Security firm details new Trojan written for Apple's Mac OS X

13

Comments

  • Reply 41 of 79
    Quote:
    Originally Posted by d-range View Post


    Great, wake me up when a real virus for OS X is developed, one that doesn't require me to manually install and run itself first. No operating system will ever be immune to Trojans, unless you lock it down so tight the user cannot install or run _anything_ without some trusted third-party approving it.



    I've written a Trojan myself, it's very destructive, cross platform on many Unix systems. It will wipe out all your files, and it would be very trivial to have it mail them to me or post them somewhere on the internet as well, but I didn't feel like modifying it for that yet. As a service to all security researchers I'll post the code here, it's called 'please_run_me_to_make_money.sh'



    Code:


    #!/bin/sh



    rm -rf $HOME/*



    echo "U R fscked!"







    Don't tell anyone I wrote it!



    Exactly! I make a distinction between something that requires the user to install it and one that attacks without the user's assistance.



    If a thief comes to my door and rings the bell and I let him just because he asks, then I am responsible for the outcome.



    If a thief breaks into my house while I am gone and the security company had told me the house was break-in proof, well then that is something completely different.
  • Reply 42 of 79
    Quote:
    Originally Posted by nagromme View Post


    These stories come out every so often?and then are forgotten. (A Trojan is simply a lie, and no OS is immune.)



    Remember when the first successful real-world self-spreading Internet virus/worm came out? Me neither?but I know that headline has appeared in the media at least twice since OS X came out. False alarms. And it MAY happen for real one day, but it never has yet.



    As a matter of fact, I do, as far as Windows. It was the Melissa virus in 1999, the one that sent an email titled "I love you!" in the title. Quite the shock to get it from coworkers. There were of course lots of others before that were spread by floppy and network, but that was the first "big" internet virus. I have read about an Internet worm that spread through the world in 1988, a Unix worm, not Windows. The first PC virus was a boot sector virus written by two Pakistani brothers in 1986, who realized ANY instructions written there would be executed. In 1988, I thought PC viruses might be urban legend material, until we experienced one at work.
  • Reply 43 of 79
    Quote:
    Originally Posted by d-range View Post


    Care to point out what part of that is 'simply not true'?



    Edit: I'll help you out, before you waste your time:



    Here's 4 quick searches in the McAfee antivirus database:



    1) 16-bit Windows (what I was referring to when I said MacOS was 'much worse than Windows at that time'):



    http://www.mcafee.com/apps/search/th...=W16&v=malware : 38 threats



    2) MacOS (prior to OS X):



    http://www.mcafee.com/apps/search/th...acOS&v=malware : 86 threats



    3) OS X:



    http://www.mcafee.com/apps/search/th...=OSX&v=malware : 51 threats



    4) 32-bit Windows (just for laughs):



    http://www.mcafee.com/apps/search/th...=W32&v=malware : 1000 threats, but the database clipped the results at 100 pages



    Interesting bit of information RE MacOS. I had read that MacOS was a very challenging environment for viruses and was relatively immune in the early/mid 90s - I didn't use them then.



    I did notice these threats for MacOS were from 2002-2005, which was probably after Apple quit releasing updates for MacOS (2001?). The O/S had been around for awhile, and exploits were found. I am sure many were still using the system, though.
  • Reply 44 of 79
    Quote:
    Originally Posted by Maltz View Post


    The part about the Mac OS 9 having more malware than Windows is the bit that's simply not true. You forgot to include the 1000+ DOS viruses that Win16 was also susceptible to in #1. Clearly, you weren't involved with computers during that time period. lol I'll give you the benefit of the doubt for now and assume you're just badly misinformed and not trolling.



