Miscreants have created a new strain of Trojan horse malware that establishes a backdoor on compromised Macs. HellRTS-D (AKA Pinhead-B) disguises itself as the iPhoto photo application. The Trojan is a new variant of a strain of malware first reported in 2004, reports Mac security specialist firm Intego. The Trojan, developed …
Trojan horse malware
Where is this 'trojan horse malware' available and how do I download it and do I need admin rights to execute it?
You're all doomed. So what do you have to say now then all your Macsters? Oh, you don't get malware right?
Doomed, doomed, you're all doooomed it's MSBlast all over again for the Apple, take a bite of that you fruit poopers.
Oh - you need to be stoopid enough to download some iThing to get infected i see. What, no worm functionality? God dammit, you Mactards cannot even write a decent bloody infectious trojan wormy thing. Useless boogers.
Cue smug grin from every other geek on the planet
In 3, 2, 1...
You're right, though I suspect that it would be the same smug grin amongst *nix users that happens whenever someone (not necessarily you, but someone) cries "A-ha! See!? Macs Get infected too!", ...then points to a convoluted trojan which requires an inordinate amount of user stupidity to actually work.
(Mind you, I'm typing this from a Win7 box, with half a dozen PuTTY SSH sessions open to various Linux and FreeBSD servers, and not a single Mac in sight...)
Personally, I'd wait to call it parity until we start seeing drive-by attacks happen on OSX, Linux, or etc.
I guess you missed the Safari driveby download scare...
And as for a "convoluted trojan which requires an inordinate amount of user stupidity to actually work," I have seen many of these types infect Wintards. Click on a link provided by a Google search, it ends up being a webpage mimicing an AV scanning your My Computer explorer window saying it has found XXX number of virii, has a "popup" on which you click the "X", which pops up saying "download this. Run?", Click "Run" and windows pops up again, "Are you sure you want to run this? It isn't from a trusted source...blah blah". I'd say that falls on the "inordinate amount of user stupidity" side of the line. Probably more so than a link to install a supposed plugin.
Yeah, yeah, yeah
And what's the infection vector?
"Do you want to install this dangerous piece of software from god-knows-where? If so, enter your password now."
that it would be the usual free porn vector :)
you know, the 'install this software on your completely safe mac, and you shall see boobsicles, need to enter password to allow install though.. what are you waiting for? boobsicles man, boobsicles!!!' method.
I hear it's surprisingly effective ;)
So, a bit like the infection vector for any trojan?
Ok, with XP if you are running with Admin (which you shouldn't be) you wouldn't need a password, but you've just downloaded some software and are installing it, of course it's going to ask for a password or require admin access...
Ironic, Mac tore Windows Vista and UAC apart for asking people to enter their password to confirm they're sure they want to do something they've just told a PC to do, and now an idential issue pops up on the mac and the Mac defence is to say there's no possible infection vector.
Please, this kind of stuff helps issues, but in the end stupid people do stupid things and they'll just type the password in to open iPhoto as far as they're concerned.
2000's - decade of Windows problems
2010's - decade Apple begin to realise the problems they've created by telling people they can't get malware....
No it was Windows users who bristled at UAC... Mac OS X has needed an admin password to write to certain parts of the systems since version 1.0 (and yes, as a spectacular oxymoron Apple did have a Mac OS X Server version 1.0 ... the first non Server version was 10.0, but there was a Mac OS X version 1.0).
Nobody at Apple ever said Mac OS X couldn't get malware - ever. This is something dreamed up by PC users. Apple's advice has always been the same: Keep up to date with the patches, think about why you're being asked for your admin password, and don't install software you don't trust (which is pretty good advice no matter what platform you're using).
This doesn't use any kind of short coming in Mac OS X - it's pure social engineering.
Where do you think Microsoft got the idea for UAC from?
I'm also not about to claim that Apple have nothing to learn from Microsoft about security (Windows makes a better job of address randomisation for example) but Mac OS X is Unix, and Unix has a good track record for security.
Fanbois, I hates 'em
'Nobody at Apple ever said Mac OS X couldn't get malware - ever. This is something dreamed up by PC users.'
Nope, this is something punted about by fanbois, Mactards and the less knowledgeable media.
'Apple's advice has always been the same: Keep up to date with the patches,'
Umm, this would be the same Apple that had a bunch of widely known security holes in their OS and browser that weren't patched for months. Sure, patch it, ooops there isn't a patch for that hole.
'think about why you're being asked for your admin password, and don't install software you don't trust '
Yeah, 'cause those boobies will still be there when you've decided you trust the software.
Simple fact is, most average users are idiots, Mac users moreso in respect of security because they've had it pounded into them that their shiny sparkly piece of bling computer can't get viruses. You wouldn't believe the crap I've had to put up with from Mac users because 'Macs never crash' or 'Macs just work, it must be your network' etc... etc...
