back to article Trojan heralds OS X's 'new phase of exposure to malware'

The Mac security scene is heating up, with the discovery in recent weeks of a serious vulnerability in OS X and at least two Trojan horse programs that target the Apple OS. The most notable is a security hole in the latest versions of Tiger and Leopard that allows attackers to install malware on a Mac without first requiring a …

COMMENTS

This topic is closed for new posts.

Page:

Flame

Shurly shome mishtake

Apple computers are perfect. This cannot be true. You must have mixed the story up with one about Microsoft.

0
0
ZM

Was...

...only a matter of time, right?

Mac is way more popular now, more people using it, more people trying to break it.

0
0
Coat

it was always going to happen but

"This shows that there is an active community of researchers who are looking for vulnerabilities in MacOS X and *not* reporting their findings to Apple."

From memory there doesnt seem to be any point escalating any findings to apple as they dont actually do anything about them.

Queue Apples standard response "We can see how it may be seen to be an issue but we dont know when we are going to fix it or if we even will fix it"

Mine is the one with the Apple Trojan in the pocket

0
0
Pirate

Welcome to the club

Make yourself comfortable.

Now can I interest you in these products.

* avast!

* Avira

* AVG Anti-Virus

* BitDefender

* BullGuard

* CA Anti-Virus

* Cisco Security Agent

* Command AntiVirus

* DriveSentry

* eSafe

* Fortinet FortiClient End Point Security

* F-PROT

* F-Secure

* G DATA AntiVirus

* InVircible

* Kaspersky Anti-Virus

* LinuxShield

* McAfee VirusScan

* NOD32

* Norman ASA

* Norton AntiVirus

* OPSWAT

* Panda Security

* Protector Plus

* PC Tools AntiVirus

* Principal AntiVirus

* Protector Plus Antivirus

* Quick Heal Anti-Virus

* Rising AntiVirus

* SecureIT

* Solo Antivirus

* Sophos Anti-Virus

* ThreatFire AntiVirus

* Trend Micro Internet Security

* V3

* Vba32 AntiVirus

* ViRobot (Hauri)

* Virus Chaser

* Windows Live OneCare

* ZoneAlarm

* k7 Total Security

* VirusBuster

1
0
Heart

Somebody send for the Doctor

If Webster doesn't post a "told you so" rant then he must be ill. We should all be concerned for his health don't you think?

Sending our love Webby

0
0
Go

MacOS X is inherently insecure!!!!!111oneone

Apple Remote Desktop is a major security hole, one that should be disabled by default on all new Macs.

Also, whoever invented AppleScript should lose their job, and Apple should immediately release a patch that disables AppleScript functionality in all Mac apps.

Apple has relied on security by obscurity for far too long! It's time they focused on security above all else, and bring their OS into the 21st century. And application writers that can't deal with such changes should stop writing Macintosh apps altogether, and go back to writing for Windows.

[There, that felt good. I suppose I could've borrowed a typical anti-Microsoft rant and swapped "JavaScript" with "AppleScript," and "ActiveX" with "ARDP" or something, but I wanted to see if I could write a rant all on my own. Microsoft-haters beware: You're not safe anymore!!!!!!!111one!]

0
0

Well...

"the exploit was was written modularly" - that's actually pretty awesome. Good to see sensible coding practices in use, even if they're not in *good* use.

*cough* it's not a real exploit if users have to sign their souls away by entering their administrator credentials *cough*

0
0

Steve Jobs should take it as a compliment

His OS has finally become successful enough to become a target. Watch out Microsoft!

0
0

@ ZM

Yup bigger target = more people shoot at it.

More and more fashionista types using the entire "Mac Experience" and the scammers are obviously looking to target this new "revenue source". Apple has conned these people into believing that all Mac's are 100% safe thanks to those "funny" Mac vs PC ads. God help those trendy types because they probably have no idea their systems are so open to attack.

Mind you some would say it's about time Apple got given a metaphorical kick in the stones, concerning security. Others might not be as kind and forget to insert the word, "metaphorical" in that statement, but I'll be nice.

0
0
Boffin

Prying Eyes

The spurring popularity of Mac or Apple, captures the prying eyes of attackers. This is evident to prevalent DNSChanger for Mac which is coming from RBN. But, the recent two trojans AppleScript.THT (discovered by SecureMac) and OSX.Trojan.PokerStealer (discovered by Intego) are just proof-of-concept malwares trying to exploit the recent vulnerability found in ARD agent. So, it means there's no prevalence or massive distribution of this threat.

Check out this blog, it's covering different threats in Mac:

http://ithreats.wordpress.com/category/osx-malwares/

0
0
Joe

@ Antidisestablishmentarianist

Yeah, I fully expected some bile on here from him!