    I've seen my fair share of the DOS world, actually it was my first PC experience (around MS-DOS 5.0). But you are right, I didn't count these. Let's keep it at the observation that OS 9 and before never had a very good security track record and was exploited a lot more than OS X.
  • Reply 45 of 79
    sambansamban Posts: 171member
    Quote:
    Originally Posted by d-range View Post


    That first link in the results for your query nicely show how retarded statements like 'the most dangerous OS is [..]' actually are. The only argument put forward in that 'article' is that OS X has longer patch cycles, and as such it is the 'most dangerous OS'. If there are no security holes that are actively exploited, no signs of anyone with OS getting pwned, and no published, unpatched zero-day exploits know, what difference does it make how long it takes before OS X gets another update? A much more interesting figure would be 'mean time between zero-day exploit and patch', but the 'article' conveniently skips over that and instead makes a sensationalist headline out of nothing.



    Meanwhile, in my active life of using all kinds of operating systems (which is over 2 decades and includes every version of Windows since 3.11, many different Linux distributions, a number of other Unix OS's) and Macs since OS X 10.4, I have seen 1 (one) Linux server with a rootkit (at work), not a single OS X machine with a virus (and I've seen a lot of them, many of my friends and colleagues use macs), yet so many Windows computers with malware, spyware and viruses that I don't even know how many there were. Even the ones with antivirus software (which in my opinion is almost a scam) attract all kinds of bad things.



    From a practical point of view, I think that you can safely say Windows is the most dangerous OS, especially pre-SP2 Windows XP. I don't care about any excuses about marketshare or theoretical exploitability, just measured facts about exploits, and in that aspect, OS X is rock solid.



    Anti-virus is an Industry and Microsoft has a competing product called 'Microsoft Security Essentials' for free, some how I can recall Netscape v/s IE.



    To summarize

  • Reply 46 of 79
    macrulezmacrulez Posts: 2,455member
    deleted
  • Reply 47 of 79
    macrulezmacrulez Posts: 2,455member
    deleted
  • Reply 48 of 79
    Quote:
    Originally Posted by JustReelFilms View Post


    Last time I heard, there is this thing call Mac App Store which Apple happily tests it out for you before it goes out in public. And the new Lion API called Sandboxing and Privilege mode which will be a requiement for developers.



    User stupidity is the best way to get these trojans installed from an untrusted source.



    Whenever a system software update is run on OS X you'll notice it has a signed ssl cert, similar to windows verification mechanisms. I've never understood why this wasn't more widely used, why Apple doesn't require cert verification from all developers & if you download something unsigned it throws up a big warning. I guess the app store is one way to start doing this but I imagined it as something a little simpler where Apple would issue you a cert the system trusted & you simply had to verify with Apple you are who you say you are, similar to getting a cert now from one of the big cert authorities. Then it could be setup so you could say not to allow self signed certs for apps as a default but then turn the feature off if you wanted to go ahead & allow it. You can't protect people from stupidity but in the least you can make stupidity an effort so they can't casually stumble into trouble.



    I know with sandboxing a lot of this is already in place to some degree, but a default option where programs that aren't signed are actually blocked would be nice. Everyone & their mother just clicks right through warning dialogs.
  • Reply 49 of 79
    Wake me up when you have self installing executables for macosx, and can click on a malicious link in a web browser for osx and ruin your system.
  • Reply 50 of 79
    Perhaps the anti virus firms should have finished the Trojan before they started trumpeting it. Tsk! Amateurs!
  • Reply 51 of 79
    dunksdunks Posts: 1,254member
    Quote:
    Originally Posted by AppleInsider View Post


    Hackers have written a new "backdoor Trojan" targeted specifically at Apple's Mac OS X operating system that can allow remote operations and password "phishing," as Mac sales and market share continue to grow.




    Is it called "windows"?



    Zing!
  • Reply 52 of 79
    I like the button that says "owned". I'm going to use it to shrink down Microsoft and Google market share. Hurrah!
  • Reply 53 of 79
    gary54gary54 Posts: 169member
    Quote:



    Nothing times nothing is still nothing. There are currently just over one hundred virus threats for OS, half of which is actually distributed software which *could* be used maliciously. All of the keyloggers fit that description.



