Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zombie Macs Launch DoS Attack

Posted by timothy on from the but-wait-you-told-me dept.

Cludge writes "ZDNet has a story (and several related articles) about how Symantec has discovered evidence of an all-Mac based botnet that is actively involved in a DOS attack. Apparently, security on the exploited Macs (call them iBots?) was compromised when unwary users bit-torrented pirated copies of iWork 09 and Photoshop CS4 that contained malware. From the article: 'They describe this as the "first real attempt to create a Mac botnet" and note that the zombie Macs are already being used for nefarious purposes.'"

88 of 757 comments (clear)

  1. Are you sure... by tacarat · · Score: 5, Funny

    ... that somebody didn't do it the old fashion way and post that the website host said bad things about Steve Jobs?

    --
    "Common sense will be the death of us all"
    1. Re:Are you sure... by imamac · · Score: 5, Informative

      The really funny part is that you could download the full version from Apple for free as the "demo" just needs a serial number.

    2. Re:Are you sure... by tacarat · · Score: 5, Funny

      But getting it off a torrent makes you a l337 ninja haxor.

      --
      "Common sense will be the death of us all"
    3. Re:Are you sure... by kirillian · · Score: 5, Funny

      In this case, I think it makes you l337 ninja hoxor-ed.

    4. Re:Are you sure... by Dreadneck · · Score: 4, Funny

      1337 Ninja Haxor vs. Pwnzilla

      --
      Power does not corrupt - power attracts the corrupt.
  2. Sigh by Presto+Vivace · · Score: 3, Informative

    the end of innocence for Apple users.

    1. Re:Sigh by l0ungeb0y · · Score: 5, Insightful

      What the hell are you talking about?

      Malware ie: trojans have been around for ages. This has nothing to do with the overall security of the OS and everything with the security threat the user is to themselves.

    2. Re:Sigh by Anonymous Coward · · Score: 5, Funny

      People who speak in generalities and think only in generalities. Problem is, that's not how the world works.

      It does work that way, in general.

    3. Re:Sigh by Chabil+Ha' · · Score: 5, Funny

      If your intention is to create a large botnet, you are of course going to target the most popular operating system.

      Not exactly. You're going to target the lowest hanging fruit. Which (no pun intended) is steadily becoming an Apple.

      --
      We're all hypocrites. We all have hidden parts, it's the contrast between them that make us more a hypocrite than others
    4. Re:Sigh by Drakino · · Score: 5, Interesting

      Why only desktops? Unix servers have sat on the internet open to the world since well before Windows even had a TCP/IP stack built in. And there are still plenty of them out there sitting on very fat pipes just ripe for bot nets. So why is it that Windows has had far more security hardships then any Unix based OS?

      It's not just market share that plays a factor. There have been plenty of exploits for IIS, MSSQL and Windows Server even though those products don't command a 50% market share.

    5. Re:Sigh by coryking · · Score: 5, Interesting

      Culture. Windows grew up on the desktop and moved into the server. Unix grew up on the server and is trying to make inroads on the desktop. "Normal users" will force unix systems to compromise some of their security to make life easier. Windows has had to compromise by removing the "everybody is an admin--free love for all" that existed all the way up to XP. By default, Vista users aren't running as root and the only way to become root is either a UAC dialog or a privilege escalation exploit.

      That doesn't account for the server-end though. And why earlier versions of said products had so many holes I will attribute to culture.

      Of course, Linux grew out of a culture that detested any kind of authority. Thus you find gems like this in early Linux documentation:

      Why GNU su does not support the wheel group (by Richard Stallman)
      Sometimes a few of the users try to hold total power over all the rest. For example, in 1984, a few users at the MIT AI lab decided to seize power by changing the operator password on the Twenex system and keep- ing it secret from everyone else. (I was able to thwart this coup and give power back to the users by patching the kernel, but I wouldn't know how to do that in Unix.)

      However, occasionally the rulers do tell someone. Under the usual su mechanism, once someone learns the root password who sympathizes with the ordinary users, he can tell the rest. The "wheel group" feature would make this impossible, and thus cement the power of the rulers.

      I'm on the side of the masses, not that of the rulers. If you are used to supporting the bosses and sysadmins in whatever they do, you might find this idea strange at first.

