Slashdot Mirror


Zombie Macs Launch DoS Attack

Cludge writes "ZDNet has a story (and several related articles) about how Symantec has discovered evidence of an all-Mac based botnet that is actively involved in a DOS attack. Apparently, security on the exploited Macs (call them iBots?) was compromised when unwary users bit-torrented pirated copies of iWork 09 and Photoshop CS4 that contained malware. From the article: 'They describe this as the "first real attempt to create a Mac botnet" and note that the zombie Macs are already being used for nefarious purposes.'"

16 of 757 comments (clear)

  1. Re:Sigh by l0ungeb0y · · Score: 5, Insightful

    What the hell are you talking about?

    Malware ie: trojans have been around for ages. This has nothing to do with the overall security of the OS and everything with the security threat the user is to themselves.

  2. I've got your denial right here. by earnest+murderer · · Score: 5, Insightful

    Purposefully installing malicious software does not indicate a vulnerability. The user intentionally installed a piece of software that is doing exactly what it is designed to do.

    There isn't an operating system on the planet that can protect you (or itself) from fraudulent user activity.

    --
    Platform advocacy is like choosing a favorite severely developmentally disabled child.
    1. Re:I've got your denial right here. by __aarzwb9394 · · Score: 5, Insightful

      i have a mac and i think this is embarassing denialism...... people did not purposefully install malware. No one says, "I know! I'll install some malware to make my computer a zombie." They installed a downloaded copy of an application and it had malware hidden in it. That malware was able to run on their computer without their knowledge. This is not a very different vector from most windows malware. Telchine is right; macs are not invulnerable, they are less vulnerable than windows.

    2. Re:I've got your denial right here. by xav_jones · · Score: 5, Insightful

      Mod parent up. No OS can protect you from deliberately installing malware. Getting your software from an untrusted source and then giving that software install and admin rights on your machine is not a sign of a defective OS. Just a defective user.

  3. Instant Karma... by shmlco · · Score: 5, Insightful

    No, the funny part is that the users who torrented and installed pirated copies of iWork 09 and Photoshop CS4 got exactly what they deserved. Instant karma.

    --
    Any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.
    1. Re:Instant Karma... by Anonymous Coward · · Score: 5, Insightful

      "They" got what they deserved? More like we, the internet public at large that has to suffer through botnet DoS attacks, got what we didn't deserve.

    2. Re:Instant Karma... by MightyYar · · Score: 5, Insightful

      This ain't a virus. This is a program, just like any other that you download and run.

      Not to say that Macs are "virus-proof" - they aren't. But short of downloading pirated software and running it, there haven't been any attacks so your friends here on Slashdot are still giving you good advice.

      --
      W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
    3. Re:Instant Karma... by Thantik · · Score: 5, Insightful

      You make a good point except for the fact that if I just hide malware in the installation file, neither of your tactics are secure. The user is the weakest link in most attacks.

    4. Re:Instant Karma... by obeythefist · · Score: 5, Insightful

      That's the same story for most Windows malware.

      --
      I am government man, come from the government. The government has sent me. -- G.I.R.
    5. Re:Instant Karma... by Anonymous Coward · · Score: 5, Insightful

      Mod this up. The strongest attack vector is the social engineering vector.

    6. Re:Instant Karma... by arogier · · Score: 5, Insightful

      It would seem the user is especially disadvantaged if they operate under the believe they have a malware proof machine. Why operate and antivirus or download with some discretion if you have a malware proof win machine?

  4. Quality of posts by Anonymous Coward · · Score: 5, Insightful

    It's a shame that the level of intelligence and knowledge of the posters to Slashdot seems to still be in decline.

    I would think that anyone who wants to use this "revelation" as some kind of troll against OSX would at least be able to differentiate between a virus and a trojan.

    There's a decent chance there will be some kind of unpatched OSX vuln that will be exploited ala what you see on a Windows machine, but until then you should just stew in silence and wait for your opportunity to post your "See OSX is no better than Windows" messages and then you wont look like such ignorant fools.

    If you can install software on a computer, you can install software that is malware as well. I doubt anyone can fault Apple for allowing end users to install software that they choose to install.

  5. Re:Hey, what a surprise by Anonymous Coward · · Score: 5, Insightful

    Correct me if I'm wrong, but a trojan doesn't qualify as a "security issue" on the part of the OS. If a trojan succeeds in compromising the system, it's the fault of the user, not the OS.

  6. ...uneducated Mac fanboyism... by Savage-Rabbit · · Score: 5, Insightful

    I suspect that this botnet has been created by a geek that is sick to death of uneducated Mac fanboyism, and in a small way, I have respect for that.

    No, it wasn't. This botnet was created by a computer criminal who saw an opportunity to capitalize on people who install pirated software either because they are to clueless to know the risks or because they have deluded them selves into thinking it is riskless act. The lesson we can all learn from this is the following:

    "If you download pirated software off the internet and install it on your computer you run the risk of installing along with it carefully crafted malware that your security software or whatever other precautions you are taking may not be able to protect you against."

    Note that this basic lesson is true on all incarnations of Mac OS X, Windows, Linux or any other network enabled operating system you can download pirated software for.

    Now please crawl back under your rock and learn to write better trolls...

    --
    Only to idiots, are orders laws.
    -- Henning von Tresckow
  7. Re:Sigh by Comatose51 · · Score: 5, Insightful

    While what you say it's true, taken in the context of Slashdot, it's a double standard. Whenever a trojan hits Windows, people are talking about how poorly designed Windows security is and how the user usually always runs as "administrator". People bring up how on Ubuntu and OS X, you have to sudo or login to do administrative things. Apparently that only works to a certain extend. I use and love my Macbook Pro but let's have some fairness here (not specifically you but Slashdot in general).

    --
    EvilCON - Made Famous by /.
  8. Re:Sigh by Ifni · · Score: 5, Insightful

    I'm just guessing, but I think when he said "Technologically Uneducated Users" he was talking about Mac users, not developers. You might have missed the last 25 years where Macs claim to be more user friendly and cater to a less technologically inclined user-base, lending significant support to his suggestion. In short, not all Mac users fit that profile, but the ones that do are contributing to the negative image that OSX and Macs in general enjoy among a significant portion of the populace. Think "AOL", except replace the service itself with something worthwhile, and decrease the percentage of "Technologically Uninclined/Uneducated" users in the user-base from >99% down to about 80% or less.

    More importantly, however, I think that he was implying that the users that claim that Macs are completely impervious to malware and that therefore Mac users need not take any precautions against infection are making the Mac community, and by extension the Mac OS, a laughing stock of the computer technology community. In short, the OS is technologically impressive in many ways, but a vocal portion of the users frequently make claims about it that are factually impossible and socially irresponsible. Not that this is exclusive to Mac, just better advertised and frequently sanctioned by the manufacturer.

    --

    Oh, was that my outside voice?