First-ever malicious OSX Trojan

Posted:
in macOS edited January 2014
Intego Security Memo - Symantec Security Response



Liberace once had to pay the price of growing popularity too.

Comments

  • Reply 1 of 6
    I'm worried about that thing. I have never used a Mac computer and was planning on buying one really soon until now. So I wanted some info to convince me to still go mac. Is it still safe to use a mac computer and how do I avoid this trojan? The phishing thing, a similar site , makes me feel uncomfortable. Yes, I have gone to porn sites on my XPS m170 soon to be 2 year old computer and seen the download the codec thing. As far as I remember I never clicked to download, I would click the back button several quickly to avoid seeing it again. It is my fault on that part. That's why I'm looking for a computer namely a mac. I set one of my goals to avoid looking at porn sites. The new experience to a mac computer might haunt me with the leopard's critcized firewall and this trojan. So I don't want to waste my money on a new computer if it is going to get dirty and infected. Let me know about the security of mac computers. Sorry for being a newb. Thank you.
  • Reply 2 of 6
    GreenPFlyer:

    Mac OS X is one of the safest platforms. EG: no viruses. 1 trojan, on the whole web.



    That said, if you are still nervous, wait until 10.5.1 which will hopefully fix the firewall issue.



    You are still like 1000x safer on a Mac than Windows X. That's a fact.



    And FYI, I look at porn fairly often.



    As for Phishng, use Firefox, and make sure phishing detection is turned on.
  • Reply 3 of 6
    pbpb Posts: 4,234member
    We have been over this again. Who in his right mind would give its admin password when asked by a random porn, or whatever, site? And because of this, I am not even sure if this qualifies as real trojan, since it does not requires just user interaction through social engineering, but his consent by providing the ADMIN password. Sorry, this kind of vulnerability is generic and affects any computer system.



    The rage out there is quite obvious. But they need to try harder.
  • Reply 4 of 6
    MarvinMarvin Posts: 14,431moderator
    Quote:
    Originally Posted by PB View Post


    We have been over this again. Who in his right mind would give its admin password when asked by a random porn, or whatever, site? And because of this, I am not even sure if this qualifies as real trojan, since it does not requires just user interaction through social engineering, but his consent by providing the ADMIN password. Sorry, this kind of vulnerability is generic and affects any computer system.



    The rage out there is quite obvious. But they need to try harder.



    I agree, I don't think it even counts. Social engineering is not the same thing as a Trojan app where you maybe download a jpg and it runs some piece of code. This is an actual application that you have to run and install.



    It just shows how eager and frankly pathetic security companies are to pounce on every possible vulnerability the Mac gets when they target non-vulnerabilities like this. Even though it's from the same place as the Windows version, it's still not even as bad:



    "However, the Windows version is a bit nastier as canceling the download only causes the pop-up to reappear."
  • Reply 5 of 6
    Quote:
    Originally Posted by GreenPFlyer View Post


    I'm worried about that thing. I have never used a Mac computer and was planning on buying one really soon until now. So I wanted some info to convince me to still go mac. Is it still safe to use a mac computer and how do I avoid this trojan? The phishing thing, a similar site , makes me feel uncomfortable. Yes, I have gone to porn sites on my XPS m170 soon to be 2 year old computer and seen the download the codec thing. As far as I remember I never clicked to download, I would click the back button several quickly to avoid seeing it again. It is my fault on that part. That's why I'm looking for a computer namely a mac. I set one of my goals to avoid looking at porn sites. The new experience to a mac computer might haunt me with the leopard's critcized firewall and this trojan. So I don't want to waste my money on a new computer if it is going to get dirty and infected. Let me know about the security of mac computers. Sorry for being a newb. Thank you.



    Let's see how many trojans and viruses are in the wild:



    Mac OS X: 3 (in existence)

    Windows: 10,000 (PER YEAR)



    Still having a difficult time deciding?
  • Reply 6 of 6
    Quote:
    Originally Posted by OccamsAftershave View Post


    Liberace once had to pay the price of growing popularity too.



    It has nothing to do with that what so ever! Pretending like it does only shows ignorance and spreads the urban myth



    This does NOT pertain to Macs security. It pertains to social engineering and stupidity pure and simple. The sky is not falling so don't blow this molehill into a mountain. A trojan is NOT a virus! It is simply one thing pretending to be another. If you don't want to worry about it then don't go downloading strange things if you don't know their origin, and you certainly shouldn't be using your admin password to download questionable things from the net. When you get a e-mail from a spammer and they include an attachment, do you run and open it, or do you delete it? Same rule applies here. This is NOT a Mac security issue. Anything social engineered can apply to any operating system, and anyone stupid enough to fall for their schemes will be vulnerable. The only thing different between this trojan and others is that it targets stupid mac users instead of stupid windows users. A little common sense goes a long way on the net
Sign In or Register to comment.