It's malware currently set up to spoof a legitimate looking PDF, but it can just as easily be modified to show as about any other file type. So far no worries, but take the advice not to open any emailed/forwarded attachment file you didn't expect even if you think you may know the sender. Easy to ask a known sender what they attached, and why open something from someone unknown?
So I haven't inherited $65,000,000 from a lonely widow in Nigeria who has no-one else to leave the money to...
I'll split the millions I'm getting for assisting the former Prime Minister of the Sudan if you'll give me a little good-faith money upfront.
As soon as this $20,000 bank cheque from Burkina Faso clears, I had to send the change from an EBay sale via Western Union, so I'm a bit strapped for cash right now.
Does anyone really care? The chances of actually getting a virus, Trojan etc are so remote I've never bothered using security software on mac or pc. Every 2 or 3 years I might install some and do a scan, but this has always just confirmed to me that av is pointless as my machines have still never been infected.
Thanks, Little Snitch, for making my computer impervious to Mac malware.
Coda+Hype for Dreamweaver+Flash. Pixelmator for Photoshop. Final Cut Studio for Adobe's video crap.
Illustrator? Eh? find an old copy of the software that Illustrator used to be before Adobe bought it. It's supposedly better than Illustrator ever was.
Nice list of alternatives, but with a small correction: Adobe actually created Illlustrator, and I used it as early as 1986 in it's debute 1.0 version.
Could be you were thinking of Aldus FreeHand, later Macromedia, and later still, Adobe FreeHand... which they unfortunately decided to kill by refusing to update it. FreeHand was and still is a far better vector program than Illustrator. What's worse is that I as well as many of my clients are stuck on Snow Leopard with no chance of upgrading to Lion due to the lack of Rosetta. We're talking a few million FH documents between us all, that even if and when we decide to pull them into Illustrator, we many times have to recheck the original file in FH to see that it converted correctly.
Whatever... sorry for the off-topic... but Adobe has become a total PITA, regardless of Photoshop and Lightroom. And no, Pixelmator... while great and I seriously support their efforts... it is still not PS.
Thanks, Little Snitch, for making my computer impervious to Mac malware.
Coda+Hype for Dreamweaver+Flash. Pixelmator for Photoshop. Final Cut Studio for Adobe's video crap.
Illustrator? Eh? find an old copy of the software that Illustrator used to be before Adobe bought it. It's supposedly better than Illustrator ever was.
Thank you for the suggestions. I rarely touch DW. I mostly code in Coda and sometimes mess with Vim and PHP Storm. I don't see Pixelmator as a real replacement for Photoshop but maybe I'll take another look. I hate illustrator, drives me crazy that the interface is so different from PS... Same problem with FW. This is getting too off topic for this thread but thanks again for the suggestions.
I wonder if this trojan can be activated if you preview the PDF with Quick Look? I love Quick Look, it's one of OSX's main feature that makes it much better than Windows.
If you click the link there in the PC Viruses box, and read on, it explains how OS X scans downloads and warns you of a download containing an application. Which, in my use of OS X, it does do that.
Apple is pretty misleading with the "...without any work on your part" sentence though. I don't like it.
I have been using ESET's NOD32 for quite some time now and havent seen any real resource hits.
When people ask me what I do, I tell them I run ESET; even if it will just pick up on malware people have on their flash drives when they plug it into my Mac to transfer something. It may just help in the spread of malware by doing that, so it's worth it.....even if it was slightly more than zero work on my part.
If you click the link there in the PC Viruses box, and read on, it explains how OS X scans downloads and warns you of a download containing an application. Which, in my use of OS X, it does do that.
Apple is pretty misleading with the "...without any work on your part" sentence though. I don't like it.
I have been using ESET's NOD32 for quite some time now and havent seen any real resource hits.
When people ask me what I do, I tell them I run ESET; even if it will just pick up on malware people have on their flash drives when they plug it into my Mac to transfer something. It may just help in the spread of malware by doing that, so it's worth it.....even if it was slightly more than zero work on my part.
I think the wording is "With virtually no effort on your part, OS X defends against viruses and other malicious applications, or malware." Could you elaborate on why you don't like it, since it seems to have been true in your experience?
I think the wording is "With virtually no effort on your part, OS X defends against viruses and other malicious applications, or malware." Could you elaborate on why you don't like it, since it seems to have been true in your experience?
I don't have any issue with the marketing statement. It's true IMO. They don't claim to defend against every virus (?) or malware attack, and the protection doesn't require much user interaction, or knowledge of systems and software. Pretty straightforward, and with Apple's recent efforts to being more proactive, most users have less to worry about than the average PC user.
My worry here is that whilst silence is good for Apple's bottom line it does leaves one uncertain that priority is being given to stopping the 'green goblin and his friends'.
The trojan, identified as Trojan-Dropper:OSX/Revir.A, opens a botnet backdoor by tricking the user into downloading and opening a Chinese language PDF file while it installs itself in the background, according to security researchers at F-Secure.
How does this software get installed without prompting the user for an Admin ID/PW? Or does it?
Comments
It's malware currently set up to spoof a legitimate looking PDF, but it can just as easily be modified to show as about any other file type. So far no worries, but take the advice not to open any emailed/forwarded attachment file you didn't expect even if you think you may know the sender. Easy to ask a known sender what they attached, and why open something from someone unknown?
