or Connect
AppleInsider › Forums › General › General Discussion › New Mac trojan found to exploit same Java weakness as 'Flashback'
New Posts  All Forums:Forum Nav:

New Mac trojan found to exploit same Java weakness as 'Flashback'

post #1 of 24
Thread Starter 
A new piece of malware that takes advantage of a well-documented Java vulnerability has been found on a website dedicated to the Dalai Lama, with the trojan able to install itself on an unwitting Mac user's computer to capture keystrokes and other sensitive data.

Dockster
Screenshot from a Google cache of the gyalwarinpoche.com webpage. | Source: F-Secure


Dubbed "Dockster," the malware was first found by antivirus and security firm Intego to have been uploaded to the VirusTotal detection service on Nov. 30. At the time of its discovery, the remote address associated with trojan was not active, possibly indicating that the code's creators were testing whether it would be detected, but as of this writing the malicious code is now "in the wild."

As noted in a separate report from F-Secure (Flashback exploit from September 2011. Dockster leverages the same Java vulnerability to drop the backdoor onto a Mac, which then executes code to create an agent that feeds keylogs and other sensitive information to an off-site server.

In the case of Flashback, which was also discovered by Intego, a reported 600,000 Macs were affected before both Apple and Oracle released a Java patches to remove the malware and protect against future attacks.

Although the newly-found Dockster takes advantage of an already fixed weakness, users who haven't yet updated their Macs or are running older software may still be at risk.
post #2 of 24

1000

Originally posted by Marvin

Even if [the 5.5” iPhone exists], it doesn’t deserve to.
Reply

Originally posted by Marvin

Even if [the 5.5” iPhone exists], it doesn’t deserve to.
Reply
post #3 of 24

Apple really needs to release a tool for novice owners that removes Java completely from the OS and modifies Software Update to not reinstall it.

post #4 of 24

They already did that.

post #5 of 24
Quote:
Originally Posted by Brian Jojade View Post

They already did that.

 

If you are replying to my comment about uninstalling Java, no, Apple hasn't done that.

 

I think you are confused with the update to remove the Java web plug in.

post #6 of 24
Tallest Skil, thanks for the screen shot. Any screen shots for the other popular browsers (FF and Chrome)?
post #7 of 24
Another very poorly written and edited article.

For example, is the remote server now on line? That's not clear.
post #8 of 24
Originally Posted by scalpernt View Post
Tallest Skil, thanks for the screen shot. Any screen shots for the other popular browsers (FF and Chrome)?

 

Yep. Man, these are unnecessarily complex, aren't they?

 

Chrome:

1000

 

Firefox:

1000

 

Thanks to the Mac|Life page (from two years ago) for these.

Originally posted by Marvin

Even if [the 5.5” iPhone exists], it doesn’t deserve to.
Reply

Originally posted by Marvin

Even if [the 5.5” iPhone exists], it doesn’t deserve to.
Reply
post #9 of 24
Just had an awesome idea. What if you're a well-known anti-virus software maker and you want to drum up business. What to do? What to do?

AHA! Wouldn't it make sense to write viruses, distribute them as widely as possible, then alert the unwashed masses to the new threat? You know, so you look like a hero and all.

OMG. I sure hope those anti-virus software makers aren't reading this forum.
What have I DONE!???

Sent from my iPhone Simulator

Reply

Sent from my iPhone Simulator

Reply
post #10 of 24

I finally decided it was time to just remove Java from all my computers.

   Apple develops an improved programming language.  Google copied Java.  Everything you need to know, right there.

 

  MA497LL/A FB463LL/A MC572LL/A FC060LL/A MD481LL/A MD388LL/A ME344LL/A

Reply

   Apple develops an improved programming language.  Google copied Java.  Everything you need to know, right there.

 

  MA497LL/A FB463LL/A MC572LL/A FC060LL/A MD481LL/A MD388LL/A ME344LL/A

Reply
post #11 of 24
Originally Posted by SockRolid View Post
OMG. I sure hope those anti-virus software makers aren't reading this forum.
What have I DONE!???

 

Don't worry. They've had that idea before.

Originally posted by Marvin

Even if [the 5.5” iPhone exists], it doesn’t deserve to.
Reply

Originally posted by Marvin

Even if [the 5.5” iPhone exists], it doesn’t deserve to.
Reply
post #12 of 24

Yet another reasons to stay away from Java.

 

Served me since 1998....

post #13 of 24

I can totally deal with an additional trojan every year. 

 

What are we up to now? 6?

 

But if you're already enjoying iOS for a lot of your surfing, you can dial that number back down to 0. 

post #14 of 24
Quote:
Originally Posted by John.B View Post

I finally decided it was time to just remove Java from all my computers.

I did that for about a month... then I realized I needed it to administer our firewall. There are some things you are stuck with Java for; I compartmentalize things into isolated VMs where it is practical, but there is only so much you can do.