    6. Re:Sigh by Comatose51 · · Score: 5, Insightful

      While what you say it's true, taken in the context of Slashdot, it's a double standard. Whenever a trojan hits Windows, people are talking about how poorly designed Windows security is and how the user usually always runs as "administrator". People bring up how on Ubuntu and OS X, you have to sudo or login to do administrative things. Apparently that only works to a certain extend. I use and love my Macbook Pro but let's have some fairness here (not specifically you but Slashdot in general).

      --
      EvilCON - Made Famous by /.
    7. Re:Sigh by Ifni · · Score: 5, Insightful

      I'm just guessing, but I think when he said "Technologically Uneducated Users" he was talking about Mac users, not developers. You might have missed the last 25 years where Macs claim to be more user friendly and cater to a less technologically inclined user-base, lending significant support to his suggestion. In short, not all Mac users fit that profile, but the ones that do are contributing to the negative image that OSX and Macs in general enjoy among a significant portion of the populace. Think "AOL", except replace the service itself with something worthwhile, and decrease the percentage of "Technologically Uninclined/Uneducated" users in the user-base from >99% down to about 80% or less.

      More importantly, however, I think that he was implying that the users that claim that Macs are completely impervious to malware and that therefore Mac users need not take any precautions against infection are making the Mac community, and by extension the Mac OS, a laughing stock of the computer technology community. In short, the OS is technologically impressive in many ways, but a vocal portion of the users frequently make claims about it that are factually impossible and socially irresponsible. Not that this is exclusive to Mac, just better advertised and frequently sanctioned by the manufacturer.

      --

      Oh, was that my outside voice?

    8. Re:Sigh by DanMelks · · Score: 4, Funny

      Well, the first Troy was established approximately 3000 BCE so one might expect that trojans have been around for 5000 years. Even then people knew not to eat bad apples.

    9. Re:Sigh by m.ducharme · · Score: 3, Insightful

      I think that "IBM clone" pretty much a meaningless term, these days, don't you? Especially since Macs have switched from PowerPC (actually made by IBM, as I'm sure you know) to Intel (whose chips no longer bear much resemblance to the IBM chips of the past). Hell, Macs don't even use BIOS's anymore. Hell, IBM doesn't even make desktop pc's anymore. Anyway, sorry, this is way too persnickety, but these mac/pc/secure/insecure flamewars get my hackles up.

      --
      Rule of Slashdot #0: You and people like you are not representative of the larger population. - A.C.
  3. A matter of time by Fwipp · · Score: 5, Interesting

    I always wondered when those pirated copies of software would be become malware vectors. Maybe the quickest way to stop software piracy is through evil copies of legitimate software.

    1. Re:A matter of time by despisethesun · · Score: 5, Informative

      Virus infected warez have been a fixture of the PC world for well over a decade now, if not longer, and it hasn't really made a dent in piracy.

      --
      This poo is cold.
  4. it just... by BloodyIron · · Score: 5, Funny

    it just... BBRRRAAAIINNNNSSS

  5. But the iZombies have .... by 140Mandak262Jamuna · · Score: 3, Funny

    But these iZombies have such cool eye-candy the Windoze and Linux could never catch up in the cool factor in a million years!

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
  6. Hey, what a surprise by Reality+Master+201 · · Score: 4, Insightful

    If a user is tricked into installing malware on a machine, the machine is infected with malware.

    It's a shame people think Macs are somehow magically protected against viruses and other nasty computer stuff, merely by virtue of the manufacturer and operating system. It's probably more of a shame that Apple has, in the past at least, marketed Macs as being (more?) immune to viruses than PCs - something which somewhat true, but only for statistical reasons.

    It's like STDs - if you're careless and go sticking your junk everywhere without taking precautions, you'll probably catch something cruel, eventually.

    1. Re:Hey, what a surprise by Anonymous Coward · · Score: 5, Insightful

      Correct me if I'm wrong, but a trojan doesn't qualify as a "security issue" on the part of the OS. If a trojan succeeds in compromising the system, it's the fault of the user, not the OS.

    2. Re:Hey, what a surprise by Zen+Programmer · · Score: 5, Funny

      It's like STDs - if you're careless and go sticking your junk everywhere without taking precautions, you'll probably catch something cruel, eventually.

