A crimeware kit discovered over the weekend promises to bring a flood of advanced malware that steals passwords and other sensitive data from computers running Mac OS X. The kit is being advertised as the Weyland-Yutani Bot in underground crime websites, where it's being sold for $1,000. The first ever crimeware kit for the Mac …
This isn't a "drive-by" attack, there is outright social engineering involved to get someone to run this app, and as we all know once you can convince a user to run a program, all bets are off.
Furthermore, once it is on a system, to remove it all you do is kill the task and delete the program right there in applications.
I have no doubt that something truly nasty for OSX is coming someday, but this still isn't it.
Manual installation may be required, but your average, not hugely IT literate Mac user is likely to realize how to uninstall it or even realize that the "anti-malware" software is actually responsible...?
I suspect not.
Kill the task?
Again, a little social engineering will make this extremely difficult. If such malware on a Windows box will spoof the name of a legit process to make hunting for it a needle in the haystack, I can't see how that cannot be done with Macs.
Again, in the end it's all PEBCAK. If the end user is properly educated, then this can be averted.
Explain to me...
...just how you expect the average Mac user to be properly educated.
Most of them want to know as little as possible about computers, which is why (in their eyes) they chose to buy a Mac in the first place.
At least Mac users chose their OS
as opposed to Windows users who do not get their OS by choice, they believe it is the PC so I would give Mac users an edge here over Windows users.
I use both
I know how to do pretty much anything in Windows (10 years IT support) but would need to look up how to kill a task in OSX, its not something I have needed to know. So if I don't know it will less technical users?
Also PC's are available with Linux installed, Macs have a choice of OSX or OSX...
@Kay Burley ate my hamster:
There are multiple methods for killing tasks and apps on Macs:
1. Applications --> Utilities --> Activity Monitor. This is a full-on task manager, with a fancy GUI.
2. OPT+CMD+ESC (the Mac equivalent of CTRL+ALT+DEL) brings up an app killer. (It only lists apps, but it's quick and easy to remember.)
3. Apple Menu -> Force Quit... (brings up the same box as 2, above.)
I work with a lot of beta-grade software and, believe me, buggy software can crash OS X just as easily as it can crash Windows 7. (I run both.)
Oh about the coat
The coat ALWAYS gets the down vote.
and for the more adventurous...
We also have the ability to use OSX on our PC as well. I have it, I just don't use it. I get to the desktop at which point I say now what.
Just a note
"At least Mac users chose their OS"
Mac users get OSX. PC users get Windows. The choice of OS is what hardware you buy. Then there are the free-thinkers than can install Linux (or other OS) on either set of hardware just the same.
However, the difference is the cost of such hardware. The Core i7 system punted at the Apple Store costs a fair amount more than the Windows-laden Core i7 system punted at the local shop, even though the internals are (roughly) the same. It just depends on whether you want a white computer or an assorted-color/style one and don't mind having Windows (hopefully 7 at least) on it.
Hmmm... Curious noise....
The sound of a million Ivory towers crumbling.
Nope... that's the sound of...
.... wishful thinking on your part.
If you run untrusted or software from a dubious source then expect this kind of thing. It requires the user to install something. Social engineering aimed at a mac audience.
Nothing to see here. Move on....
You mean you trust users?!!!
You only need to see the number of people repeatedly being taken in by the "See who viewed you profile" and the topical "See Bin Laden execution" link worm on facebook to see that users of any platform are:
2) Don't learn even if you explain it to them with a length of 4 by 2.
Combine something like that with an exploit and away you go!
As the old saying goes, remember that 50% of the population are of below average intelligence.
That El Reg will not have this problem. --Or any of my websites. I use both mac and PC (mostly mac), and all the porn i browse, I haven't one caught anything nasty. ...Makes me want to watch Southpark S12-E06 Over Logging What ever happened to the days of social engineering over the phone? On another unreleated note... I still use .co.uk for the reg's address
I feel I should start over again..
WOOOO! Let me type my password in to install this program.
--Little snitch wants to know if you want x-program to connect to im-stealing-your-accounts.com <allow> <deny>
...come to think of it, I should warn my tech-retarded brother not to click on allow.
Paris; because, everyone needs to start from the beginning every now and again.
Reports about a Virus by somebody selling Antivirus Software are interesting, but may be somewhat exaggerate.
A trojan is quite possible, but not that much of a problem, just take care and check what you run on your computer.
Did anyone notice that this report originated in Kapersky Labs in house magazine?
not really a vulnerability
more like a trojan, the file is downloaded and finder unzips it, then it asks if it shall be installed.
First question, did I download it myself? No!
Second question, should I answer yes? NO!
Easy to avoid, isn't it? Windows, Linux or OS X, some common sense should be applied.
...you have to type in your user name and password to run it.
It's still a million miles from Windows where one click and you're done, without even knowing it.
Most Mac users I know are sensible enough to not run as administrator either so an immediate second defence.
Must be a slow news day...
Re: a million miles from Windows
How's life in 1992 mate?
Social Engineering Never works....
..I mean, just look at Facebook, a beacon of light of users not clicking on any old shit.
To install anything on a Mac you have to choose to start the installation running and type in a password. Then, the first time you run the software Mac OS warns you it was a file downloaded from a website and asks you to confirm you want to run it.
You'd have to be pretty dense to accidentally do all.
AGREED - every time I open anything that I downloaded from a legitimate, trusted source, it complains that the software was downloaded from the Interwebz yesterday and am I *SURE* I want to run this. If the software runs and wants to do anything out of the sandbox (say, make permanent changes) I'm asked to put in my user name and password. Admittedly, wrapping it into a legitimate install of bogusware will catch a user unawares, but I suppose Apple circumvents that process a little with the Mac App Store that seems to be all the rage.
Some software is signed.
Just like the MD5 hashes in Linux repos.
IMHO a good idea and I can stand the extra clicks.
Apparently there's a lot of mac users out there who are sensible enough not to install random programs.
I have not met any of these, could someone please point me at them?
Joking aside, I'd say that the ratio of tech-savvy users to, er, the type of person who will click on any banner ad is about the same among my windows using and OSX using friends/family. so I'd expect this crime kit to be about as effective on apple users as it is on windows.
Sure, there are some geeks (including myself, BTW), who own Macs. But you would have to be a complete muppet to believe that every Mac user thought just like you.
(For those interested in psychology, this is known as the "other minds" problem, and it is something most humans start learning at age two.)
No reason to worry
A Mac user will probably take one look and go PAH I have a Mac, virus only affect windows and simply ignore it.
Btw I am joking (But I guess I will be flamed so I'll be a coward today)
If I manage to trick you into formatting your system partition,
then the OS has no fault. Let's be clear on that. People, please remember the story of the real Trojan horse, one of the oldest social engineering tricks fully documented in the history.
So I should expect Aliens to burst out of my Mac any minute now.
That may not be the scariest thing ...
... perhaps, in that dark future, nobody writing the screenplay bothered to mention that Weyland-Yutani was the new name for Sony.
- Apple: We'll unleash OS X Yosemite beta on the MASSES on 24 July
- Pics It's Google HQ - the British one: Reg man snaps covert shots INSIDE London offices
- White? Male? You work in tech? Let us guess ... Twitter? We KNEW it!
- The END of the FONDLESLAB KINGS? Apple and Samsung have reason to FEAR
- Researcher sat on critical IE bugs for THREE YEARS