Slashdot Mirror
New Version of Flashback Trojan Targets Mac Users
wiredmikey writes with this extract from Security Week: "On Friday, researchers from security firm Intego reported that a new variant of Flashback is targeting passwords and as a byproduct of infection, Flashback is crashing several notable applications. Flashback was first discovered by Intego in September of 2011. It targets Java vulnerabilities on OS X, two of them to be exact, in order to infect the system. Should Flashback find that Java is fully updated, it will attempt to social engineer the malware's installation, by presenting an applet with a self-signed certificate. The certificate claims to be signed by Apple, but is clearly marked as invalid. However, users are known to skip such warnings, thus allowing the malware to be installed. ... The newest variant will render programs such as Safari and Skype unstable, causing them to crash. Interestingly enough, normally these are stable programs, so if they start suddenly crashing might be a sign of larger issues."
I know you're trolling, but no he didn't.
He did say they were much less likely, but it has never been the case that Macs were immune. There has been a history of malware on the Mac since the pre-OS X days.
Far fewer viruses in the OS X era though (relative to earlier Mac OSes), but several trojans - usually in pirate software (like the infamous "pretends to be MS Office installer but really destroys your home folder" one).
Vigilance is necessary on all platforms, especially against trojans, since they tend to exploit the common weak link in computer security - the user of the system.
Java was an optional extra on 10.6 and is a separate download on 10.7.
"We know what happens to people who stay in the middle of the road. They get run over." - Aneurin Bevan
Since it's causing instabilities, it's a poorly written piece of malware.
:)
The standard generic symptom of being infected by malware is there are no apparent symptoms. It's just that when people start having problems is when they start looking, but you can bet they were infected LONG before they had those unrelated problems. Obviously that doesn't apply to this one, since it's new and it does cause problems. And yes, you can find others that have recognizable symptoms, but most don't.
Wonder how long until Mac users start claiming the don't have malware again. (Will it be Months, Weeks, Days, or Hours...)
No offense meant to Mac users, but find a way to escape the reality distortion field if you are still in it.
If you remember the "I'm a PC" and "I'm a Mac" commercials, the gist of several of the ads was that Macs COULDN'T be compromised like PCs.
While geeks always new better, I think the point the OP was trying to make is that the majority of Mac users, those who "just want it to work", were sold on the idea that they weren't succeptibal to viruses and malware.
From now on, all Macs will have a firewall and any download will only happen after being approved by Apple. Like the AppStore makes your computer safe from third-party apps, this will make your computer safe from Web.
I'm much more funny, interesting and insightful than the moderators think
Vigilance is very important on all platforms. The worst infection I ever had was on a Solaris 9 box. Some piece of garbage zombie bot took advantage of a weakness in CDE. Who the hell targets CDE?!
The first words of this post were "New Version of Flashback..." It all went downhill from there. But at least Delphine Software isn't going to bastardize a classic by turning it into yet another FPS.
Which versions of Java are vulnerable? Basic details are nice to have...
Susceptible.
You're obviously on a computing device connected to the Internet so why not take a few seconds to look up a word if you don't know how it's spelled?
The "Im a PC ads" certainly made that statement. Youre not going to look at this ad... ...and tell me that the implication isnt supposed to be that "Macs are immune to viruses".
http://www.youtube.com/watch?v=GQb_Q8WRL_g
I also find it telling that folks who are not very technical and not qualified to comment on the security of an OS somehow have this idea that Macs cant get viruses. Now where do you suppose that assumption comes from?
Regardless, this is neither a virus nor a worm. It's a trojan. You're supposed to know the difference.
I am so tired of these April Fool's jokes when it isn't even April yet.
Everyone knows Macs don't get trojans or viruses and that this story originated from The Onion!
That commercial did not, in fact, make the statement that "Macs are immune to viruses."
It did say that there were "114,000 known viruses for PCs" to which the Mac replies "PCs. Not Macs."
It's worded in such a way that your casual listener will likely believe "Oh, Macs don't get PCs", but it's ALSO worded so that Apple could easily argue that they merely meant that there are simply *not* 114,000 viruses for Macs. Maybe there's 100,000. Maybe 150,000. Maybe 0. But they didn't say outright, "Macs don't get viruses."