      That's why I run Linux. Running Linux pretty much rules out any possibility of having sex, and hence any chance of contracting an STD.

    3. Re:Hey, what a surprise by Burdell · · Score: 4, Insightful

      Also, like all linux distros, in order to do any real damage on a mac, you need to enter an admin password

      Please stop repeating this fallacy! First, on a single-user system (e.g. the vast majority of home computers), the end user has rights to all the interesting data files (songs, pictures, documents, etc.), so anything running as the user can do significant local damage. Sure, the OS and apps may be protected, but that isn't really what the end user cares about (since that's all easily replaced). However, since the goal of most viruses/worms/trojans is to control the computer for distributed and untraceable nefarious purposes (and not have the owner notice), they don't do that anymore. They cause the computer to join botnets, connect to master control servers, and wait for instructions. Sending spam, scanning other systems for vulnerabilities, hosting fast-flux phishing sites, etc. don't require elevated privilege.

  7. Um by Card · · Score: 4, Funny

    So does this mean that Macs are finally Enterprise Ready?

  8. Re:May I be the first to laugh by jamie · · Score: 4, Interesting

    From what we know so far, apparently the botnet was created by a trojan and does not spread.

    I'm a Mac user who doesn't run applications downloaded from completely untrustworthy sources like pirate p2p networks and you're correct -- I don't need a virus or malware checker.

  9. Somebody cue up the Mac commercial... by joocemann · · Score: 3, Funny

    Mac: Hi, I'm a mac!
    PC: Im a.. *cough* PC...
    Mac: Oh, you must be sick? Well I can't get sick.
    PC: really?
    Mac: (whispers) "Nobody knows I got HIV"
    PC: Ahhhh... I just got a cold
    Mac: See! I don't even have a cold!

  10. Re:I'm on a Mac by Fwipp · · Score: 5, Funny

    Hey, I happen to like vi, you insensitive clod!

  11. Linux. by RichardJenkins · · Score: 3, Funny

    The obvious solution is to switch to Linux, because everyone knows it has no viruses and never will.

    I SAID NEVER WILL.

    1. Re:Linux. by LWATCDR · · Score: 4, Insightful

      Except this isn't a Virus. It is a Trojan.
      Any OS can be infected with a Trojan even Linux.
      I find it anoying that under Linux most software really expects to be installed as root.
      Maybe there needs to be a new level called app for applications but then you have to problem of libraries.

      --
      See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
  12. Re:FUD by Mashiki · · Score: 4, Insightful

    Sounds like someone has their panties in a twist. You might forget that strict permission levels don't imply security when the person behind the keyboard is an idiot.

    --
    Om, nomnomnom...
  13. Re:May I be the first to laugh by Anonymous Coward · · Score: 3, Informative

    Man, I run Vista and I don't have any of that (built-ins are disabled). I only have virus scanning done on a weekly basis, and somehow despite not having forty pieces of software dedicated to second-guessing me I still don't have any viruses or malware.

    Simplest thing anyone can do is train the thing between the chair and the keyboard.

  14. I've got your denial right here. by earnest+murderer · · Score: 5, Insightful

    Purposefully installing malicious software does not indicate a vulnerability. The user intentionally installed a piece of software that is doing exactly what it is designed to do.

    There isn't an operating system on the planet that can protect you (or itself) from fraudulent user activity.

    --
    Platform advocacy is like choosing a favorite severely developmentally disabled child.
    1. Re:I've got your denial right here. by SpitfireSMS · · Score: 4, Insightful

      They didnt purposefully install the malicious software
      That would be like saying IE is safe, and its the users fault for purposefully clicking the "Install ActiveX" button that happened to install malware.

      If the operating system was as safe as the crazy fanboys claim, it wouldnt have been able to install malware in the first place.

      Not that im claiming that *any* OS is safer than any other, im justing saying OSX did NOT protect the user.

    2. Re:I've got your denial right here. by shentino · · Score: 3, Informative

      Unless you consider TPM to be an operating system implemented in hardware...

      But...

      "anyone who trades X for security deserves neither, and shall lose both".

      Education is the only way to resolve this, really. But find me a user who is patient enough not to veto such an education with his wallet.