News for you - I tried running outta admin on XP and it's like pulling teeth. About 10-20% of the software behaves randomly when you are not logged in as admin. Obviously that is after you have installed it as admin in the first place.
So... nice idea, no sarcasm intended. Not so nice in practice with much of the stuff that's out there. The stuff just wasn't written for it. And, no, sometimes you just don't have a real choice in what you are using - this was my significant other's accounting software for work.
"ronic, Mac tore Windows Vista and UAC apart for asking people to enter their password to confirm they're sure they want to do something they've just told a PC to do, and now an idential issue pops up on the mac and the Mac defence is to say there's no possible infection vector."
Urm, no. EVERYONE tore into Vista (and other Winblows OSs) when they DIDN'T ask for a password...
"RE Fanbois, I hates 'em
"Simple fact is, most average users are idiots, Mac users moreso in respect of security because they've had it pounded into them that their shiny sparkly piece of bling computer can't get viruses."
"Mac users moreso"? Have you ever met a Windows user. When asked why they have Windows it's usually "i only use it for gaming and use linux the rest of the time" or "we have it at work".
The ones in the first bracket aren't really idiots and they're about 2% of the Winblows user base. The remaining 98% think they're safe because "we are at work" - yeah where external downloads are prohibited and all mails with .exes are deleted...
Most average users are idiots.
Oh yeah, I deal with them very day. Idiots they may be but the majority of Windows users I meet are aware that their machines can get infected, that they need to run some sort of malware protection and that stuff comes in via email, off the web or via dodgy downloads.
Sure there are some who are completely oblivious to all that and would click a link even if it told them it was going to kill a cute fluffy kitten (although they could just be psychotic) but there's a much larger percentage of Mac users I meet who think they really don't need to bother, because Macs don't get infected or so they think...
Your average Linux user is somewhat less likely to be an idiot but there are still some raving morons out there using Linux.
re: "Where do you think Microsoft got the idea for UAC from?"
From sudo, yes?
..does this constitute an "in the open" Apple virus/trojan? I can't tell from the article.
Can we now - at last - dump this "no OS X malware in the wild" bollox, and stop with the f*ing denial?
Also, can we at least have an OS X anti-malware that isn't a complete hog, and actually works? What I mean is, can OS X be used to write a better anti-malware than can be found on a PC?
i.e. Can OS X become the more secure platform because it can be (through design and proper protection), not just because Steve Jobs says it is?
My domestic setup is all apple, just in case the fanbois plan on having a dig.
no, not yet
can't stop the smug "no viruses here" just yet, cos this isn't a virus - you need to be a numpty and install it to compromise yourself
no viruses != no malware
Nice goalpost shift there, mate.
Take the %age of viruses, trojans and other malware "in the wild" that's for Windows.
Now compare that to the Windows/Linux/OSX market shares...
Who is safest. (I know who *isn't*!)
Wow! #4 or 5 in ten years :)
Do you still have to install trojans on Macs yourself or are they more comfortable now?
...give or take a 100
http://www.iantivirus.com/threats/ has one or two.
RE: ...give or take a 100
"http://www.iantivirus.com/threats/ has one or two."
Mostly malware that requires admin priviledges to actually delete a system file.
One or two is what we get PER DAY on Windows...
OSX has been going longer than a day last I looked.
So your point is?
Ignorance clearly is bliss.
>Mostly malware that requires admin priviledges to actually delete a system file.
If you say so. Good job there's no way of priv escalation under OSX and Apple has such a good record on patching vulnerabilities, if any were ever to come-up - which is of course unthinkable. I'm sure Miller's 20 or so current zero days are entirely made up - its not like he's ever been able to reliably prove any of his claims in pwn2own face offs. Thankfully he keeps all his techniques secret,never speaks at conferences and even if he wrote a book or two, on say fuzzing or mac hacking, I'm sure no-one would buy them.
So, if you download 'iPhoto' using a torrent, don't stop to wonder why it's only a couple of megs rather than the usual several hundred, and then go ahead and install it... you deserve all you get.
Writing Trojans in RealBasic? Since when did cyber-crims start offering internships?
My thoughts exactly. Just how stupid do you need to be to download a well-known Apple application from some dodgy website rather than from (shot-in-the-dark-thought) the apple website?
Just HOW STUPID are some people???
Um Freetards would
Whilst ranting about how they hate iTunes and how it is all apples fault for chargin to much/forcing you to use iTunes or one of the many other poor arguments.
But everyone knows Mac's don't get Virus's
Apples glossy PC Vs Mac adverts told me so...
That's 'cos anyone who believes that tripe deserves all they get! Those Apple ads are an utter pile of puppy-poop. Every computer, EVERY COMPUTER, has some point of entry that the scumbags can get in. If you believe what Lord Jobs and his acolytes say and take it as gospel, you are a fool!
If you buy a diesel car you make sure you always go for the black or yellow pumps, you stick "green" pump in it and it's going to go a bit funny! Same with PCs, you buy it and expect it to look after itself as Lord Jobs says it will, you will be in a world of pain in no time!