It's their fault that everyone heard it that way and that everyone assumes that, but really. They never said Macs don't get viruses.
And yes, I agree. Fuck Apple and their wordplay.
Security has always been and will always be a question of reducing the frequency and impact of escapes--anyone who thinks otherwise is "not very technical and not qualified to comment."
Macs are safer than Windows PCs. IOS is safer than Android.
is that Skype is known to be stable. That is certainly news to me.
For this...
http://apple.slashdot.org/story/12/02/25/2327214/quicktime-creator-brings-flash-and-office-to-the-ipad-by-subscription
"If any question why we died, Tell them because our fathers lied."
If you have to deliberately install it, it's neither a virus nor a worm. It's an app.
Help stamp out iliturcy.
You missed his usage of the word "new"...
We show geeks how to get their dream girl at EyesOfOdessa.com
I don't think they ever said "couldn't" or "can't", but instead said, "don't."
It is a "new variant of Flashback"
A new variant??
something made with parts that have been used previously?
maybe even on a PC?
code parts that could run on any grey unspectacular computer?
a modified version of something coded for the masses?
Please tell me, they at least improved it so it would use functions only genuine apple hardware could provide.
... there's an app for that.
The fact that this is even considered a story makes the point that Macs are still less afflicted by this stuff than Win boxes. Can you imagine if Slashdot were to post a story for every new Windows malware variant that appears?
On Windows there is a user called System and most programs need to be installed/run as the system user which gives a virus Trojan unlimited access to the full system.
Thats just plain not accurate on several levels.
For starters, I have never in my life seen an installer that needed to run as System. Administrator, yes, but thats not the same thing. For another, you need to install system programs on Mac as root, which IS the same thing as "the system user", as it has the highest rights on the system.
Third, most programs do NOT need to be installed as an admin-- you can install them to the local user's folder. I assume you could pull this off in a Mac, but Im not sure.
If you have a knowledgeable user on a Mac he can run the system securely with out a need for a virus scanner. Unfortunately on Windows you do not have this option.
Baloney. If youre downloading random executables from the net, I suppose you might want that scanner; but if your browser plugins are out of date it wont matter terribly much what OS you use or whether you have a scanner, as each year's Pwn2Own proves (with Mac getting hacked first each time).
Who says Mac users claim they don't get malware?
They said that because it was true for a while, there was no malware to get.
Now, correctly, we will say "be careful you don't get the malware".
The malware that requires people to download Java by the way, which does not ship with macs now...
"There is more worth loving than we have strength to love." - Brian Jay Stanley
That commercial did not, in fact, make the statement that "Macs are immune to viruses."
It did say that there were "114,000 known viruses for PCs" to which the Mac replies "PCs. Not Macs."
What about this one?
It says, "I run Mac OS X, so I don't have to worry about your spyware and viruses."
I suppose the argument could be made that the commercial meant that the person running OS X didn't have to worry about anyone's spyware and viruses but his own (due to the word "your"), but only someone who was already on guard against Apple's duplicitous salesmanship would interpret the commercial in that way.
**** BEGIN PEDANTRY DETERRENCE ****
**** REASONABLE READERS MAY DISREGARD ****
Also, because the Mac representative has spent the previous entirety of the commercial scoffing at the PC representative's paranoia, there is a much more obvious and likely meaning of "your spyware and viruses", as in, "Take your average virus, for example. It doesn't worry me." This usage of "your" does not convey possession (by the PC representative), and thus does not distinguish between viruses and spyware by platform.
**** END PEDANTRY DETERRENCE ****
The commercial clearly suggests that Mac OS X boasts some special resistance or protection (immunity, perhaps?) against spyware and viruses that saves its users the trouble of worrying about same.
From the Intego article about the new variant: "This malware is particularly insidious, as users don’t download anything or double-click any file to launch an installer." Yet Intego repeatedly refers to as a Trojan horse. All of the other articles I can find only reference the Intego report, and don't call it a virus either, including those who would know better, such as Ars Technica and the ISC Diary.