      The company that caters to the user's whims the best wins, and to hell with wisdom with a slow but steady ROI.

    3. Re:I've got your denial right here. by __aarzwb9394 · · Score: 5, Insightful

      i have a mac and i think this is embarassing denialism...... people did not purposefully install malware. No one says, "I know! I'll install some malware to make my computer a zombie." They installed a downloaded copy of an application and it had malware hidden in it. That malware was able to run on their computer without their knowledge. This is not a very different vector from most windows malware. Telchine is right; macs are not invulnerable, they are less vulnerable than windows.

    4. Re:I've got your denial right here. by xav_jones · · Score: 5, Insightful

      Mod parent up. No OS can protect you from deliberately installing malware. Getting your software from an untrusted source and then giving that software install and admin rights on your machine is not a sign of a defective OS. Just a defective user.

    5. Re:I've got your denial right here. by HTH+NE1 · · Score: 4, Funny

      To summarize: PEBKAC (Problem Exists Between Keyboard And Chair).

      Though I'm sure some would rather update that to be PEBMAC (...Mouse And Chair).

      --
      Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
    6. Re:I've got your denial right here. by earnest+murderer · · Score: 4, Insightful

      They totally intentionally installed the software. You can't make a machine Malware proof without also making it software proof.

      The whole notion of "Malicious Software" is a marketing creation for the sole purpose of making money off people who would rather spend money on software to watch their back than learn (bother) to help themselves.

      Anyone who tells you different is confusing the issue. OS X has plenty of problems, this isn't one of them.

      --
      Platform advocacy is like choosing a favorite severely developmentally disabled child.
    7. Re:I've got your denial right here. by filthpickle · · Score: 5, Funny

      I always heard that as PICNIC (Problem In Chair Not In Computer).

    8. Re:I've got your denial right here. by Sancho · · Score: 4, Interesting

      That post also included:

      If the operating system was as safe as the crazy fanboys claim, it wouldnt have been able to install malware in the first place.

      Which is disingenuous.

      Furthermore, the activex part is true only if the user did, in fact, allow them. IE has had many, many vulnerabilities which allowed a malicious site to install ActiveX controls without user intervention (just like Safari has had remote execution flaws which allowed it to be compromised.)

    9. Re:I've got your denial right here. by fractoid · · Score: 5, Funny

      "anyone who trades X for security deserves neither, and shall lose both".

      You're talking about the X Window System here, right?

      --
      Rampant carbon sequestration destroyed the Dinosaurs' tropical paradise. I'm here to help repair the damage.
    10. Re:I've got your denial right here. by BitZtream · · Score: 3, Insightful

      So wait, let me get this straight ... You think that if a user installs an ActiveX, and clicks through the three or four warnings and clicks it takes to get it installed, that the OS is the problem? Please tell me thats not the case, cause if it is, you are an idiot.

      The are only two choices here:
      1) Let people install software from wherever they want, just like most OSes do it.

      2) Only let users install apps approved by the OS vendor, like the iPhone.

      So in case 1, the OS is the problem because the user did something stupid even after several warnings.

      And in 2, the vender is a complete and total prick who you hate because you can't install any random shitty app that creates the situation in #1.

      You know, either way, you're still an idiot.

      What OS do you know of that the user can't install malware in? Linux? Nope, can install malware there too.

      Get a clue.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
  15. Re:May I be the first to laugh by Whiney+Mac+Fanboy · · Score: 3, Insightful

    I'm a user who doesn't run applications downloaded from completely untrustworthy sources like pirate p2p networks and you're correct -- I don't need a virus or malware checker.

    Fixed that for you.

    --
    There are shills on slashdot. Apparently, I'm one of them.
  16. iZombies by mc1138 · · Score: 5, Funny

    A botnet that just works.

    --
    The musings of just another geek and his junk.
    1. Re:iZombies by WiseWeasel · · Score: 5, Funny

      Attack Different.

      --
      "I like systems, their application excepted", George Sand (French)
  17. Re:May I be the first to laugh by MadUndergrad · · Score: 3, Insightful

    Sorry, how does conficker spread again?

