to destroy civilization as we know it.
I really wish I could take credit for that line but sadly I read it somewhere but can't remember who the source is...
What a Windiot... (TM)
...the damned word is "crontab" as in cron(8) tables. I know it's probably a typo (yes, I have Cumberland sausage fingers too), but I really think that it's worth pointing out so that anyone on a Mac box can launch the console and type man crontab to find out what the hell we're all talking about and maybe even learn how to get things out of the crontabs for themselves.
Now, even if Microsoft Windows' days as the dominant OS are numbered, which I sincerely doubt at this point, it looks like it's business as usual for VXers. Of course, that also means SNAFU for us.
I hope Apple have learned a valuable lesson from this: Make something too simple (such as auto-installing software via the browser) and you get smegups like this creeping in because you're actively discouraging thought on the part of the user. EXACTLY the same mistake MS made and continues to be punished for, for example by people disabling UAC on Vista because they don't (and, at this late stage in the game, don't want to) understand why or how, they want it to Just Work [TM] because Microsoft have them trained not to think.
It's PEBKAC, pure and simple, although the blame doesn't solely rest upon the luser in between.
The only news there is
...that it's in the wild.
This is however not a security vulnerability. Should OSX prevent any changes to TCP/IP settings outside it's own network preferences GUI?
It already prompts up a security prompt asking for the admin level password - (with a handy note of who is requesting what priviledge) - I'm curious, what more should OSX do?
Re: What's that I hear?
"(yes, anthropomorphised, irony is a horse)"
But then it would be "equomorphised", surely...
Re: the article, I am not part of that user base you refer to, but... It seems like you didn't read the article. Not even the title? I mean, a Trojan (title says it is one, and article confirms) is a program that needs user intervention to act, tricking you into thinking the program does something you want but etc., kinda like the Greek story. Therefore, no hole here (I'm sure there must be holes elsewhere). Just stupid people running something they shouldn't -- can happen anywhere, as already pointed out. It's not like this is a Windows worm that gets automatically installed in your machine within minutes of you getting online unless you spend hours armoring it... I suspect we are still waiting for that type of treat for Macs. (or is it here already too?)
Malware will always exist, no matter what platform.
The thing is, the user is the weakness. Any platform capable of running custom software will be capable of having at least some form of malware for it, no matter what the OS developer does. Whether a laptop, a desktop, a PDA or a mobile phone.
Even if they lock the user out of the system files to prevent damage, by far the most important thing on the computer is the user's files. Those can by definition be accessed by the user, and damaged by anything running as the user. So a program doesn't necessarily need root/system access to do harm.
echo "The system needs your password for important maintenance"
sudo rm -rf /
Link to Porn site please
I would like to verify this for myself.
And, look a naked women.
can we have a link to one or more of these porn sites please?
Bwah ha ha ha ha Macs + Porn ... FIGURES! Bwah ha ha ha ha ...
We all know that MacDroids spend all day on the porn sites with their "safe macs" ...
This is TOO FUNNY!!!
Abdul Omar (Relax)
You probably think you're very funny and clever, but you aren't.
1) It's called Boot CAMP, not Boot Cap
2) Vista is far less secure than OSX is.
If you want to know how secure Windows is, DO NOT ask Microsoft. Do you REALLY think they'd say "Vista is a piece of crap", even if it really is? Of course not.
Incidentally, Vista IS a piece of crap...
That'd be Boot Camp, mate, not Boot Cap (whatever one of those is). Your last paragraph is hilarious.
So, let me get this straight: the idea is to trick users into installing malicious software? Wow, that's genius. People have been doing that for years, to Mac and PC users alike. This is news when it can be done without my knowledge.
Re: Just In Time
> "it doesn't really count because (fill in specious reasoning here)"
Well it doesn't really count because if someone goes to a pr0n site, is presented with a dialog to install some software and proceeds to install, then that person is a little "funny in the head" as the saying goes..
I'm fairly sure that the "Boot Cap" comment was a joke...?
it does seem to me that asking users to install some software that knackers their machine -- even going so far as to trigger the Operating System's built-in "Woah, this could be dangerous, best ask for the Admin password to make sure this user knows what they're doing"-mechanism -- is pretty feeble. What happened to Boot Sector viruses on copied floppy disks? Now, they were clever, and genuinely difficult to avoid.
It's depressing, though, to see the Comments section even on a grown-up site like The Register descend so rapidly into the usual foaming rants about "fanbois" and virtriol towards other users/platforms. Maybe we've not moved on that far from the Amiga/Atari days after all.
Where's the story?
The only news here, is that the story highlights the stupidity of PC users who don't seem to know what Trojan is, or even grasp the concept of administrative rights and how they should be kept safe.
