Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zombie Macs Launch DoS Attack

Posted by timothy on from the but-wait-you-told-me dept.

Cludge writes "ZDNet has a story (and several related articles) about how Symantec has discovered evidence of an all-Mac based botnet that is actively involved in a DOS attack. Apparently, security on the exploited Macs (call them iBots?) was compromised when unwary users bit-torrented pirated copies of iWork 09 and Photoshop CS4 that contained malware. From the article: 'They describe this as the "first real attempt to create a Mac botnet" and note that the zombie Macs are already being used for nefarious purposes.'"

17 of 757 comments (clear)

  1. Sigh by Presto+Vivace · · Score: 3, Informative

    the end of innocence for Apple users.

  2. Re:A matter of time by despisethesun · · Score: 5, Informative

    Virus infected warez have been a fixture of the PC world for well over a decade now, if not longer, and it hasn't really made a dent in piracy.

    --
    This poo is cold.
  3. Re:May I be the first to laugh by Anonymous Coward · · Score: 3, Informative

    Man, I run Vista and I don't have any of that (built-ins are disabled). I only have virus scanning done on a weekly basis, and somehow despite not having forty pieces of software dedicated to second-guessing me I still don't have any viruses or malware.

    Simplest thing anyone can do is train the thing between the chair and the keyboard.

  4. Re:Are you sure... by imamac · · Score: 5, Informative

    The really funny part is that you could download the full version from Apple for free as the "demo" just needs a serial number.

  5. Re:I've got your denial right here. by shentino · · Score: 3, Informative

    Unless you consider TPM to be an operating system implemented in hardware...

    But...

    "anyone who trades X for security deserves neither, and shall lose both".

    Education is the only way to resolve this, really. But find me a user who is patient enough not to veto such an education with his wallet.

    The company that caters to the user's whims the best wins, and to hell with wisdom with a slow but steady ROI.

  6. It should be noted by Orion+Blastar · · Score: 5, Informative

    that a lot of "pirated" Bit Torrent software contains malware. Not just the Windows versions, but the Mac and Linux and BSD Unix versions as well.

    When you download pirated software you take a risk that it contains a trojan.

    I've even seen PDF files that had HTML exploits in it that got detected by antivirus. Read the comments on most Bit Torrent web sites the users will complain that it contains a virus. You don't have to download it to test it, the people who already downloaded it will give feedback that it contains a trojan or malware.

    When you download pirated software you are taking a big chance, it isn't worth it when a majority of things are infected. That is why I look towards Free and Open Source Software as alternatives to commercial products.

    --
    Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
  7. Re:Instant Karma... by roman_mir · · Score: 5, Informative

    I believe you are wrong in this case though, it's not a Mac that caught a virus, it may or may not be a virus, but it was installed onto the computer by the participating user on purpose. Except the user got a bit more functionality than he 'paid' for.

    --
    You can't handle the truth.
  8. Re:Instant Karma... by AHuxley · · Score: 4, Informative

    More a Trojan like device they opened (entered pw) for.
    vs something that floats around the internet for any 'innocent' networked Mac to catch.

    --
    Domestic spying is now "Benign Information Gathering"
  9. Re:Instant Karma... by Trogre · · Score: 4, Informative

    Fine so it's a Trojan.

    --
    "Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
  10. Comment removed by account_deleted · · Score: 5, Informative

    Comment removed based on user account deletion

  11. Re:Instant Karma... by pyrrhonist · · Score: 4, Informative

    Any time you want to install software
    DO:
    log out of your restricted account
    log into the admin account
    install the software
    then go back to your restricted account.

    There's no need to log out. You can use the "runas" command to run the installer with the proper credentials from your restricted account.

    --
    Show me on the doll where his noodly appendage touched you.
  12. Re:Instant Karma... by TrancePhreak · · Score: 5, Informative

    Same with the Mac, did you not pay attention to that hacking contest?

    --

    -]Phreak Out[-
  13. Re:Instant Karma... by cbiltcliffe · · Score: 3, Informative

    The solution? Log in as admin and fix it.

    Nope.

    runas /user:administrator cmd

    cacls <filename> /E /G Everyone:W

    --
    "City hall" in German is "Rathaus" Kinda explains a few things......
  14. Re:Instant Karma... by LurkerXXX · · Score: 4, Informative

    On pre-Vista Windows boxes, most people ran their default account with godlike administrator privileges. It's either that or:

    Run a restricted account
    Any time you want to install software
    DO:
            log out of your restricted account
            log into the admin account
            install the software
            then go back to your restricted account.
    REPEAT

    You forgot the other option.

    Any time you want to install software
    DO:
            right-click
            select RUN AS administrator
            install the software

    Not really much harder than typing 'sudo' before installing things.

  15. Re:Instant Karma... by jargon82 · · Score: 4, Informative

    Try this: http://blogs.msdn.com/aaron_margosis/archive/2004/07/24/193721.aspx This rather excellent script promotes the currently running user to admin but in a VERY interesting way. The user is given a command prompt that has admin rights. It's colored red to show the difference. Anything run from this command prompt has admin rights, but anything run anywhere else as the user does not. Any installs done from the command prompt will be run as the original user but with administrative privileges, thus preventing in 99% of cases the sort of problems you speak of.

  16. Re:Instant Karma... by Xabraxas · · Score: 3, Informative

    ... and no-one said Macs were trojan-proof, nor even virus-proof - just that there's a lot less attack vectors than Windows, and a lot less attackers.

    Not according to the guy who won the Pwn2own contest.

    Why Safari? Why didn't you go after IE or Safari?

    It's really simple. Safari on the Mac is easier to exploit. The things that Windows do to make it harder (for an exploit to work), Macs don't do. Hacking into Macs is so much easier. You don't have to jump through hoops and deal with all the anti-exploit mitigations you'd find in Windows.

    It's more about the operating system than the (target) program. Firefox on Mac is pretty easy too. The underlying OS doesn't have anti-exploit stuff built into it.

    --
    Time makes more converts than reason
  17. Re:Instant Karma... by Mendoksou · · Score: 5, Informative

    I loved that article. My entire family is made up fo mac minions, and keep tellign me this kind of thing, despite the fact that I have never had a virus, never had to reformat except when I rebuilt the whole computer, get way more performance and paid one third as much as they did.

    Here's the article, btw.

    http://blogs.zdnet.com/security/?p=2941

    --
    DISCLAIMER: I am very rarely serious. If the above comment seems asinine makes no sense, it is most likely a bad joke.