  18. Time to Celabrate! by get_your_guns · · Score: 3, Funny

    MAC users should be rejoicing around the world! What this actually means is that hackers are noticing MACs are gaining in population and and they see profit in targeting them. What's going to fall next, Rome?

  19. Re:unlikely by chill · · Score: 4, Funny

    What do you expect? It had to find a black turtleneck, offer some snide, unasked for criticism of your iTunes playlist, and order a double-whip, half-caf, non-fat latte before deciding which port was cool enough to grace with its packets. It may not be very effective, but it looks FABULOOOOOOOOOOOOUS!

    --
    Learning HOW to think is more important than learning WHAT to think.
  20. Instant Karma... by shmlco · · Score: 5, Insightful

    No, the funny part is that the users who torrented and installed pirated copies of iWork 09 and Photoshop CS4 got exactly what they deserved. Instant karma.

    --
    Any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.
    1. Re:Instant Karma... by Anonymous Coward · · Score: 5, Insightful

      "They" got what they deserved? More like we, the internet public at large that has to suffer through botnet DoS attacks, got what we didn't deserve.

    2. Re:Instant Karma... by roman_mir · · Score: 5, Informative

      I believe you are wrong in this case though, it's not a Mac that caught a virus, it may or may not be a virus, but it was installed onto the computer by the participating user on purpose. Except the user got a bit more functionality than he 'paid' for.

      --
      You can't handle the truth.
    3. Re:Instant Karma... by wumingzi · · Score: 4, Insightful

      Anyone who says Macs are virus-proof doesn't have a clue as to what they're talking about.

      Macs ARE harder to inject viruses into because the limited privilege escalation system used by Macs (and Linux) reduces the opportunities to run processes as root.

      On pre-Vista Windows boxes, most people ran their default account with godlike administrator privileges. It's either that or:

      Run a restricted account
      Any time you want to install software
      DO:
          log out of your restricted account
          log into the admin account
          install the software
          then go back to your restricted account.
      REPEAT

      After doing this about 5 or six times, you get frustrated and switch the "Administrator" flag on your restricted account and thus leave yourself open to attack any time you download something (or navigate to a malware page if you're running IE).

      The vector for infection for this botnet was escalating privileges to install CS 3. It only happens once, and only happens briefly, but once is all you need!

    4. Re:Instant Karma... by MightyYar · · Score: 5, Insightful

      This ain't a virus. This is a program, just like any other that you download and run.

      Not to say that Macs are "virus-proof" - they aren't. But short of downloading pirated software and running it, there haven't been any attacks so your friends here on Slashdot are still giving you good advice.

      --
      W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
    5. Re:Instant Karma... by AHuxley · · Score: 4, Informative

      More a Trojan like device they opened (entered pw) for.
      vs something that floats around the internet for any 'innocent' networked Mac to catch.

      --
      Domestic spying is now "Benign Information Gathering"
    6. Re:Instant Karma... by Trogre · · Score: 4, Informative

      Fine so it's a Trojan.

      --
      "Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
    7. Re:Instant Karma... by Thantik · · Score: 5, Insightful

      You make a good point except for the fact that if I just hide malware in the installation file, neither of your tactics are secure. The user is the weakest link in most attacks.

    8. Re:Instant Karma... by obeythefist · · Score: 5, Insightful

      That's the same story for most Windows malware.

      --
      I am government man, come from the government. The government has sent me. -- G.I.R.
    9. Re:Instant Karma... by Anonymous Coward · · Score: 5, Insightful

      Mod this up. The strongest attack vector is the social engineering vector.

    10. Re:Instant Karma... by Thaelon · · Score: 3, Insightful

      Except they probably don't even realize it.

      And everyone else gets to suffer for it.

      --

      Question everything

    11. Re:Instant Karma... by arogier · · Score: 5, Insightful

      It would seem the user is especially disadvantaged if they operate under the believe they have a malware proof machine. Why operate and antivirus or download with some discretion if you have a malware proof win machine?

      --
      http://www.aaronrogier.net
    12. Re:Instant Karma... by 99BottlesOfBeerInMyF · · Score: 4, Insightful

      You make a good point except for the fact that if I just hide malware in the installation file, neither of your tactics are secure. The user is the weakest link in most attacks.

