DIY crimekit brings advanced malware to Mac OSX A crimeware kit discovered over the weekend promises to bring a flood of advanced malware that steals passwords and other sensitive data from computers running Mac OS X. The kit is being advertised as the Weyland-Yutani Bot in underground crime websites, where it's being sold for $1,000. The first ever crimeware kit for the Mac …
This isn't a "drive-by" attack, there is outright social engineering involved to get someone to run this app, and as we all know once you can convince a user to run a program, all bets are off.
Furthermore, once it is on a system, to remove it all you do is kill the task and delete the program right there in applications.
I have no doubt that something truly nasty for OSX is coming someday, but this still isn't it.
Again, a little social engineering will make this extremely difficult. If such malware on a Windows box will spoof the name of a legit process to make hunting for it a needle in the haystack, I can't see how that cannot be done with Macs.
Again, in the end it's all PEBCAK. If the end user is properly educated, then this can be averted.
This post has been deleted by its author
I know how to do pretty much anything in Windows (10 years IT support) but would need to look up how to kill a task in OSX, its not something I have needed to know. So if I don't know it will less technical users?
Also PC's are available with Linux installed, Macs have a choice of OSX or OSX...
There are multiple methods for killing tasks and apps on Macs:
1. Applications --> Utilities --> Activity Monitor. This is a full-on task manager, with a fancy GUI.
2. OPT+CMD+ESC (the Mac equivalent of CTRL+ALT+DEL) brings up an app killer. (It only lists apps, but it's quick and easy to remember.)
3. Apple Menu -> Force Quit... (brings up the same box as 2, above.)
I work with a lot of beta-grade software and, believe me, buggy software can crash OS X just as easily as it can crash Windows 7. (I run both.)
"At least Mac users chose their OS"
Mac users get OSX. PC users get Windows. The choice of OS is what hardware you buy. Then there are the free-thinkers than can install Linux (or other OS) on either set of hardware just the same.
However, the difference is the cost of such hardware. The Core i7 system punted at the Apple Store costs a fair amount more than the Windows-laden Core i7 system punted at the local shop, even though the internals are (roughly) the same. It just depends on whether you want a white computer or an assorted-color/style one and don't mind having Windows (hopefully 7 at least) on it.
You mean you trust users?!!!
You only need to see the number of people repeatedly being taken in by the "See who viewed you profile" and the topical "See Bin Laden execution" link worm on facebook to see that users of any platform are:
1) Stupid
2) Don't learn even if you explain it to them with a length of 4 by 2.
Combine something like that with an exploit and away you go!
As the old saying goes, remember that 50% of the population are of below average intelligence.
That El Reg will not have this problem. --Or any of my websites. I use both mac and PC (mostly mac), and all the porn i browse, I haven't one caught anything nasty. ...Makes me want to watch Southpark S12-E06 Over Logging What ever happened to the days of social engineering over the phone? On another unreleated note... I still use .co.uk for the reg's address
I feel I should start over again..
WOOOO! Let me type my password in to install this program.
--Little snitch wants to know if you want x-program to connect to im-stealing-your-accounts.com <allow> <deny>
...come to think of it, I should warn my tech-retarded brother not to click on allow.
Paris; because, everyone needs to start from the beginning every now and again.
more like a trojan, the file is downloaded and finder unzips it, then it asks if it shall be installed.
First question, did I download it myself? No!
Second question, should I answer yes? NO!
Easy to avoid, isn't it? Windows, Linux or OS X, some common sense should be applied.
...you have to type in your user name and password to run it.
It's still a million miles from Windows where one click and you're done, without even knowing it.
Most Mac users I know are sensible enough to not run as administrator either so an immediate second defence.
Must be a slow news day...
This post has been deleted by its author
To install anything on a Mac you have to choose to start the installation running and type in a password. Then, the first time you run the software Mac OS warns you it was a file downloaded from a website and asks you to confirm you want to run it.
You'd have to be pretty dense to accidentally do all.
AGREED - every time I open anything that I downloaded from a legitimate, trusted source, it complains that the software was downloaded from the Interwebz yesterday and am I *SURE* I want to run this. If the software runs and wants to do anything out of the sandbox (say, make permanent changes) I'm asked to put in my user name and password. Admittedly, wrapping it into a legitimate install of bogusware will catch a user unawares, but I suppose Apple circumvents that process a little with the Mac App Store that seems to be all the rage.
Apparently there's a lot of mac users out there who are sensible enough not to install random programs.
I have not met any of these, could someone please point me at them?
Joking aside, I'd say that the ratio of tech-savvy users to, er, the type of person who will click on any banner ad is about the same among my windows using and OSX using friends/family. so I'd expect this crime kit to be about as effective on apple users as it is on windows.
This post has been deleted by its author
This post has been deleted by its author
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