Also, surely it can't affect if you have ARD turned off in Sharing? Or a router with a firewall and ARD not set up on it?

0
0
Linux

@Nate

All those are Windows antivirus programs (at least, all the ones I recognize). I don't think they'll work for OS X. :)

But Mac already has ClamAV. http://www.clamxav.com/

0
0
Jobs Horns

Best Comment: Bwah ha ha ha ha ha ha ha ha ha ha......

Smart-ass AppleTards, you ASKED FOR IT with your BS Mac vs PC adverts and , now you're going to get it good. Now you can not only enjoy forking out $149 every 18 months to feed Stevies every growing cash chest, but you will enjoy popping for $40 - $50 per year on Anti-Virus subscriptions, which might be even more expensive since Norton and the other AV companies will need to charge more to cover programming costs for the MINUSCULE market share the MacTards are.

I LOVE it!!

0
0
Linux

It's not hard

to trick someone who switched to Mac because they couldn't figure out how to work a PC.

"My PC and printer... they just weren't talking to each other." "I couldn't even turn it on." etc.

"With Mac, it just works."

Exploits that trick the user are pretty much imminent on a mac.

0
0
Jobs Halo

Save us, St Steve!

If Apple Remote Desktop is switched off via System Preferences, will an Applescript still be able to be funneled through ARDAgent?

0
0
Anonymous Coward

Re: MacOS X is inherently insecure!!!!!111oneone

"Apple Remote Desktop is a major security hole, one that should be disabled by default on all new Macs."

Err... It is disabled by default.

0
0
Jobs Horns

"Hi, I'm a smarmy jerk" , "And I'm a tool"

Apple asked for it with those snarky ads. They deserve every bit of this and more.

0
0
Gold badge
Joke

if you have enough money...

...if you have enoguh money for a Macintosh, a dozen pastel-coloured sweaters, an iPod, (in a few flavours,) an iPhone, a vehicle that runs on smug, and every copy of MacFap 2000 magazine, then you know what?

...You have enough money to pay the ransom for the data we just encyrpted.

"Become sucessful enough?" It doesn't need to be. It can be small and unimportant, so long as it targets the right group.

Rabid, frothing at the mouth flaming can commence now.

0
0

Vested Interest

"...an active community of researchers who are looking for vulnerabilities in MacOS X and *not* reporting their findings to Apple."

These researchers wouldn't be working for some of the companies listed by Nate by any chance?

0
0
Silver badge

What's Next....I Know, I Know

The best part about all this is that the Linux type guys are next. Remember several years ago that there were studies that "proved" that Mac and Linux were more secure because of their inherently better code and commune involvement - and that the lack of targeted malware/viruses had nothing to do with the fact there were only 117 people on the planet using them? I'll have to dig up proofs for those that don't remember, but they are out there.

Linux is next. Hahahaha. Get ready for annoying windows that pop up in the middle of your work and shutdowns for updates that only occur after you've successfully calculated the 3 gazillionth number of Pi and are just waiting for that next number to publish. Get ready. Crappy computing is coming to you to.

0
0
Silver badge
Linux

Singularity?

I think the Master Plan is that Apple be Reality/Vista Drivers. Apple Open Source Windows Administration ...... or is Competition for Conflicts a Better Beta?

0
0
Happy

The author comments

http://www.macshadows.com/forums/index.php?showtopic=8640&view=findpost&p=65873

"I would like to say thank you to everyone who has participated. I've had so much fun this past few weeks and I'm grateful for the escape from the daily doldrums."

[big list of credits and thanks]

"Oh and to the endless supply of utterly unqualified Internet journalists, thanks for all the terrific entertainment. Virtually all of you guys are easily duped, lazy / no fact-checking, FUD-spreading jackasses. If you aren't going to take the time and expend the effort to get the story right, please leave it for the real reporters who will. Thanks."

0
0
Paris Hilton

Prepare for nightmare

Since Apple (and most Mac Users) have not clue of any kind about security, This look like exciting time for maleware writers. Look like macs have finally got to critital mass, enough of those poor extremly low quality BSD Clone are ont the market to make virus writing on the Mac a viable option.

The time you could count the number of virus on Mac with your hands is gone and so is the number one (but false) reason to get a Mac. But Mac users are in luck. Since now mac are in fact just clone PC with a couple of $100's more on the price tag, they can alway install windows and get a real functional computer.

Since there is praticly no real anti-virus on the mac, rogue anti-virus maker will have a field day.

