Feeds

back to article 'Kissing couple' Trojan sent to slurp fanbois' data... Syrian Electronic Army fingered

A “low risk” Mac Trojan seemingly linked to the Syrian Electronic Army has surfaced on the web. The Mac-specific Trojan comes disguised as a picture of a kissing couple. If opened, it creates a back door on compromised Apple computers. "This appears to be a targeted attack, though the method of delivery is not yet known," a …

COMMENTS

This topic is closed for new posts.
Bronze badge
Devil

Kissing couple??

Everyone knows that a kitten's photo would be more effective among Mac users :-P

5
0
Alert

Now that OSX is becoming

So prevalent, it will be interesting to how the Apple users deal with more and more social engineering style attacks.

I think, perhaps, the 'we can't get viruses' attitude will not help them when their computer asked them for their credentials.

UAC did help PC owners, but the only protection from stupidity is to take away the 'A'

5
2
Byz

Re: Now that OSX is becoming

DOH!

this is a trojan not a virus!!!

1
7

Re: Now that OSX is becoming

Hah! - so you are saying that the "we can't get viruses" attitude does not apply ? (Is this because, like with all PC users, all Apple users know the difference between a trojan and a virus?)

It doesn't matter what the OS is going to do with the credentials supplied, the fact that users will enter them without a thought doesn't matter whether it's a trojan, a browser hijacker or anything else potentially nefarious .

You could also say that once the trojan starts receiving commands from the control centre and enters into active email sending, DNS poisoning and local network scanning that it is potentially 'self-replicating' and hence worthy of the term 'virus'.

In any case it's the attitude of trust I was entering in for debate, not a debate about malware terminology.

4
2
Byz

Re: Now that OSX is becoming

Viruses install themselves without the need of a user (because the system is vulnerable)

Trojans rely on the weakest security link Humans.

Macs are just a shell around BSD UNIX. UNIX from it's inception was designed to run on networks and thus if configured correctly is very secure (as it has had over forty year of bug fixes). The internet was built on UNIX.

PC's were never designed to run on networks and this has always been their Achilles heal. PC's only really started using the internet in the 90's (as Microsoft didn't like the internet and had it's own version MSN) prior to that I had to use either UNIX or VMS.

:)

1
0

This post has been deleted by its author

Re: Now that OSX is becoming

I see that you want to needlessly PC bash, but get some facts straight.

"Self propagation" does not have to exploit a software or hardware vulnerability. They can still exploit humans. A Virus that emails itself as a payload in a trojan is still a virus.

Trojans are simply a method of obfuscating the payload. For example, if you ordered a giant wooden horse from Amazon - it might well come full of soldiers.

I think as the volume catches up, then we will see more social engineering on all platforms, OSX, Linux even cars, PVR's and home automation. That's just common sense... there will always be scammers and hustlers and people will always get tricked.

1
1

Re: Now that OSX is becoming

Wow - Mac' are secure because UNIX was designed to be secure. That's funny. You realize that UNIX was designed in the 60's right?

PCs running XP and later are based on Windows NT which is a modern, server based OS.

1
3
Byz

Re: Now that OSX is becoming

However UNIX has been tested for longer :)

1
1
Byz

Re: Now that OSX is becoming

On Macs you don't have root privilege unless you enable it.

Thus a Virus cannot gain root, without the user actually turning it on (Question have you ever used UNIX?).

So a virus could do some damage but it never gains root access thus cannot actually take control of the whole system.

On PC's (including NT derivatives) you are Administrator out of the box unless you make a new user account (I know this as I used to be a windows System Admin for some very large companies). The average PC user doesn't know this and always login (if they've even set up a login) as Administrator.

Thus from pure logic alone you can deduce that User interaction is required to wreak your security on a Mac, on PC's it's already been done for you.

I'm not bashing PC's I'm telling you what the security situation is.