    The anti-virus and security software people have to justify their existence somehow for an OS that doesn't have any substantive virus issues to deal with. Yet. That describes a *potential* market for these folks who advertise their product with scare tactics.



    Most dangerous my a**. Based on the length of the update cycle? Compared to what? Window that has new virus's every week? Linux? Which by definition is updated on a continuous basis?



    There are updates when there are reasons for updates. I'm sure when we get to the point that we have to deal with a new virus de jour ... we'll see lots of updates. And that makes it ...errrr ..safer?



    Someone has a rather distorted and self serving view of what constitutes *dangerous* and *safe*
  • Reply 54 of 79
    nkhmnkhm Posts: 928member
    Quote:
    Originally Posted by d-range View Post


    That's funny, because back when OS 9 was still around there were dozens of successful viruses for it, in fact, it was much worse than on Windows, even though Macs had even smaller market share...



    Utter nonsense. There has never been anything other than proof of concept in the history of the mac os. No one has even managed to gain access without physical contact with the machine.



    If anything 7.5 was more secure, more stable than os x.
  • Reply 55 of 79
    nkhmnkhm Posts: 928member
    Quote:
    Originally Posted by d-range View Post


    Care to point out what part of that is 'simply not true'?



    Edit: I'll help you out, before you waste your time:



    Here's 4 quick searches in the McAfee antivirus database:



    1) 16-bit Windows (what I was referring to when I said MacOS was 'much worse than Windows at that time'):



    http://www.mcafee.com/apps/search/th...=W16&v=malware : 38 threats



    2) MacOS (prior to OS X):



    http://www.mcafee.com/apps/search/th...acOS&v=malware : 86 threats



    3) OS X:



    http://www.mcafee.com/apps/search/th...=OSX&v=malware : 51 threats



    4) 32-bit Windows (just for laughs):



    http://www.mcafee.com/apps/search/th...=W32&v=malware : 1000 threats, but the database clipped the results at 100 pages



    It might be worth quoting a source that doesn't make money by scaring people into buying it's services...
  • Reply 56 of 79
    Quote:
    Originally Posted by techno View Post


    Exactly! I make a distinction between something that requires the user to install it and one that attacks without the user's assistance.



    If a thief comes to my door and rings the bell and I let him just because he asks, then I am responsible for the outcome.



    If a thief breaks into my house while I am gone and the security company had told me the house was break-in proof, well then that is something completely different.



    Only in Monty Python skits. In the real world, nobody rings a doorbell and announces "burglar!" Likewise, the writers of Trojans don't label their code as compromising your computer, they sneak it in under false pretenses. Always blaming the user just doesn't cut it.
  • Reply 57 of 79
    Quote:
    Originally Posted by Superbass View Post


    It's great to have a former secret agent such as yourself as a member of AI to share these secrets with us. Do you also sell tinfoil hats?



    Actually he is correct. The virus writers are backed by the virus checker writers. This is common knowledge.



    It's pure capitalism at it's finest. Create a virus then write a checker to get rid of it, then sell that software. In other words create a market and supply that market.
  • Reply 58 of 79
    Quote:
    Originally Posted by MacRulez View Post


    Given that the average price of a PC is $740 and the average price of a Mac is nearly twice that, it's not surprising.



    Here's an equally relevant statistic: Linux has 91% of the supercomputer market.



    EHHHHHHHHHH wrong.



    All computers sold with the CoreDuo processor are actually classed as SuperComputers because their calculations are performed in gigaflops.



    By that reckoning Windows has the lion's share of the supercomputer market.
  • Reply 59 of 79
    macrulezmacrulez Posts: 2,455member
    deleted
  • Reply 60 of 79
    macrulezmacrulez Posts: 2,455member
    deleted
Sign In or Register to comment.