      The users is a weak link in many security chains, but a hard one to exploit on a large scale. OS X and Linux do better on security partly because of market share, but largely because most malware is spread by automated worms and the fewer and more hardened services running by default on OS X and Linux machines provide a much harder target.

      For trojans such as we're discussing, no OS has a good solution in place, excepting maybe SELinux or the like which is fairly limited and hard to use because it really isn't in high demand so developers don't target it.

    13. Re:Instant Karma... by trum4n · · Score: 5, Funny

      Proving that mac users are just as stupid as windows users. No computer is perfect, as long as you have us Americans in front of it! We can break anything!

    14. Re:Instant Karma... by pyrrhonist · · Score: 4, Informative

      Any time you want to install software
      DO:
      log out of your restricted account
      log into the admin account
      install the software
      then go back to your restricted account.

      There's no need to log out. You can use the "runas" command to run the installer with the proper credentials from your restricted account.

      --
      Show me on the doll where his noodly appendage touched you.
    15. Re:Instant Karma... by jcr · · Score: 4, Insightful

      But I thought Macs were supposed to be virus-proof?

      It's not a virus, it's a trojan, and no computer is stupid-user-proof.

      -jcr

      --
      The only title of honor that a tyrant can grant is "Enemy of the State."
    16. Re:Instant Karma... by TrancePhreak · · Score: 5, Informative

      Same with the Mac, did you not pay attention to that hacking contest?

      --

      -]Phreak Out[-
    17. Re:Instant Karma... by bipbop · · Score: 4, Insightful

      Macs ARE harder to inject viruses into because the limited privilege escalation system used by Macs (and Linux) reduces the opportunities to run processes as root.

      You have a point, but most malware doesn't need to run as root to do its job, so really getting access at all is "game over". Protecting root doesn't mean much when root isn't the target . . .

    18. Re:Instant Karma... by cbiltcliffe · · Score: 3, Informative

      The solution? Log in as admin and fix it.

      Nope.

      runas /user:administrator cmd

      cacls <filename> /E /G Everyone:W

      --
      "City hall" in German is "Rathaus" Kinda explains a few things......
    19. Re:Instant Karma... by LurkerXXX · · Score: 4, Informative

      On pre-Vista Windows boxes, most people ran their default account with godlike administrator privileges. It's either that or:

      Run a restricted account
      Any time you want to install software
      DO:
              log out of your restricted account
              log into the admin account
              install the software
              then go back to your restricted account.
      REPEAT

      You forgot the other option.

      Any time you want to install software
      DO:
              right-click
              select RUN AS administrator
              install the software

      Not really much harder than typing 'sudo' before installing things.

    20. Re:Instant Karma... by atraintocry · · Score: 3, Insightful

      Certainly for a lot of it, but I wouldn't say most. Just from my own experience cleaning up people's PCs, a lot of it is IE-targeting drive-by malware. Obviously the number of Mac trojans like this one in the wild is much smaller than the number of similar Windows ones. That's a practical difference, not any kind of baked-in protection. You can call it security by obscurity if you want. But that situation isn't going to change for a long time, if ever.

      As to whether MacOS is *theoretically* safer than Vista with UAC turned on and Firefox as default browser, I don't know. Probably not. I do enjoy not having to put up with two or three dialogs and a screen dimming every time I delete a shortcut from the start menu. If you can handle running an XP box and keeping it clean, there's your Windows solution. For people who can't be trusted to do so, as well as people who can't stand constantly being interrupted when doing mundane things like enabling Wi-Fi, there's OS X.

    21. Re:Instant Karma... by TheLink · · Score: 3, Funny

      Oh yeah? All they have to do is sneeze on it...

      And voila, a virus laden PC ready to infect the unsuspecting.

      --
    22. Re:Instant Karma... by dakameleon · · Score: 3, Insightful

      ... and no-one said Macs were trojan-proof, nor even virus-proof - just that there's a lot less attack vectors than Windows, and a lot less attackers.

      Any system is going to be vulnerable to maliciously crafted & targeted code that is willingly (if unwittingly) run by the user.

