Zombie Macs Launch DoS Attack
Cludge writes "ZDNet has a story (and several related articles) about how Symantec has discovered evidence of an all-Mac based botnet that is actively involved in a DOS attack. Apparently, security on the exploited Macs (call them iBots?) was compromised when unwary users bit-torrented pirated copies of iWork 09 and Photoshop CS4 that contained malware. From the article: 'They describe this as the "first real attempt to create a Mac botnet" and note that the zombie Macs are already being used for nefarious purposes.'"
I always wondered when those pirated copies of software would be become malware vectors. Maybe the quickest way to stop software piracy is through evil copies of legitimate software.
From what we know so far, apparently the botnet was created by a trojan and does not spread.
I'm a Mac user who doesn't run applications downloaded from completely untrustworthy sources like pirate p2p networks and you're correct -- I don't need a virus or malware checker.
Why only desktops? Unix servers have sat on the internet open to the world since well before Windows even had a TCP/IP stack built in. And there are still plenty of them out there sitting on very fat pipes just ripe for bot nets. So why is it that Windows has had far more security hardships then any Unix based OS?
It's not just market share that plays a factor. There have been plenty of exploits for IIS, MSSQL and Windows Server even though those products don't command a 50% market share.
Culture. Windows grew up on the desktop and moved into the server. Unix grew up on the server and is trying to make inroads on the desktop. "Normal users" will force unix systems to compromise some of their security to make life easier. Windows has had to compromise by removing the "everybody is an admin--free love for all" that existed all the way up to XP. By default, Vista users aren't running as root and the only way to become root is either a UAC dialog or a privilege escalation exploit.
That doesn't account for the server-end though. And why earlier versions of said products had so many holes I will attribute to culture.
Of course, Linux grew out of a culture that detested any kind of authority. Thus you find gems like this in early Linux documentation:
That post also included:
If the operating system was as safe as the crazy fanboys claim, it wouldnt have been able to install malware in the first place.
Which is disingenuous.
Furthermore, the activex part is true only if the user did, in fact, allow them. IE has had many, many vulnerabilities which allowed a malicious site to install ActiveX controls without user intervention (just like Safari has had remote execution flaws which allowed it to be compromised.)
As a long-time Mac (and PC) user myself, I've been known to give someone a "simplified version" of the truth, telling them "you won't have any virus or spyware problems on a Mac".
It's not that I'm some clueless user who doesn't know better. It's that I have a pretty good idea of what the individual does with and expects from their computer. Judging by that, and knowing they're not a very "technical" user to begin with, I know that practically speaking, they really aren't going to need to worry about infections on their Mac.
(So far, just about all of the trojan horses and viruses people mentioned for OS X involved downloading files of unknown origins, or running something you received in an unsolicited email. When you have a user who is already scared to open any email at all from people he/she doesn't know, they're hopefully in good shape there. They're certainly not savvy enough to fire up bittorrent and start seeking out pirated software, either.)