But if it requires no interaction from the user, then why is it not the first true Mac OS X virus?
First thing to stop using when you get an OSX machine, in my book.
When I first got MBP, fall 2010, I had few hard freezes. They stopped as soon as I stopped using Safari.
It may be a coincidence, but my MBP is definitely more stable without. A lot more stable!
As for users ignoring warnings... It looks like good case for Apple to close OSX as they closed iOS - force us to use single app store. Good thing gnome-shell is really nice env, so current OSX users have upgrade, errr, escape path available.
http://opencm3.net, http://www.nongnu.org/gm2/
No, this has been true for every version of Windows NT.
Who the hell targets CDE?!
Blind people?
Spyware is software, the SPIES on you. A virus is a self-propagating program. A trojan is a piece of malware disquised as something else. Ergo, spyware trojan is not the same as a spyware virus. Semantics, yes, but it's better than calling everything a virus.
Greylisting is to SMTP as NAT is to IPv4
But the Trojans were actually from Troy, which is in Turkey, not France, though apparently they didn't mind it Greek style occasionally.
Way off topic, but the Greeks actually refer to that as 'Turkish style'...
I am TheRaven on Soylent News
" you remember the "I'm a PC" and "I'm a Mac" commercials, the gist of several of the ads was that Macs COULDN'T be compromised like PCs."
And at that time it was 100% correct.
Pc's would get a virus just by letting it sit on the internet without a firewall. MAC's would not do this as they actually had a firewall in the BSD underpinnings.
I know that MS fanbois hate that this was a fact and most try like hell to ignore it, but it's also the reason why Linux is far more secure than Windows. Ms is getting better 10 years later, but they still have a long way to go.
Do not look at laser with remaining good eye.
Even if the platform doesn't have any security holes, never underestimate the USER
Download free Natali Portman naked .img would do that on OS X
I've got better things to do tonight than die.
It never made that statement because it would have been false. It did have PC talk about 14,000+ Windows viruses which are harmless to Mac so, at best, it implied, Mac is immune to Window's viruses but that's about it.
And the fact is Macs aren't as insecure. Is that because they're unix based or because they're not as popular? It doesn't really, matter, they are generally more secure and generally require user stupidity which no system is invulnerable against and that is why they would never say the Mac is immune to virus threats.
You need to hold your mac by the corners.
Be seeing you...
Not only that, but this isn't a virus. It's a trojan, and there is no secure system free of trojans unless no human ever interacts with it. As far as I know, as of right now, there are no viruses in the wild for a Mac, as opposed to the 100K plus that are there for a PC. In that respect, the chances that a user will be duped into installing a bit of code with this specific trojan are pretty limited.
Why is it that when we hear about the 1 or 2 trojans for Mac that come out each year, the anti-apple folks come out of the woodwork claiming they are all 'viruses' and that Mac users think they are immune, etc. Of course slashdot extremists will pander to this and mark such posts insightful. The very fact that we're talking about a trojan on a Mac and that it is 'news' speaks volumes. The vector of infection for a trojan has nothing to do with the OS, and unless you need to turn in your geek card, everyone here damn well knows that.
Is a Mac immune? Of course not. No user system is immune from Trojans. Are you less likely to be infected on a Mac? Certainly, and claims to the contrary are patently false. Will that change in one year? Ten years? Who knows. That doesn't change the fact that the gist of the I"m a Mac commercials is still valid, even today.
You really mean all those apps on my Mum's Apple are drugged? Don't tell her she might 'frique out!
Sent from my ASR33 using ASCII
But no one told you that Jobs was a marketing genius. ;)
Wuddooeyeno? IITYWYBMAD? Like nuts? eclecticallyincorrect.com
Why is it that when we hear about the 1 or 2 trojans for Mac that come out each year, the anti-apple folks come out of the woodwork claiming they are all 'viruses' and that Mac users think they are immune, etc. Of course slashdot extremists will pander to this and mark such posts insightful. The very fact that we're talking about a trojan on a Mac and that it is 'news' speaks volumes.
It makes the PC fans feel better about themselves. But I can't actually explain the logic.