      --
      Man who leaps off cliff jumps to conclusion.
    23. Re:Instant Karma... by jargon82 · · Score: 4, Informative

      Try this: http://blogs.msdn.com/aaron_margosis/archive/2004/07/24/193721.aspx This rather excellent script promotes the currently running user to admin but in a VERY interesting way. The user is given a command prompt that has admin rights. It's colored red to show the difference. Anything run from this command prompt has admin rights, but anything run anywhere else as the user does not. Any installs done from the command prompt will be run as the original user but with administrative privileges, thus preventing in 99% of cases the sort of problems you speak of.

    24. Re:Instant Karma... by borizz · · Score: 3, Funny

      I don't know how many times my university's email system has been slayed because some dumb secretary put everyone in the TO field. Last time it happened, she just had a baby and a national radio station had a cutest-baby contest. She registered and emailed everyone at the university to vote for her. A lot of people pressed reply-all, bickering about the bullshit. People got pissed that they got a lot of very huge (about 2 megs of addresses alone) emails, and in turn pressed reply-all to tell people to stop pushing reply-all. Other people then went on to suggest that those people are hypocrites and thought it'd be best to use reply-all. The university ended up pulling the plug on the email system for a few hours...

    25. Re:Instant Karma... by Xabraxas · · Score: 3, Informative

      ... and no-one said Macs were trojan-proof, nor even virus-proof - just that there's a lot less attack vectors than Windows, and a lot less attackers.

      Not according to the guy who won the Pwn2own contest.

      Why Safari? Why didn't you go after IE or Safari?

      It's really simple. Safari on the Mac is easier to exploit. The things that Windows do to make it harder (for an exploit to work), Macs don't do. Hacking into Macs is so much easier. You don't have to jump through hoops and deal with all the anti-exploit mitigations you'd find in Windows.

      It's more about the operating system than the (target) program. Firefox on Mac is pretty easy too. The underlying OS doesn't have anti-exploit stuff built into it.

      --
      Time makes more converts than reason
    26. Re:Instant Karma... by Mendoksou · · Score: 5, Informative

      I loved that article. My entire family is made up fo mac minions, and keep tellign me this kind of thing, despite the fact that I have never had a virus, never had to reformat except when I rebuilt the whole computer, get way more performance and paid one third as much as they did.

      Here's the article, btw.

      http://blogs.zdnet.com/security/?p=2941

      --
      DISCLAIMER: I am very rarely serious. If the above comment seems asinine makes no sense, it is most likely a bad joke.
    27. Re:Instant Karma... by steve_bryan · · Score: 3, Insightful

      Do you know what OS the creator of that attack uses himself? He runs OSX on a MacBook Pro. It puts a rather interesting spin on the conclusion you want to draw.

  21. Quality of posts by Anonymous Coward · · Score: 5, Insightful

    It's a shame that the level of intelligence and knowledge of the posters to Slashdot seems to still be in decline.

    I would think that anyone who wants to use this "revelation" as some kind of troll against OSX would at least be able to differentiate between a virus and a trojan.

    There's a decent chance there will be some kind of unpatched OSX vuln that will be exploited ala what you see on a Windows machine, but until then you should just stew in silence and wait for your opportunity to post your "See OSX is no better than Windows" messages and then you wont look like such ignorant fools.

    If you can install software on a computer, you can install software that is malware as well. I doubt anyone can fault Apple for allowing end users to install software that they choose to install.

  22. ...uneducated Mac fanboyism... by Savage-Rabbit · · Score: 5, Insightful

    I suspect that this botnet has been created by a geek that is sick to death of uneducated Mac fanboyism, and in a small way, I have respect for that.

    No, it wasn't. This botnet was created by a computer criminal who saw an opportunity to capitalize on people who install pirated software either because they are to clueless to know the risks or because they have deluded them selves into thinking it is riskless act. The lesson we can all learn from this is the following:

    "If you download pirated software off the internet and install it on your computer you run the risk of installing along with it carefully crafted malware that your security software or whatever other precautions you are taking may not be able to protect you against."

    Note that this basic lesson is true on all incarnations of Mac OS X, Windows, Linux or any other network enabled operating system you can download pirated software for.

    Now please crawl back under your rock and learn to write better trolls...

    --
    Only to idiots, are orders laws.
    -- Henning von Tresckow
  23. It should be noted by Orion+Blastar · · Score: 5, Informative

    that a lot of "pirated" Bit Torrent software contains malware. Not just the Windows versions, but the Mac and Linux and BSD Unix versions as well.

