'iWorm' malware controls Macs via Reddit, more than 17K affected

1246

Comments

  • Reply 61 of 118
    solipsismxsolipsismx Posts: 19,566member
    ibeam wrote: »
    Well, in my opinion those are valid assertions because they are well documented.

    If it's so well documented show me proof that Apple said that Mac OS X can't get Mac OS X viruses.
  • Reply 62 of 118
    ibeamibeam Posts: 322member
    Quote:

    Originally Posted by SolipsismX View Post





    If it's so well documented show me proof that Apple said that Mac OS X can't get Mac OS X viruses.

    Not necessary because you are on the defensive. Bye.

  • Reply 63 of 118
    enzosenzos Posts: 344member
    Quote:

    Originally Posted by digitalclips View Post





    That's odd, I've used every Apple product other the Apple I and every OS Apple ever wrote going back to the 1970's and never had one, not ever. I have never used any anti-virus software either. My only concession to security other that relying on Apple's built in protection with OS X, is to use Little Snitch so I can say 'no' to attempts web sites make to talk to ad trackers and 90% of the time they are Flash based (even though I have ClicktoFlash). It only takes a second on most web sites.



    Can you list the viruses you are aware of that affect OS X please? I am aware a few were around on Mac OS but I, for whatever reason, not of my three Apple dealerships nor any of my thousands of clients actually ever experienced one. I would totally refute your assertion there were more for Mac OS than Microsoft's operating systems. My dealerships also dealt with IBM PCs from the day they first emerged from Hell.



    Ditto. 100% virus free for 27 years, on company and university networks, and at home. Same for everyone else I've known with a Mac (which is most of my close and distant network of contacts since I work in science research where most 'PCs' are Macs). Ergo, virus infection is a non-existent problem for the Mac; AV software, on the hand IS a problem: don't use it - ever! 

  • Reply 64 of 118
    Originally Posted by AppleInsider View Post

    ...JavaW...

     

    lol. Apple needs to release a mandatory update that makes Java incompatible with all of their platforms.

     

    Originally Posted by ibeam View Post

    No I would rather you go out on the Internet and learn history.

     

    The irony really hurts.

  • Reply 65 of 118
    joshajosha Posts: 901member

    I find it interesting and a bit strange, that a Russian security firm is often involved in the early discovery of malware ! ?

  • Reply 66 of 118
    foggyhillfoggyhill Posts: 4,767member
    Quote:

    Originally Posted by Tallest Skil View Post

     

     

    lol. Apple needs to release a mandatory update that makes Java incompatible with all of their platforms.

     

     

    The irony really hurts.


     

    Java is a security hole waiting to happen. It just only be run in a browser running in a VM since it cannot be relied upon ever. Same thing for Flash, can't belive the number of time I've had to update that "thing" for security reason. Just wish everybody stopped using it so I could live in peace ;-).

     

    BTW, I haven't had a virus or worm on windows machine since 1994; being protected is not just related to the OS you are running.... I've been sitting behind my own home grown Unix firewall machine since 1992, that explains things (was Sco Unix initially, then BSD variants). I'm very good at not running crap or doing something stupid on a computer, even in root mode (you have too).

     

    The worse virus I'Ve ever had is when I used a program on infected floppy in 1994 (it had the monkey boot sector virus, a nasty peace of work that spread like wild fire!). Almost all our floppies at work were infested (I wasn't in charge of security) and we lost 3 computers that way.

  • Reply 67 of 118
    rayzrayz Posts: 814member
    ibeam wrote: »
    Not necessary because you are on the defensive. Bye.

    And off he runs . . . :no:
  • Reply 68 of 118
    analogjackanalogjack Posts: 1,073member
    Quote:

    Originally Posted by gilly33 View Post



    Thanks techies as well. 'Cause I was all ready to type that "Go>Go..." command.



    I don't even know why that command was needed, you could simply open the folder it's only 2 levels in. It would only be needed for a hidden folder. 