Attantion Windows and Linux user: Prepare for some nice enteirtement over the next few months

Paris? because she is probably own a Mac.

0
0
Happy

get jacked buy a mac

This is the funniest thing I have seen today, I hope someone adds a module that bricks iphones or ipods that are plugged into any mac.

Anyone who is stupid enough to fork out the money for mac products is going to be easy pickings for scammers. I can't wait to see mactards running around like headless chickens with their tight t shirts and messy hair.

0
0
Linux

Apple, Windows and Linux security

See, the thing is. OSX stems from FreeBSD, a Unix. As such is should be pretty secure. However the point people miss is that people using Unix machines are inherently more technical than the average user. They know not to click on random links, download oddball executable files, and open e-mails with titles like "Get It Bigger, She'll Love You For It".

Similar profiles fit the users of the more "Serious" Linux distros. You pretty much know that someone using Fedora/RedHat/Suse/Mandriva will be fairly technical, and again will know the sensible things to do. On the flipside of this are the users of "Newbie" distros like Ubuntu/Linspire. They often aren't as technical. They can get the stuff working that they need to, but then they aren't too bothered about anything else. Even here there is a certain level of security consciousness. These are users who are either technical, or have in many cases had a Seriously Bad Experience of an infected computer.

Mac users, now then they are living in world of "We are safe because we use Macs". Even back in the days of System 6/7/7.5/8 there have been Mac viruses. However the modern Macs using OSX are sold as super-secure. When in fact we all know they are pretty secure, but not foolproof. This advertising however has made them out to be so secure you don't need to worry about anything. This results in the user thinking they can click what they want, with no consequences. It also results in a certain level of irritating smugness that really riles everyone else. "Get A Mac, It Just Works" rings out on the release of new models, and the party faithful line up to buy Mr Jobs a new Bentley or Three. Then if things don't work Apple just delete the topic on their forums and deny that there is a problem.

Now if you'll excuse me I'll go back to my Windows and Linux boxen. I'll keep my AV programs up to date, and remain pretty paranoid about my own security.

0
0
IT Angle

Mac vs. PC - When will it end??

Honestly... I don't care much about the Mac vs. PC debate... I use both systems both at work and at home and in my honest opinion they are entirely different entities all together...

On the security side of things; Apple have already taken steps to securing OS X Leopard; they have introduced numerous security countermeasures into the latest release, and with a little manual tweaking, you can make OS X pretty tough to crack...

http://images.apple.com/server/macosx/docs/Leopard_Security_Config_20080530.pdf

Bomski

0
0
Paris Hilton

@Mectron

"they can alway install windows and get a real functional computer."

ROTFLMFAO...seriously?? Oh man, that's a killer...stop it, no really...why don't you have the "joke ahead" icon cause that one's a beaut!!

"Since there is praticly no real anti-virus on the mac"

Err...Norton, Sophos, Avast, McAfee...should I go on?

Before you post bollocks, it's always advisable to do a quick google to get something closely resembling the facts.

Paris? Well she looks like she's obviously checking out the size of your knob and thinking, I don't need glasses, I need hubble!!

0
0
Joke

@ Jeffrey Nonken

You got the point though; Right?

I'm sure Trend Micro (et al) are now beavering away at their mac editions.

BTW, is the Inquirer full of bearded IT druids?

Think I'll inject this into MAC 0SX

run

10 poke 649

20 poke 1

end

0
0
Stop

Norton AV on a Mac?

I'm sure someone up there mentioned Nortons for Mac. Obviously they have never tried the combination - it's as bad as a Creative driver for Vista.

I use Intego products and have always 'protected' my Mac, being a paranoid sort who can't be arsed with the daily sh*t of being a Windows user, and who isn't willing to become socially inept by becoming a Linux user.

0
0
Alert

No real Anti Virus on Mac?

Sophos, C.A., Symantec and Intego yes less than PC but still enough.

Far from defending Mac users who are blissfully unaware of viruses I agree the time has come to protect your Mac from Viruses, also don't you think by installing Windows on the Mac it's any more functional? Yes for gaming, word processing and accounting!

0
0

Some info about the Apple Remote Desktop flaw

This is my best understanding of the situation:

This flaw will affect you whether you have ARD on or off, since the flaw actually exploits the fact that ARDAgent.app has the SetUID bit on. Basically it executes stuff as root user without requiring the admin password. So assuming your corporate Mac network doesn't use this for administration, you can just unset the SetUID bit.

> cd /System/Library/CoreServices/RemoteManagement

> chmod u-s ARDAgent.app

Job done.

For the record, have a Macbook Pro 15.4" with Leopard AND Vista 64-bit Business. Enjoy your flaming everyone.