The average user though... dump it and don't look back. I killed Flash too...
post #15 of 24
Quote:
Originally Posted by SockRolid View Post

Just had an awesome idea. What if you're a well-known anti-virus software maker and you want to drum up business. What to do? What to do?
AHA! Wouldn't it make sense to write viruses, distribute them as widely as possible, then alert the unwashed masses to the new threat? You know, so you look like a hero and all.
OMG. I sure hope those anti-virus software makers aren't reading this forum.
What have I DONE!???

Then I'd have to kill you ....
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini, SE30, IIFx, Towers; G4 & G3.
Reply
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini, SE30, IIFx, Towers; G4 & G3.
Reply
post #16 of 24
Quote:
Originally Posted by OriginalMacRat View Post

Apple really needs to release a tool for novice owners that removes Java completely from the OS and modifies Software Update to not reinstall it.

They did one better. They stopped installing it at all.

Trouble is that folks do it on their own and then don't update it properly because its not in software update

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply
post #17 of 24
Quote:
Originally Posted by SockRolid View Post

Just had an awesome idea. What if you're a well-known anti-virus software maker and you want to drum up business.

Old trick. Old paranoia.

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply
post #18 of 24
I go to one chat that still uses Java once a week through Safari. I just disabled Java though if I enable Java temporarily, am I at risk. Just curious.
post #19 of 24
@john.b : don't forget to cut it off the Internet, shut it down, remove the CPU and melt it in a fire. You never know.

Reminder to anyone with a brain: Java is a great language, that still represents a threat to Microsoft's .Net (you know, that huge reason why the Mac doesn't make it much to the Enterprise World). Java also means portability, which makes it a threat to Apple's AppStore.

I don't want a world where Apple prevents the base user from installing whatever it wants and you can't run whatever you decide to run (right now, you actually need to command click before you run "external party" software!)

Apple's behaving (in the interest of the user, yeah right, IE6 powers the average user to the Interwebs, in other news) in a very scary way, and it's our call to tell them that the boundary lies here. I want more Macs. I do'nt want Macs that are limited computers, I have iPads for that purpose.

Social Capitalist, dreamer and wise enough to know I'm never going to grow up anyway... so not trying anymore.

 

http://m.ign.com/articles/2014/07/16/7-high-school-girls-are-kickstarting-their-awa...

Reply

Social Capitalist, dreamer and wise enough to know I'm never going to grow up anyway... so not trying anymore.

 

http://m.ign.com/articles/2014/07/16/7-high-school-girls-are-kickstarting-their-awa...

Reply
post #20 of 24
Thanks for the tip. Uninstalling Java.
post #21 of 24
Quote:
Originally Posted by lightknight View Post

@john.b : don't forget to cut it off the Internet, shut it down, remove the CPU and melt it in a fire. You never know.
Reminder to anyone with a brain: Java is a great language, that still represents a threat to Microsoft's .Net (you know, that huge reason why the Mac doesn't make it much to the Enterprise World). Java also means portability, which makes it a threat to Apple's AppStore.
I don't want a world where Apple prevents the base user from installing whatever it wants and you can't run whatever you decide to run (right now, you actually need to command click before you run "external party" software!)
Apple's behaving (in the interest of the user, yeah right, IE6 powers the average user to the Interwebs, in other news) in a very scary way, and it's our call to tell them that the boundary lies here. I want more Macs. I do'nt want Macs that are limited computers, I have iPads for that purpose.

Don't worry dude, you are still free to install Trojans.

Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
post #22 of 24
If someone published an article about every new exploit for an already patched vulnerability in Windows, the internet would explode.
post #23 of 24
Quote:
Originally Posted by lightknight View Post

@john.b : don't forget to cut it off the Internet, shut it down, remove the CPU and melt it in a fire. You never know.
Reminder to anyone with a brain: Java is a great language, that still represents a threat to Microsoft's .Net (you know, that huge reason why the Mac doesn't make it much to the Enterprise World). Java also means portability, which makes it a threat to Apple's AppStore.
I don't want a world where Apple prevents the base user from installing whatever it wants and you can't run whatever you decide to run (right now, you actually need to command click before you run "external party" software!)
Apple's behaving (in the interest of the user, yeah right, IE6 powers the average user to the Interwebs, in other news) in a very scary way, and it's our call to tell them that the boundary lies here. I want more Macs. I do'nt want Macs that are limited computers, I have iPads for that purpose.

 

The market thinks otherwise. 

post #24 of 24
Quote:
Originally Posted by John.B View Post

I finally decided it was time to just remove Java from all my computers.

 

You're in for the same surprise I got when you try to start Photoshop.

New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: General Discussion
AppleInsider › Forums › General › General Discussion › New Mac trojan found to exploit same Java weakness as 'Flashback'