  • Reply 69 of 118
    thepixeldocthepixeldoc Posts: 2,257member
    foggyhill wrote: »
    Java is a security hole waiting to happen. It just only be run in a browser running in a VM since it cannot be relied upon ever. Same thing for Flash, can't belive the number of time I've had to update that "thing" for security reason. Just wish everybody stopped using it so I could live in peace ;-).

    BTW, I haven't had a virus or worm on windows machine since 1994; being protected is not just related to the OS you are running.... I've been sitting behind my own home grown Unix firewall machine since 1992, that explains things (was Sco Unix initially, then BSD variants). I'm very good at not running crap or doing something stupid on a computer, even in root mode (you have too).

    The worse virus I'Ve ever had is when I used a program on infected floppy in 1994 (it had the monkey boot sector virus, a nasty peace of work that spread like wild fire!). Almost all our floppies at work were infested (I wasn't in charge of security) and we lost 3 computers that way.

    The only virus I've also run into, although not my personal machine. I was working with an Authorized Apple Handler giving demos and training in '92, when they received an exclusive distributorship for a new graphics program (I wont say!). The entire first shipment's install discs (IIRC 500 boxes) came with the wonderful 'monkey' attached. The software was a piece of crap anyway and I've yet to see anything buggier and more hacked together*** in my life... since Microsoft Office... :smokey:

    *** Only tip to the title is that they were one of the first to attempt to do an integrated suite (modules really) of multi-page layout, word processing, vector drawing and bitmap editing all in one package.
  • Reply 70 of 118
    fallenjtfallenjt Posts: 4,056member
    gtr wrote: »
    That's it.

    F*ck this lack of security on the Mac.

    I run a professional business. I need to know that my operating system of choice is secure, reliable, and receives regular updated new features.

    I'm moving to Windows.
    Lol. You're really funny, not
  • Reply 71 of 118
    nick29nick29 Posts: 111member
    Another reason not to read a junk site like Reddit
  • Reply 72 of 118
    knowitallknowitall Posts: 1,648member
    gatorguy wrote: »
    Details page here for those few interested:
    http://news.drweb.com/show/?i=5977&lng=en

    FWIW BitDefender says they've identified some other variations of it.

    Thanks for the info, nothing on how the infection takes place though.
  • Reply 73 of 118
    nagromme wrote: »
    It's also true to claim that in the 1900s, Macs did have viruses.

    Are you referring to maggots in Big Macs? Did McDonalds exist in the 1900s?
  • Reply 74 of 118
    Quote:

    Originally Posted by ibeam View Post

     

    Dude you are replying to someone who had Mac viruses a' plenty all the way back to the early 80s. Back then there were more viruses for Mac than there were for Microsoft. I am well aware of every minute detail of security on ALL operating systems.


    Hogwash! First of all, I was there too and there were no Mac-related viruses/trojans in the early 1980's. The Mac wasn't even introduced until January 1984 and it wasn't exactly a hot seller right out of the gate. By early 1990's there were about 40 or so Mac viruses/trojans, not counting the Word/Excel Macro "viruses" that were cross-platform (though most of those appeared in mid to late 1990's). In the Window camp, the malware numbers were over 10 times as many. 

     

    Quote:

    Originally Posted by nagromme View Post

     

    It's also true to claim that in the 1900s, Macs did have viruses…


    OK, I don't go back that far. <img class=" src="http://forums-files.appleinsider.com/images/smilies//lol.gif" /> 

  • Reply 75 of 118
    gatorguygatorguy Posts: 24,627member
    knowitall wrote: »
    Thanks for the info, nothing on how the infection takes place though.
    That's right. I mentioned that a few posts later. You would think if a researcher was going to detail the worm/malware he had discovered in the wild that he'd also clue folks in on how they would get infected by it. Not doing so leaves the door open to speculation, misinformation and probably needless concern.

    IMHO most of the malware stories we read are simply sensationalism and often used as fear-mongering tactics.
  • Reply 76 of 118
    knowitallknowitall Posts: 1,648member
    gatorguy wrote: »
    That's right. I mentioned that a few posts later. You would think if a researcher was going to detail the worm/malware he had discovered in the wild that he'd also clue folks in on how they would get infected by it. Not doing so leaves the door open to speculation, misinformation and probably needless concern.