0
0
Boffin

Oh, brother...

First, I cannot believe the pedantic HA-HAs being expressed here. I suppose that such people also laugh when an elderly-person trips on a curb, and falls down in the street.

Second, a "Trojan" is NOT a "vulnerability" within a piece of software. You cannot say that BRAND-X is inherently vulnerable, if the "exploit" effectively consists of, say... directing a user to strike the display-screen squarely with a hammer. No computer-system could, nor should, be faulted for that... not the Mac, not Windows, not Linux (unless the OS implicitly allows the malicious-site/code to hide its actual purpose/origin... such as say... Windows/IE has repeatedly been demonstrated to allow).

Which leaves the inane argument that, a vulnerability (or, even, a handful of vulnerabilities... if they ever show-up) in an alternative-system... actually makes it as "vulnerable" as the, demonstrably, most insecure and compromised, OS on the planet. Frankly, in my opinion, to even make that claim clearly demonstrates, either, extreme ignorance, a general lack of intelligence, and/or utter childishness.

And, finally, to assert (completely disproven bits of FUD, such as) that -popularity- has anything to do with a systems inherent-security (or the numbers of officially-identified vulnerabilities)... or, to misrepresent the very meaning of the expression, "security through obscurity"... as meaning that a lack of popularity creates inherent security... is beyond ignorance. It borders on being intentionally-deceptive (that particular expression refers to keeping code, closed, and trying to suppress information about vulnerabilities. You know... like Microsoft does).

So, simply put, ALL of the actual facts still put the Macintosh so far ahead of Windows... it isnt even funny. And, BTW, I AM a PC design/support technician (I dont even use Macs).

0
0
Linux

GNU

Another good reason to stay Linux based.

0
0
Jobs Halo

webster phreaky is alive...

and still coming out with nonsense - yes! all is well with the world.....

and one from amanfrommars too!! can it get any better?

0
0
Jobs Halo

Bring it on

I feel really sorry for you poor guys who have been waiting oh so long for the first threat to the Mac. Thats the point, we've just got on with our computing lives and not had to worry about all the crap that windows users have had to put up with.

No Mac user has ever thought their computer was 100% safe, we're not that dumb, nor are as stupid to think that we have been left alone because of the small number of Mac users. I know that hackers have been trying for years to create a true Mac virus that spreads across the system with no intervention from the user (sound familer) but so far none, nada, zilch nothing.

We also don't need to worry about notification about new threats as all you windows users will let us know quick enough.

Get a Life, get a Mac

Majik

0
0
Paris Hilton

OSX is built on Unix so they are naturally stuffed

Here we go, all the *nix freetards coming out of the woods saying how secure *nix is. Is it f^ck. Is it just as insecure as any other limited deployment whereby there aren't real security experts to check it out. Apache a safe webserver - ha ha ha ha.

Anyway, back to Mac victims. They will probably like to get hijacked so at least their computer is doing something rather than just sitting pretty (you could install Vista if you want a pretty look).

Now Solaris, there is a system that won't get hacked. Why? Cos the scum writers can't afford it to develop on. Wait a minute, what do you mean it's now free? Doomed, we're all doomed.

Paris - sits pretty (I said sits not sh!ts)

0
0
Jobs Halo

Viruses on OS X?

I thought this article was about a couple of Trojans that have been made in a lab... and require the user to

Where's the story about the viruses? Oh right, there isn't one, because there aren't any.

I'm a Mac user, and I'm proud of it. Penis envy isn't something to be proud of, you bunch of Ballmer kissing Windows whores. Get back to defragging, virus scanning and all that other crap you call work before your bosses see you posting on El Reg and fire your inefficient asses. Me? I'm getting back to using my Mac to run my business.

Up yours, Windoze w@nkers!

0
0
Linux

well it was a matter of time

the problem is that all computers (like it or not) are vulnerable. It reminds me of that poster in my old school computer room a few years a go "The only secure computer is one that is buried in concrete, with no power and the network cable cut" they all have exploits. Which is exactly why I think the advertising campaign that apple ran was highly irresponsible. to tell the users "you are in no way vulnerable" is inherently wrong (yes you are more secure than a windows user - true) but when people start believing this and pay for macbooks that cost £700 and give you one gig of RAM, more exploits will come out of the woodwork. The other issue is anyone stupid enough to make such a transaction, isn't going to be the most technically minded of people, and so will properly help the exploits along. "It just works" indeed.

0
0
Gates Horns

No real Anti Virus on a Mac?

Why do we need it, according to Webster Phreaky were to MINUSCULE to be bothered by hackers. The last time I tried Norton it buggered up my system and told me a whole load of BS about all this crap that was meant to be on my system, guess what, there was nothing wrong!!