Of course most Mac users probably have girlfriends or successful lives anyway which lessens their need for porn site visits in the first place.
Maybe you could use the spare 'r' out of crontrab then it'd become Boot Crap.
Social engineering indeed...
Well, as everyone knows, Mac users are MASSIVE wankers. So it's not surprising that the trojan writers would target them with pr0n.
@Abdul encore une fois..
Abdul, old chum:- Youve missed a letter out: it's not BOOT CAP , it is BOOT CRAP since it allows you to boot a lovely Mac into what is basically festering donkey droppings.
Cheers, old boy,
Arseplug? What kind of website was this anyway. a gay one?
Can we therefore surmise that MACs tend to attract more gays than Winboxes?
Going to have to start using Lynx for porn!
Happy to oblige...
Quote: "I'm also surprised that the *nix folks aren't in here poking fun at the other two sides just for the lack of something else better to do"
Sorry, must be slipping!
Windoze is a pile of virus-ridden shite for the moronic masses. Macs are over-priced and fit only for sad fanboy lusers who seek eye-candy and imagined cachet.
BSD/Linux is for real men with chiselled good looks and lots of real-life girlfriends. 'Nix is the flawless operating system Jesus or Alexander The Great or Winston Churchill would've chosen. The entire internet is run exclusively on Linux. Every single supercomputer and academic system runs Unix (... continue in similar vein ad infinitum)...
Does this mean?
I guess this means that OSX has Windows users now.
Where's the flamebait icon?
ROFL @ Magilla
Vista is pretty darn good in all actuality
i'm no fan of M$ but having been forcefed Vista with my new laptop, i am incredibly impressed with it's stability & security.
but then as already pointed out here, the user is the weakness in any system.
i have my tried & trusted applications keeping me safe & secure in whatever i choose to do.
Vista is great, it's that simple
Did I miss the bit about the fact that the user has to click through to install the bogus software? Most users mac and pc would know when a dodgy alert pops up and steer clear. I think this story is a little bit of anti-mac scaremongering. Let's face it, Macs are not subjected to the same virus and malware as PCs...fact.
Anyhoo...the word is CRONTAB not CRONTRAB.
webster!! it's been a long time. we've missed you!! no really!
This is not a letter bomb....
In the post one day, you receive a parcel. You open the parcel. Inside is a gun, with a piece of paper reading:
This'll blow your mind!!!
1) Take gun out of box
2) Place gun to head
3) Pull trigger
This is not the same as a letter bomb. But if you are stupid enough to follow the instructions, you will end up just as dead.
Any security breach that relies on the user being an idiot (i.e. entering an administrator password or similar) is not really that clever and says little about the operating system. No operating system, no matter how good or how secure can prevent this. When we see Macs being infected through buffer overflow viruses etc.we'll be able to seperate the men from the boys. As the malware doesn't attempt to do anything like that, I suspect they can't!! Looks at malware that exploits flaws and exploits in the operating system before taking any notice of it.
At the moment, this sort of malware only really exists on Windows. Whether that is because people can't be bothered to write it for other platforms due to uptake, or the other systems are more secure is another matter.
I don't have a Mac, but do have Windows and Linux.
Warning, this is a Mac virus
As you are running Mac OS X, you are on the honour system. Please enter your root admin password and then close your eyes for a while. Please ignore any system messages. Please do not do or think anything intelligent. (We have our fingers crossed...)
Surely the real point is...
...that Mac users are thought to be more likely to visit porn sites - the Dirty Mac brigade, indeed... :)
I trust the sites concerned have a Paris Hilton angle?
What difference does it make?
Boot Cap, Boot Crap whatever... the point is that yet again Microsoft is able to provide an effective solution that addresses Apple's myriad failings.
Macs are all very well for adding that effete look in latte lounges but when you want the heavy lifting done then it's the boys from Redmond to the rescue.
Again and again.
As for Vista, one question for you... Have you actually tried it?
No I thought not.
I for one upgraded from OSX to Vista and the only regret I have is that I waited so long.
Try it and you'll soon change your itune.
I think the Boot Cap guy was 'avin a larf...
...but this does demonstrate that requiring an admin password to install stuff is only of limited use - here the user *knows* they are trying to install something so they will go right ahead and type that password.
This is minor news because I can't remember the last time something like this was in the headlines. I don't exactly think the sky is falling in on Mac users just yet though.
re: What's that I hear?
Umm, you do realise this isn't the first OS X Trojan, don't you?
Oh, that's right, you didn't - or maybe you're commenting on the first one and it's taken you 18 months to come up with that post.
Too little, too late....