So I haven't inherited $65,000,000 from a lonely widow in Nigeria who has no-one else to leave the money to...
...nooooo!!!!
So I haven't inherited $65,000,000 from a lonely widow in Nigeria who has no-one else to leave the money to...
...nooooo!!!!
I'll split the millions I'm getting for assisting the former Prime Minister of the Sudan if you'll give me a little good-faith money upfront.
I'll split the millions I'm getting for assisting the former Prime Minister of the Sudan if you'll give me a little good-faith money upfront.
As soon as this $20,000 bank cheque from Burkina Faso clears, I had to send the change from an EBay sale via Western Union, so I'm a bit strapped for cash right now.
Thanks, Little Snitch, for making my computer impervious to Mac malware.
Coda+Hype for Dreamweaver+Flash. Pixelmator for Photoshop. Final Cut Studio for Adobe's video crap.
Illustrator? Eh? find an old copy of the software that Illustrator used to be before Adobe bought it. It's supposedly better than Illustrator ever was.
Nice list of alternatives, but with a small correction: Adobe actually created Illlustrator, and I used it as early as 1986 in it's debute 1.0 version.
Could be you were thinking of Aldus FreeHand, later Macromedia, and later still, Adobe FreeHand... which they unfortunately decided to kill by refusing to update it. FreeHand was and still is a far better vector program than Illustrator. What's worse is that I as well as many of my clients are stuck on Snow Leopard with no chance of upgrading to Lion due to the lack of Rosetta. We're talking a few million FH documents between us all, that even if and when we decide to pull them into Illustrator, we many times have to recheck the original file in FH to see that it converted correctly.
Whatever... sorry for the off-topic... but Adobe has become a total PITA, regardless of Photoshop and Lightroom. And no, Pixelmator... while great and I seriously support their efforts... it is still not PS.
Thanks, Little Snitch, for making my computer impervious to Mac malware.
Coda+Hype for Dreamweaver+Flash. Pixelmator for Photoshop. Final Cut Studio for Adobe's video crap.
Illustrator? Eh? find an old copy of the software that Illustrator used to be before Adobe bought it. It's supposedly better than Illustrator ever was.
Thank you for the suggestions. I rarely touch DW. I mostly code in Coda and sometimes mess with Vim and PHP Storm. I don't see Pixelmator as a real replacement for Photoshop but maybe I'll take another look. I hate illustrator, drives me crazy that the interface is so different from PS... Same problem with FW. This is getting too off topic for this thread but thanks again for the suggestions.
Remember to turn off those "Automatically Open when Finished Downloading" options in Safari, Firefox, Chrome, IE.
Not necessary if you have competent anti-malware software. And not effective if you don't, given that the user will just open his download manually.
The solution you propose is illusory.
Since Apple says so. And to quote... "I am a Mac OS X so I don't have to worry about spyware and viruses"
http://www.youtube.com/watch?v=Gm0C0y7Uk10
OSX can't run any spyware?
1) Do you see what the marketing department did there?
Mislead the technophobes?
OSX can't run any spyware?
Of course not. It said so in the commercial.
Mislead the technophobes?
Yes, and they are still doing it. Albeit slightly clearer than before.
http://www.apple.com/why-mac/
If you click the link there in the PC Viruses box, and read on, it explains how OS X scans downloads and warns you of a download containing an application. Which, in my use of OS X, it does do that.
Apple is pretty misleading with the "...without any work on your part" sentence though. I don't like it.
I have been using ESET's NOD32 for quite some time now and havent seen any real resource hits.
When people ask me what I do, I tell them I run ESET; even if it will just pick up on malware people have on their flash drives when they plug it into my Mac to transfer something. It may just help in the spread of malware by doing that, so it's worth it.....even if it was slightly more than zero work on my part.
Yes, and they are still doing it. Albeit slightly clearer than before.
http://www.apple.com/why-mac/
I
Shameless.
Yes, and they are still doing it. Albeit slightly clearer than before.
http://www.apple.com/why-mac/
If you click the link there in the PC Viruses box, and read on, it explains how OS X scans downloads and warns you of a download containing an application. Which, in my use of OS X, it does do that.
Apple is pretty misleading with the "...without any work on your part" sentence though. I don't like it.
I have been using ESET's NOD32 for quite some time now and havent seen any real resource hits.
When people ask me what I do, I tell them I run ESET; even if it will just pick up on malware people have on their flash drives when they plug it into my Mac to transfer something. It may just help in the spread of malware by doing that, so it's worth it.....even if it was slightly more than zero work on my part.
I think the wording is "With virtually no effort on your part, OS X defends against viruses and other malicious applications, or malware." Could you elaborate on why you don't like it, since it seems to have been true in your experience?
I think the wording is "With virtually no effort on your part, OS X defends against viruses and other malicious applications, or malware." Could you elaborate on why you don't like it, since it seems to have been true in your experience?
I don't have any issue with the marketing statement. It's true IMO. They don't claim to defend against every virus (?) or malware attack, and the protection doesn't require much user interaction, or knowledge of systems and software. Pretty straightforward, and with Apple's recent efforts to being more proactive, most users have less to worry about than the average PC user.
The trojan, identified as Trojan-Dropper:OSX/Revir.A, opens a botnet backdoor by tricking the user into downloading and opening a Chinese language PDF file while it installs itself in the background, according to security researchers at F-Secure.
How does this software get installed without prompting the user for an Admin ID/PW? Or does it?