Why would I want to put windows on my beautiful MacBook Pro, I have a games consul for playing games, I use Pages for word processing and I use MYOB for my accounts, and guess what, they all perform perfectly.

Get a life, get a Mac

Majik

0
0
Silver badge

This. That.

"Since Apple (and most Mac Users) have not clue of any kind about security"

Oh, you caught us. Although Apple's doubling or tripling or whatever it is of market share in the past few years has been attributed to switchers, people tend to forget that the memories of those who switch are instantly erased.

Webster has a point though, maybe all us Mac users shouldn't have banded together and made those BS Mac vs PC adverts. Probably Apple would have sprung for their own adverts if we'd just given them a chance.

0
0
Silver badge
Jobs Horns

@Rick Leeming

Learn to write. Sentences. And use. Adverbs correctly: What. is "pretty secure?"

"See, the thing is. OSX stems from FreeBSD, a Unix. As such is should be pretty secure."

Unix is not inherently more or less secure than other operating systems. It comes with a lot of mechanisms for providing security but that itself does not provide security. Apple has a somewhat cavalier approach to security and an obsession on eye candy and ownership (DRM, EULA).

0
0
Anonymous Coward

AV for Macs

I remember using SAM Antivirus on my system 6.x and 7.x Mac Classics starting back in 1991.

I am pretty sure it is impossible to create a usable OS that is entirely secure. OK some OSs may be more inherently insecure than others, but in real terms the main weakness of any system is the user.

So, let's get away from the pointless old "my speccy is better than your C64" argument and move on to the real business here. Which is who's users are more stupid than who else's?

On the Mac side I give you: people willing to spend £300 extra for an inferior spec machine just because they cannot be bothered to read a 6 page flier telling them how to use their computer.

On the PC side I give you: Phreaky and the other guy who shouts a lot about PCs being real useable computers.

On the linux side I give you: Well, I agree linux users are generally more savvy than average, but man there is more to life than recompiling the kernel, playing DnD and having sex without the burden of having anyone else involved.

0
0

no real trojan/virus in the wild

where is the proof/data of actual virus or trojan in the wild on a Mac? There is none, this is all hypothetical based on a Trojan that requires a user to actively download and run something. Sure there is a vulnerability in privledge escalation. At this time I still choose to use my Mac for online banking rather than a Windows machine....and that's all that counts for me

0
0
Bronze badge
Unhappy

I think this thread may grow quite large.

Possibly as big as the "God makes you stupid" one we had recently.

Thing is, it'll be just as pointless.

0
0

@Apple

You've been cored.

0
0
Jobs Horns

"Get a life, get a Mac - Majik"

Well 'Majik', it doesn't seem to have gotten you a life.

I'll gnaw off my own arm and fist myself to death before I'd turn into another smug Mac gobshite like you.

No, really.

0
0
Jobs Horns

re: no real trojan/virus in the wild

"At this time I still choose to use my Mac for online banking rather than a Windows machine....and that's all that counts for me"

...and that's exactly the reason why malware is starting to appear on Mac. You are a nice juicy target, with your head up your own arse about accepting the vulnerabilities of your beloved OS.

0
0
Linux

Blown out of proportion

This is only really going to affect companies who use Apple Remote Desktop. The average Mac user won't use that, so most machines won't be affected.

As a recent Mac switcher myself after 14 years of Windows use - (3.1, 3.11, 95, 98SE, XP Pro) it no longer cut the mustard for my uses. The problem is that most fanboys are preprogrammed to be berks and make claims that OS X is immune to viruses. No OS is secure. Heck, if an OS came out that was secure, all the AV companies would go skint in a week. However it would also result in a larger OS, using more resources and ultimately costing more.

I agree that most users sit on their laurels and make the claim that OS X is secure. FFS, stop drinking the Kool-Aid and wake up to reality - THERE IS NO 100% SECURE OS!!!

Penguin - cause he's not a public figure that a fanboy wants to be.

0
0

@Solomon Grundy

"calculated the 3 gazillionth number of Pi"

Pi is Pi

nothing more nothing less

Macs are shite, and deserver to be trojaned to death, but theres no escaping that Pi is 3.14159

0
0
Coat

@Lee

<quote>

So, let's get away from the pointless old "my speccy is better than your C64" argument and move on to the real business here. Which is who's users are more stupid than who else's?

</quote>

Exactly. Everyone knows that the Beeb is best!

Mines the one with the copy of Chuckee Egg in the back pocket...

0
0

Page:

This topic is closed for new posts.

Forums