Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zombie Macs Launch DoS Attack

Posted by timothy on from the but-wait-you-told-me dept.

Cludge writes "ZDNet has a story (and several related articles) about how Symantec has discovered evidence of an all-Mac based botnet that is actively involved in a DOS attack. Apparently, security on the exploited Macs (call them iBots?) was compromised when unwary users bit-torrented pirated copies of iWork 09 and Photoshop CS4 that contained malware. From the article: 'They describe this as the "first real attempt to create a Mac botnet" and note that the zombie Macs are already being used for nefarious purposes.'"

12 of 757 comments (clear)

  1. Re:A matter of time by despisethesun · · Score: 5, Informative

    Virus infected warez have been a fixture of the PC world for well over a decade now, if not longer, and it hasn't really made a dent in piracy.

    --
    This poo is cold.
  2. Re:Are you sure... by imamac · · Score: 5, Informative

    The really funny part is that you could download the full version from Apple for free as the "demo" just needs a serial number.

  3. It should be noted by Orion+Blastar · · Score: 5, Informative

    that a lot of "pirated" Bit Torrent software contains malware. Not just the Windows versions, but the Mac and Linux and BSD Unix versions as well.

    When you download pirated software you take a risk that it contains a trojan.

    I've even seen PDF files that had HTML exploits in it that got detected by antivirus. Read the comments on most Bit Torrent web sites the users will complain that it contains a virus. You don't have to download it to test it, the people who already downloaded it will give feedback that it contains a trojan or malware.

    When you download pirated software you are taking a big chance, it isn't worth it when a majority of things are infected. That is why I look towards Free and Open Source Software as alternatives to commercial products.

    --
    Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
  4. Re:Instant Karma... by roman_mir · · Score: 5, Informative

    I believe you are wrong in this case though, it's not a Mac that caught a virus, it may or may not be a virus, but it was installed onto the computer by the participating user on purpose. Except the user got a bit more functionality than he 'paid' for.

    --
    You can't handle the truth.
  5. Re:Instant Karma... by AHuxley · · Score: 4, Informative

    More a Trojan like device they opened (entered pw) for.
    vs something that floats around the internet for any 'innocent' networked Mac to catch.

    --
    Domestic spying is now "Benign Information Gathering"
  6. Re:Instant Karma... by Trogre · · Score: 4, Informative

    Fine so it's a Trojan.

    --
    "Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
  7. Comment removed by account_deleted · · Score: 5, Informative

    Comment removed based on user account deletion

  8. Re:Instant Karma... by pyrrhonist · · Score: 4, Informative

    Any time you want to install software
    DO:
    log out of your restricted account
    log into the admin account
    install the software
    then go back to your restricted account.

    There's no need to log out. You can use the "runas" command to run the installer with the proper credentials from your restricted account.

    --
    Show me on the doll where his noodly appendage touched you.
  9. Re:Instant Karma... by TrancePhreak · · Score: 5, Informative

    Same with the Mac, did you not pay attention to that hacking contest?

    --

    -]Phreak Out[-
  10. Re:Instant Karma... by LurkerXXX · · Score: 4, Informative

    On pre-Vista Windows boxes, most people ran their default account with godlike administrator privileges. It's either that or:

    Run a restricted account
    Any time you want to install software
    DO:
            log out of your restricted account
            log into the admin account
            install the software
            then go back to your restricted account.
    REPEAT

    You forgot the other option.

    Any time you want to install software
    DO:
            right-click
            select RUN AS administrator
            install the software

    Not really much harder than typing 'sudo' before installing things.

  11. Re:Instant Karma... by jargon82 · · Score: 4, Informative

    Try this: http://blogs.msdn.com/aaron_margosis/archive/2004/07/24/193721.aspx This rather excellent script promotes the currently running user to admin but in a VERY interesting way. The user is given a command prompt that has admin rights. It's colored red to show the difference. Anything run from this command prompt has admin rights, but anything run anywhere else as the user does not. Any installs done from the command prompt will be run as the original user but with administrative privileges, thus preventing in 99% of cases the sort of problems you speak of.

  12. Re:Instant Karma... by Mendoksou · · Score: 5, Informative

    I loved that article. My entire family is made up fo mac minions, and keep tellign me this kind of thing, despite the fact that I have never had a virus, never had to reformat except when I rebuilt the whole computer, get way more performance and paid one third as much as they did.

    Here's the article, btw.

    http://blogs.zdnet.com/security/?p=2941

    --
    DISCLAIMER: I am very rarely serious. If the above comment seems asinine makes no sense, it is most likely a bad joke.