    IMHO most of the malware stories we read are simply sensationalism and often used as fear-mongering tactics.

    I agree, it's probable that the 'researcher' has a specific agenda.
  • Reply 77 of 118
    d4njvrzfd4njvrzf Posts: 797member
    Quote:
    Originally Posted by digitalclips View Post



    Malware NOT virus ... calm down people. Last thing I'd do is install a bloody anti virus program on a Mac. I do use Little Snitch and practice safe sex err ... internet activity.



    Russian firm discovered it eh? ... probably Kasperky behind this in the first place, paid by Scammy and Google ... OK I'm kidding. Then again .....

    The same thing could be said regarding Android or Windows post-Vista, as the overwhelming majority of malicious software these days are not "viruses" but rather "malware" that rely on people downloading and running random sh*t from the internet (and ignoring system warnings about running untrusted software). If everyone practiced "safe internet activity", Android malware would be basically nonexistent.

  • Reply 78 of 118
    dasanman69dasanman69 Posts: 13,002member
    waybacmac wrote: »
    OK, I don't go back that far. :lol:  

    Macs had to watch out for Polio back then. ;)
  • Reply 79 of 118
    lilgto64lilgto64 Posts: 1,147member

    I did install Avast (free edition) on a number of Macs out of curiosity - and it does stop you from accessing websites that are known to contain malware - and it did detect a couple emails that had phishing scams and in one case a PDF that contains malware - not that it would have infected the Mac - but no need to be a carrier. 

     

    I had to exclude scanning my VMs as it was throwing false positives. 

     

    On my OS X server running 10.7.5 it has been "detecting" the daily.ndb file under the clamav folder - which I think is a false positive but not entire sure. 

     

    I have been using Avast (free edition) on a number of Windows machines that are too old or slow to run MSE - and it seems to be doing a decent job. 

     

    I don't recall very using Reddit and don't see an JavaW items on the systems I have checked. 

     

    While I agree that this is a Java exploit and not a Mac OS exploit - and even the Bash thing was not specific to Mac OS but a component that was shared with other Unix operating systems - but at what point do you consider it a Mac exploit? If someone breaks into a bank vault by exploiting a weakness in the door lock was the bank's security breeched or since that was a component provided by a third party is that not a breech of the bank's security? In either case the bank was robbed. 

     

    Sure there is a difference between malware that requires user authentication of a third party component and a virus which exploits something unique to the Mac OS and can spread itself - to techo geeks - but to the world at large that is a semantic distinction. 

  • Reply 80 of 118
    gatorguygatorguy Posts: 24,627member
    d4njvrzf wrote: »
    If everyone practiced "safe internet activity", Android malware would be basically nonexistent.

    No it would still exist, but not actually infect very often. Kinda like now but even less effective.

    The stories we read, particularly those published by AI, only discuss potentials rather than factual harm numbers for the most part unless they're Apple-specific. There's really not a very high infection rate now even on Google's "virus-ridden Android", something south of 1% as I recall. Viruses for Android? No such thing AFAIK. As Digitalclips said, "Malware NOT virus ... calm down people."

    Stories of platform malware are very often used to as FUD, which should be no big surprise to anyone. This IMHO non-story will be used as sugar on a few different sites, more sensationalism to give the masses something to talk about. There's truth in there somewhere but figuring out what it is while blinded by the smoke and mirrors is pretty darn hard no matter which platform is under discussion.

    EDIT:
    While you are at it, Mr Android, care to post links to Android ... actual viruses? I realize that would take years, but go on give it a go in the name of 'not allowing FUD',

    That's a trick question right? As you probably already knew, or should have if you searched it up, there aren't any Android viruses. As far as the link you were so insulted by it was the second page of the one linked in the AI article and as I noted in post 18, well before your comment noting the same, it did not include any helpful information on how users get infected.

    Don't let facts distract you tho. Carry on and add "...but, but, but Android" if you'd rather avoid the discussion. Some folks appreciate knowing facts even if they disagree with what they thought was true while others would rather not tolerate reading them.
Sign In or Register to comment.