A researcher has unearthed fresh evidence of cyber criminals' growing attraction to Apple's OS X platform with the discovery of a now-disbanded group that offered 43 cents for every infected Mac. Mac-codec.com was just one of hundreds of "codec-partnerka," a term researcher Dmitry Samosseiko uses to describe the well-organized …
"I suspect that it wasn't as profitable to target the Mac platform at that point," he explained. Mac-codec.com "probably closed because it wasn't commercially viable for them to conduct business."
Well let's not disregard that interesting nugget. We see a lot of anecdotal evidence of this so called Mac malware but finding infected machines seems to quite hard. Much the same as Windows. I owned a Windows machine for about 8 years, I only ever caught one malware infection, that was my fault for running knock-off software from a dodgy source.
If you're careful you can avoid catching things on any platform, you really have to be going some to get a seriously ballsed up machine on any platform!
Did you ever think?
Did you ever think that the group disbanded because no one could "get in?"
Not gonna work, this
Because our venerable and learned gubmint has already signed up all the l33t skiddies (sorry, 'naughty boys'), and placed them in a concrete bunker.
We lead the world! Yay!
As usual, the primary vector for attacks on Macs is by using trojans. It's very simple: if you _never_ download codecs _for any system, including Windows_, except at known good sites, then you'll avoid one major source of malware. This means:
1 no downloading binaries from P2P sites, you have no idea what's really in there
2 no cruising to random porn sites and downloading codecs to have a look at the latest nasty porn; again, you have no idea what's really in there
3 no downloading updates of Flash, QuickTime, Silverlight, etc except from the Official Site; you have no idea what's really in there
I could go on, but I think that my point's been made. There's a reason why certain attacks simply don't work on any system I have, including the WinBoxes.
C'mon guys n gals
Eastern Europe usually if not always = Ruski
Central Europe usually if not always = the rest between western Europe and eastern Europe usually if not always starting about Latvia, Lithuania and Estonia
Of course, they disbanded - no one stepped forward to claim the prize because why pick on a 20-year old muscle bound guy when you can pick on WINDOWS, the sleepy tourist with jet lag and a wad of cash in his back pocket.
RE: codecs again
I have nothing against what you said, but I think you should still not limit it to the list (or the main idea behind the list).
First and foremost, legitimate sites are already being targeted, making them distributors of malware, either thru drive-by or actual infection of resource for download (such as the recent case of a mouse manufacturer where the firmware they are offering were infected).
Second, third party vulnerabilities are still a major concern. Say your browser got compromised. Since the OS is pretty much secured, there is no chance for the malware to stick around after a reboot (or even an app restart), or alter system settings. But guess what? The malware can still steal info from you while your still using your browser (prior to a restart/reboot). How? Because chances are, your browser is still running under the same privilege as you are. Meaning? It has access to all your files. Oh and it can install a temporary (again, it can't stick to the system) keylogger (if the vulnerability allows for this) in your browser and capture further more data (again, prior to a restart/reboot).
The point: you must always be vigilant, even though you only visit "legit" sites, and don't download/install/use apps/programs from "other" vendors.
@ codecs again
The problem is the deliberate proliferation of codecs out there.
Most users don't know how it all hangs together (which is, admittedly, not available in an easy to understand format) so they have to go on a chase on the Net - where it is a matter of hit manipulation to get your spamware site top listed.
On a WinBox there are also other vectors of attack, btw :-)
re: codecs again #
looked after a couple of small companies IT for several years - only problems they had with Viruses etc - a couple of scareware incidients and one person browsing porn and gambling sites :(
Many Mac users are ripe to be owned
Many Mac users I've 'met' are ripe to be owned.
As a breed they're complacent because they believe Macs are totally invulnerable, and a high percentage are arrogant enough about that to completely dispense with any form of anti-virus protection.
On a forum I administrate I regularly flag up security updates to Windows programs that don't have an auto update feature - I've stopped doing that for Mac because I was inevitably met with flames and lectures about 'Macs don't get viruses or trojans'.
Well, if that's their attitude, fuck 'em... they're on their own.
50-55 cents for every Winblows machine infected and 43 cents for every Mac?
Tell you what, lets start a site that offers 60 cents for every malware author that you kick in the nuts. Kicking the same one in the nuts 100 times would earn you $60 but think about how the malware author would feel...
All the ones I've met boot into Windows, they'll never get a Mac virus because they don't use the Mac side and couldn't get on the Internet if they tried.
Mac don't get owned, here's why...
1. All Mac owners are metro-sexuals ( supposedly! ), so they're too cool and narcisstic to go looking at porn, rather look at themselves! ( Why do you think all Mac's have glossy screens? )
2. The never rip software off, rather pay huge sums of money to software vendors for genuine boxed copies of the three apps they want.
3. Never go to P2P, they ALWAYS buy music and vids from the iTunes mini-mart, 'cos it's owned the the saivour Lord Jobs.
@ Many Mac users are ripe to be owned
Erm, Mac users often don't bother with AV protection because they know it DOESN'T WORK.
Only difference with Windows is people think they need it and that it somehow keeps them "safe".
@ loads of you
Yup, I'm a Mac user. Yup, I know I ain't gonna get owned. -
Why? 'Cos I don't use Warez, or install dubious codecs etc. - in fact, I don't install ANYTHING unless the source is 100% tried, tested & trusted etc.
I do run the excellent donationware ClamXav, which is solely to catch nasties like Office Macroviruses etc., which I could inadvertently forward to a Windows-using friend.
Yes, I thinks Macs are inherently more secure than Windows PCs but I am also aware that the move within the evil-doing community is regardless of platform, to exploit the weakest link. The user.
More & more nasties are now socially engineered rather than invisibly installing, so they are exploiting people primarily, rather than just a particular perceived system weakness.
So, enough with the half-witted stereotype comments; it's bollocks and I suspect most of you know it.
I can deflate the pocketbook of some malware-peddling scum by $.50 every time I set up a sandbox environment to pull some crap down from their site, then promptly wipe/reload/repeat? Good to know...
For those of you who want to read the original article...
For some reason The Register didn't link to it. The whole paper on Partnerka is actually quite interesting, and a quick read.
Michael Argast, Security Analyst, Sophos
Market share increase
Something that I think gets overlooked by many here, Apple had 3% just a few short years ago. Depending on who you ask today, it's 7-10%. Now many MS boosters like to point out how blithe Mac users are, seemingly not realizing where this new 4+ percent showed up from. The user numbers that have boosted the Mac have come from the Windows side where most users are already quite aware of what is out there. It's an antediluvian supposition to think that the majority of Mac users are clueless on exploits. Anyone who marches out that characteristic merely shows their lack of understanding on the subject readily shows what their real colours are.
- IT bloke publishes comprehensive maps of CALL CENTRE menu HELL
- Analysis Who is the mystery sixth member of LulzSec?
- Prankster 'Superhero' takes on robot traffic warden AND WINS
- Comment Congress: It's not the Glass that's scary - It's the GOOGLE
- Analysis Hey, Teflon Ballmer. Look, isn't it time? You know, time to quit?