Oh and I own four Macs by the way, it's still the best O/S I have used in 25 years of IT, I have just been burned too many times by IT equipment to take PR bullshit as written!
Technically I guess it isn't a virus, but then again, I can't remember the last time that I actually saw a real live Wintel virus (these internet days you'd be surprised how few miscreants try to do naughty things to my bootsector :)
Doesn't appear particularly dangerous either... I guess the mactards should start being worried when it isn't news anymore whenever a random useless Mactel trojan pops up.
The days of bad English has went...
"But everyone knows Mac's don't get Virus's"...? Mac's what? Virus's what?
And by the way, this is a trojan. not a virus. Show me an actual OS X virus... I thank you.
> But everyone knows Mac's don't get Virus's
They don't. This is a trojan. Maybe you should learn the difference, and actually read the article next time.
Used Macs since 1989
Never had a virus, trojan or other exploit. Is that safe enough for you?
I refer M'learned fanboi to
The answer I give any user who says this,
'That you know of'.
Sure it's less likely on a Mac but it's not unheard of and I've been clening Macs for years after idiot users managed to catch nasties.
"And by the way, this is a trojan. not a virus. Show me an actual OS X virus... I thank you."
"hey don't. This is a trojan. Maybe you should learn the difference, and actually read the article next time."
That's the best you can come up with? Arguing about semantics? Ye-gods. You must be big time fanboys...
Viruses != trojans (although they are both nasty!)
That's not semantics, it's like saying "bread != cheese (although you can eat them both)"
I just love the fact that a new trojan for the mac is 'news' whereas a new trojan for windows is not :D
I know the article says only low threat level, but...
I'd like to add a heartfelt 'LOL' to the fray.
where can i download this ??
I could do with this on USB stick
You've got all you need to build it yourself. It is EASY to create a program that does something the user wouldn't want it to if you can trick the user into (a) Downloading and installing the thing (b) Dutifully typing their admin password when prompted.
This isn't even worthy of the term "hack". The sad fact is, this is simple - the fact is that Mac users don't do "b" half as readily as PC users believe. Just because someone is using a Mac don't think they are stupid, or that they only bought it "because it was shiny". Maybe they know a little more about computers than you think - maybe, just maybe they know more than you do.
I probably shouldnt bother
here this might help
In that case PCs are safe
Since Vista and 7 both ask before installing anything. Oh but know, I bet that is diffrent in your world.
You'll also need an admin password for every machine you plan to infect.
(or get the owner to install it and then hope that they don't run "Software Update" before they try to launch the app - they're bound to twig that it hasn't updated...)
RE: In that case PCs are safe
"Since Vista and 7 both ask before installing anything."
I can think of several real-world examples of programs that do nasty things on Vista without asking for an admin password...
an earlier poster already gave the game away :)
and on high security machines
They still don't
Macs still don't get self installing viruses or any other kind of nastiness that is so common on Windows.
The only way to get malware of any kind on a Mac is to manually install it, and enter your Admin password.
I have no sympathy for idiot users, but Macs are still inherently secure.
Most Windows PCs outside of a well managed corporate environment seem stuffed with all sorts of garbage.
I like a user who admits they are an idiot--in print!
"I have no sympathy for idiot users, but Macs are still inherently secure."
Then you're saying you have no sympathy for *yourself*, because macs are not secure--they're simply not attacked as much.
Look at Pwn to Own. Macs have fallen 3 years in a row, usually first.
Of course, to be fair, perhaps you aren't using the dictionary defintion of secure: "free from danger or risk". Well, I suppose in that sense a baby in a rich man's house is more secure than a baby in a war zone--unless the baby in the war zone is in a Bolo of course...
But if you mean "impregnable: immune to attack; incapable of being tampered with" then you are living in a dream world, as Pwn to Own clearly demonstrated.
So which meaning of secure are you using? Think carefully now...
RE: I like a user who admits they are an idiot--in print!
Obviously, no system is inpregnible to attack.
Windows certainly isn't.
Even ATMs are NOT inpregnible to attack. A colleague of mine once had a job in a team trying to hack them (on behalf of the manufacturers).
Using a robotic arm, a gun, an xray scanner, a machine that could freeze things to about 20 degrees above absolute zero and a few other pieces of high tech equipment, they managed to crack the encryption. They needed to see the motherboard schematics first though.
OSX may not be quite that secure but ask yourself this: why is the %age of viruses, trojans and malware on Windows so much higher than their market share would predict?
- Review Is it an iPad? Is it a MacBook Air? No, it's a Surface Pro 3
- Hello, police, El Reg here. Are we a bunch of terrorists now?
- Video of US journalist 'beheading' pulled from social media
- Netflix swallows yet another bitter pill, inks peering deal with TWC
- The Register to boldly go where no Vulture has gone before: The WEEKEND