People we've had 18 posts (at time of writing) and it's all still a bit polite, someone's already counted us in for a flame war where is it?
By now I was expecting to be making anologies about Mac users being americans and windows users brits and war on terror, we've been suffering from terror for ages, yada, yada, yada.
Blow the lot of you then, 'suppose I'll have to do some work instead :(
A peice of really nasty malware for the Mac...
It's called 'Superduper'. I downloaded it and entered my admin password when it asked for it and when I ran it, it came up with a loads of promts so I just hit 'OK'.
Before I knew, it it had wiped my external hard drive!
Stay clear guys!
> > (yes, anthropomorphised, irony is a horse)
> But then it would be "equomorphised", surely...
Think you're confusing your Latin and Greek there - would it not be hippomorphised?
Nice! How many 'oh-my-god-how-could-he-have-said-that'-replies did you expect? I especially liked the Vista promotion :)
Just goes to prove what we've known all along
Apple fanboys & fashion victims are nothing but a bunch of w*nkers
Why is Vista a piece of crap? And where is the evidence (at all) that Vista is far less secure than OSX?
Singularity is quite a decent solution to a secure OS (even if it is just a research project)
I think the real problem here is that Apple have quite happily flaunted the statistics on viruses/trojans for PCs and Macs, and used them to suggest that there is almost no danger of infecting your Mac. Yes, I'm a Windows man, but at the same time I'm not going to needlessly bash Macs. I do feel though, that the belief that Macs are unbelievably secure will mean users won't think twice about throwing their admin password into a box that pops up, just as most users don't read what UAC throws up. Remember that a lot of Mac users are people that haven't used Windows, or haven't used it a lot, and went straight to Mac. A lot of these people won't understand why they shouldn't type in a password if they're asked for it. This is the same reason I dislike AV solutions, they trick people into a false sense of security. We should be working on ways to educate people about using their PCs SAFELY, not telling them that they will be ultra secure on one or the other system. It's like saying that our software has been tested and so has no bugs.
"Make something too simple (such as auto-installing software via the browser) and you get smegups like this"
To state the bleedin' obvious to anyone who's actually read the article, the software does not AUTO-Install via the browser, QuickTime redirects to a site with an alledged codec and "The Trojan requires victims to enter the administrative password for their machine".
Bit of a difference between that, and visiting a site that can auto-install software without you even knowing about it.... Apple haven't made that mistake, as far as I can read from this article, it's the users who should be learning a valuable lesson from this.
And @bws.. "wow, some of you folks in the mac camp are really worked up over this... " ... Erm... where? They don't seem to be in this thread? Maybe they realise that any exploit that requires them to type in their admin password really isn't much of an exploit?
I don't think it's so much a larger user base that has been the incentive for the malware creators here. It's far more likely that someone finally cracked at the ever increasing nausiating piety & smugness that seems to gush out of most Mac users.
Hopefully this news will stop so many fanboys getting so hot & wet over their 'computers (i use the term cautiously)' and subsequently curb the need they feel to talk about it 20 times a day.
A bit of humble pie could do the Apple camp a huge favour; who knows, maybe they'll go back to creating websites for their pussy cats, making "cool" photo albums of themselves or whatever you're supposed to do on a Mac, instead of pissing everyone else off at every oppertunity.
"We see no evidence that Mac users are any more resilient to social-engineering attacks."
However, there's plenty of evidence they may be more susceptible. They did after all buy into apple :p
1) Wow! Fanboi alert!
2) Typeing in CAPS in NOT BIG or CLEVER, and DOSE NOT MAKE YOU RIGHT. Please people. Stop it. It just makes you an ideot.
Re: What's a Windiot... (TM)
its the MS version of a iDiot (TM) came out a short while after if I remember correctly.
@Magilla & Andy... ever heard of SARCASM I'm sure your browsers still connect to the internet try using it.
The real problem is those who believe they are immune, for they shall fall first. At least pc users know they are targetted.
Decline and fall of the English language
@J I think you'll find the word would be hippopomorphised but I'm not sure that the initial poster was correct in claiming anthropomorphism. Surely it's a simple metaphor? Maybe Equinification (Latin root this time) but still only an extended simile as opposed to treating malware as if it were a horse which would be something like: "the malware stood 8 hands tall, its sleek coat glinting in the sunlight" :-D
- Review Reg man looks through a Glass, darkly: Google's toy ploy or killer tech specs?
- MEN WANTED to satisfy town full of yearning BRAZILIAN HOTNESS
- +Comment 'Stop dissing Google or quit': OK, I quit, says Code Club co-founder
- Nokia: Read our Maps, Samsung – we're HERE for the Gear
- Apple tried to get a ban on Galaxy, judge said: NO, NO, NO