:)

1
1
Anonymous Coward

Re: Now that OSX is becoming

So why do NASA only use old computers and operating systems in their manned missions?

Because they are old enough for most bugs to have been found by testing and documented, they learnt from the Apollo landings that new means unreliable.

0
2

Re: Now that OSX is becoming

I haven't used UNIX in years (sadly), but I use Linux daily. And I'm usually logged in as root!

I haven't touched a Mac in years (happily). Doesn't the running user have, pretty much, root privileges?

0
0
Silver badge

Re: do NASA only use old computers and operating systems

It's got less to do with the bugs that the other testing surrounding the installation of various systems. IIRC the problems you expect to encounter in space before the first experiment are well understood and mitigated. What turns out to be the most difficult issue is usually overlooked: vibrational issues from the stress of launch. Also older, higher voltage systems provide more stability once you are beyond the protection of the Van Allen belts.

0
0
Bronze badge

Re: Now that OSX is becoming

not unless they turn root on. See <http://support.apple.com/kb/HT1528?viewlocale=en_US&locale=en_US>. Note that the subtitle is, and I quote, "The root user in Mac OS X is disabled by default. Follow the steps in this article to enable and use it, if needed."

If you're set up as an admin user, you have lots of power, but you aren't root, and there are things you can't do without entering your admin password, (notably installing or deleting certain classes of software) and other things you can't do at all (notably making almost any major change in the running OS).

If you run as root you have no restrictions whatsoever.

1
0
Bronze badge

Re: Now that OSX is becoming

"Macs are just a shell around BSD UNIX."

True, a broken, security wise *BSD Unix.

Spoken from a Mac user, Linux user, Windows user and *BSD user, as well as *real* Unix user.

In short, a BOFH.

I've known since it's inception that OS X was vulnerable by many, many exploits. The list only increased and modestly decreased over time. The only thing protecting it from mass exploits was its market share.

That market share has increased.

My use of multiple layers of protection that begins with me, then antivirus/anti-malware and ends around my firewall continues since before OS X existed.

The bastards might get in, but one of my IDS and IPS systems will detect them.

I reserve the right to decompile their toy and use it against them just out of pure spite.

1
1
Bronze badge

Re: Now that OSX is becoming

"That's just common sense... there will always be scammers and hustlers and people will always get tricked."

Tell me about it!

Just yesterday, my wife got an interesting letter via Royal Mail.

Strange, as we live in the US and it was airmail.

It guaranteed her $100000 if she called the UK number and followed their "security measures".

Strangely enough, the UK postal codes don't match the mythical address. Nor did the meter number on the printed label postage.

I took the liberty of contacting the UK embassy with an offer to assist UK law enforcement in shuttering their operation and seeing to it that they get to wither under the baleful eye of the judiciary.

1
0
Bronze badge

It's Intego

That bunch of incredibly unethical, even for A/V scamware merchants, criminals used to have a list (now removed after man, many, MANY people pointed and laughed) of all the malware their 'product' 'defended' against. On said list were malware dating from the 1980s (Scores, WDEF, nVIR...) which simply could not run on Macs running any OS past System 6. In some cases, past System 5. In one particular case (Scores) past System 4. They 'protected' against SevenDust, and the AutoStart worm, from 1998... both of which absolutely positively won't run on OS X _even if you were running Classic_. As Apple killed Classic quite some time back, something like 80% of the malware Intego 'protected' against wouldn't run... and since Apple killed support for first Motorola 680x0 and then PPC code, not only won't they run, they won't even _install_.

If that bunch says something, I figure that it's a lie to try to flog their product... which is more dangerous than most malware. On numerous occasions my guys had had to fix client's Macs after an Intego product Did Something Silly(tm). The _first_ thing our techs do when they hear that a client has certain problems is to check for, and remove, Intego 'products', and to tell the client why. Those morons at Intego are actively dangerous.

0
0
This topic is closed for new posts.