    When you download pirated software you take a risk that it contains a trojan.

    I've even seen PDF files that had HTML exploits in it that got detected by antivirus. Read the comments on most Bit Torrent web sites the users will complain that it contains a virus. You don't have to download it to test it, the people who already downloaded it will give feedback that it contains a trojan or malware.

    When you download pirated software you are taking a big chance, it isn't worth it when a majority of things are infected. That is why I look towards Free and Open Source Software as alternatives to commercial products.

    --
    Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
    1. Re:It should be noted by Erikderzweite · · Score: 3, Insightful

      That is very true, Free and Open Source from signed repositories is the safest way of getting software.
      Besides, you must behave different if you are going to install some weird binary from the Internet (which is not the case with Windows or Mac). That will scare off the newbies and more advanced users will know of dangers anyway. So the impact from similar malware in Linux will be limited, not to mention various distributions, DE's and suchlike.

  24. iBot, same malware at an outrageous price by Anonymous Coward · · Score: 4, Funny

    iBot, same malware at an outrageous price

  25. Here is the download for the fix by fishthegeek · · Score: 5, Funny

    Antivirus Protection

    --
    load "$",8,1
  26. Botnet is a botnet by Randall311 · · Score: 4, Insightful

    Guys guys guys... you're missing the point. It doesn't matter if the attack was social or security based. The fact is it is a Mac based botnet. That's it. No double standard here, just reporting that a Macintosh based botnet is up to no good. The bottom line is that security is up to the user. I could go %sudo ALL=NOPASSWD: ALL in my /etc/sudoers and security goes right out the window. It's all in control of the user. People are (as a collective) just not that smart. There can never be a secure system as long as there are users of the system.

  27. Comment removed by account_deleted · · Score: 5, Informative

    Comment removed based on user account deletion

  28. re: Macs and claims of "no viruses" by King_TJ · · Score: 5, Interesting

    As a long-time Mac (and PC) user myself, I've been known to give someone a "simplified version" of the truth, telling them "you won't have any virus or spyware problems on a Mac".

    It's not that I'm some clueless user who doesn't know better. It's that I have a pretty good idea of what the individual does with and expects from their computer. Judging by that, and knowing they're not a very "technical" user to begin with, I know that practically speaking, they really aren't going to need to worry about infections on their Mac.

    (So far, just about all of the trojan horses and viruses people mentioned for OS X involved downloading files of unknown origins, or running something you received in an unsolicited email. When you have a user who is already scared to open any email at all from people he/she doesn't know, they're hopefully in good shape there. They're certainly not savvy enough to fire up bittorrent and start seeking out pirated software, either.)

  29. Social Engineering by MacColossus · · Score: 3, Insightful

    There is no patch for human stupidity. Just goes to show that if you do illegal file sharing you need good antivirus regardless of platform.

  30. LOL zombie macs by Hojima · · Score: 5, Funny

    Zombie Mac: Braaaaiiiinnnssss
    Mac fanboy: Joke's on you, I have none

    (I'm going to mod point hell for this one)

    --
    Help fight spam
  31. An Ounce of Prevention by Lord+Flipper · · Score: 3, Interesting

    Why guys insist on downloading questionable things without some preventive measures in place, first, is beyond the scope of my tired head. But dumping Apple's default 5-minute "grace period" on sudo (or admin passwords, in other words) will kill third-party attempts to piggyback on any password that is being used by the legit user for privilege escalation.

    In a console (Terminal):

    sudo visudo

    [hit return, enter password]

    scroll to: #Defaults specification, hit the letter 'o' to get a new line, and type:

    Defaults:ALL timestamp_timeout=0

    then hit [Escape] to end the editing session, then ':w' plus [Enter] to write the file to disk, and finally ':q' plus [Enter] to quit visudo.

    Done. I get tired of vi, of course, and will usually use BBEdit to open /private/etc/sudoers and enter the admin password once to 'unlock' sudoers, then scroll down and add the new default line, and save the file. Done, quicker.

    A nefarious app or script can poll the system asking if there's escalation until kingdom come and it will never get an affirmative. End of story; end of file