One of my favorite in person trolling games is to get together with friends, and since we're all techies, I'll bring up something about say, a virus on the PC, and invariably, most will brag about how "I've never gotten a virus". Then in the next breath, they tell their story of how their machine was infected so badly that they almost had to or had to reformat their computer because of some virus they picked up. Same with updates hosing the computer. "Well, you must be doing something wrong - I've never had that problem". And yup, the next thing out of their mouth is how after an update, their laptop wouldn't play some animation or other at an important meeting. It's all part of the weird Ford versus Chevy mindset, where your favorite car or platform can do no wrong, even if you have to lie about it.
It's a fact that OSX is more resistant to virus infection. It's a fact as you note, that a Trojan being big news just is proof of that fact, as the exception proves the rule.
But it's also a fact that for folks who have issues with the system will chime in with silliness like there are less viruses because there are less computers, or inanity like "See? See? Told you so, OSX is as vulnerable as anything else!". Whatever geets them through the night.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
I'm on a Mac, where do I click for a working example?
Not only that, but this isn't a virus. It's a trojan, and there is no secure system free of trojans unless no human ever interacts with it.
Strictly speaking, most of the Windows users they were targetting with that ad would probably have been infected by trojans rather than viruses too - Apple kind of relied on users not making that distinction.
The applications folder, last I checked, resided on the root of the OSX filesystem (/Applications). That is a system directory which a non-admin will not have rights to.
Many OSX apps do have "installers", even though as you point out they are just disk-images that request you to drag the .app over to /Applications. Arguing whether that is an "installer" isnt terribly relevenat.
Well, OS X already has built-in antivirus since Snow Leopard IIRC. Just google XProtect.
And Windows has Windows Defender. Both are absolutely worthless, because anyone developing a virus will at the get-go ensure it gets around that built-in antivirus. Makes it easy to test against when every single target machine has the same defense on it, doesnt it?
Then what's 'Turkish delight'?
Of course slashdot extremists will pander to this and mark such posts insightful.
I don't get who these 'slashdot extremists' are, or what their point of view is, could you explain it? In just about every story it's some idiot referring to the 'slashdot crew' or 'slashdot extremists' or just 'slashdot' as the people who don't share their point of view, as though they have such a unique - but correct - perspective that the entire community cannot or refuses to see, the result is that said groups are defined as both both bashing and defending Microsoft and Google and Apple and GPL and FOSS and every other entity mentioned in a story yet no-one seems to know who these people are.
This really is the best way to describe such things, though it should be obvious for 2 reasons:
1. The extensive discussion and contrary points of view in such stories.
2. The fact that your post was modded 'informative'.
You don't need to be root to install a program. Some programs need an Adminstrator-like account, but it's not root. In OS X's security pane you can essentially shut off root from user access. Non-admins, i.e. normal users, can install most programs.
Vote monkeys into Congress. They are cheaper and more trustworthy.
Bosch of course. And don't even bring up Rigid. Unless you're dealing with tools to work on a septic system, they're just rebadged (colored) Ryobi. Sad to see.
I drank what? -- Socrates
And they can always install apps into their home directory.
I drank what? -- Socrates
MAC != Mac Capisce?
So you're saying this trojan is a virus?
Mhmmmhmmmm.
Try harder next time.
Do you also correct every mistaken article and post about Windows 'viruses' that are actually trojans? Or are you just here to white knight for Apple?
--Jeremy
Jesus was a liberal
Of course I do. This isn't about Apple or Microsoft, it's about the definitions used to describe security threats and the distinction is important.
The more the anti-Apple brigade run around wailing about what they perceive Apple users think about "viruses" in a story about a trojan the less the discussion is about the actual threat in question.
I also make the distinction on Windows, especially when educating users (generally family members) whose machines I occasionally look after.
It may seem pedantic, but the intentional muddying of the terms to score cheap jabs at Apple users and then claiming "pff, viruses, malware... it's all the same, you know what I meant" isn't helpful to anyone.
As far as "why I'm here"... I'm here because this is a discussion site I've been on for 12 years. Sorry if I didn't justify my existence, I forget myself sometimes.