'Opener' Malware Targets OS X
the_webmaestro writes "Macintouch.com is covering the "opener" malware, a new and potential vulnerability which affects Mac OS X. If true (it's not on HoaxBusters yet), this could become a Mac user's worst nightmare... Worse even than Microsoft Word macro viruses (heretofore the only real 'viruses' which threatened Mac users)! Normally, when ever I'd see virus alerts, I'd revel in the fact that as a Mac user, I was immune (except for the slow-down of the net, the loss in productivity of my colleagues, and the increase in SPAM--often coming from my friends and colleagues). [Sigh] Perhaps, my days of telling friends and family that there are no viruses for Macs may be coming to an end. There have been stories."
This is lame. A script! -this is Slashdot, you should know tthe possibilities of bash scripting. Besides, it doesn't even spread itself, don't hide its tracks...
Root is disabled by default on all shipping Mac's and if anyone has physical access to your machine then you are in serious trouble anyway. Right, but the initial setup of every shipping mac out there has the user create an administrative account on there machine. This person can run sudo to execute a root command. The password prompt you get before installing most mac software runs sudo. So an install program effectively runs as root and if the install program silently added this script to your system then it would run.
--- Justin Dearing http://www.justaprogrammer.net/ We're just programmers.
Could a Trojan be written to trick the user into installing a StartUp Item?
... and came up with Intego and FUD.
Make no doubt about it. There is a French company that writes Mac software called Intego.
THEY ARE the ones spreading this new rumor, just as they spread the "trojan horse" myth a few months back.
It's time to sell some more software - so it's time spread some more FUD.
A previous story I had done on this
Yell & scream & rant & rave... it's no use... you need a shaaaave ~ Bugs Bunny
As you already pointed out, you have to have root access to the machine then install a root kit. This is just a bunch of FUD similar to the ruckus the so-called WordPress vulernabilities that were reported last month. Yes, they allowed you to redirect to any url as part of a seemingly innocent url, but you have to be logged into WordPress to exploit them. Highly overrated as severe security vulnerability.