Slashdot Mirror
New Version of Flashback Trojan Targets Mac Users
wiredmikey writes with this extract from Security Week: "On Friday, researchers from security firm Intego reported that a new variant of Flashback is targeting passwords and as a byproduct of infection, Flashback is crashing several notable applications. Flashback was first discovered by Intego in September of 2011. It targets Java vulnerabilities on OS X, two of them to be exact, in order to infect the system. Should Flashback find that Java is fully updated, it will attempt to social engineer the malware's installation, by presenting an applet with a self-signed certificate. The certificate claims to be signed by Apple, but is clearly marked as invalid. However, users are known to skip such warnings, thus allowing the malware to be installed. ... The newest variant will render programs such as Safari and Skype unstable, causing them to crash. Interestingly enough, normally these are stable programs, so if they start suddenly crashing might be a sign of larger issues."
I know you're trolling, but no he didn't.
He did say they were much less likely, but it has never been the case that Macs were immune. There has been a history of malware on the Mac since the pre-OS X days.
Far fewer viruses in the OS X era though (relative to earlier Mac OSes), but several trojans - usually in pirate software (like the infamous "pretends to be MS Office installer but really destroys your home folder" one).
Vigilance is necessary on all platforms, especially against trojans, since they tend to exploit the common weak link in computer security - the user of the system.
Java was an optional extra on 10.6 and is a separate download on 10.7.
"We know what happens to people who stay in the middle of the road. They get run over." - Aneurin Bevan
Since it's causing instabilities, it's a poorly written piece of malware.
:)
The standard generic symptom of being infected by malware is there are no apparent symptoms. It's just that when people start having problems is when they start looking, but you can bet they were infected LONG before they had those unrelated problems. Obviously that doesn't apply to this one, since it's new and it does cause problems. And yes, you can find others that have recognizable symptoms, but most don't.
Wonder how long until Mac users start claiming the don't have malware again. (Will it be Months, Weeks, Days, or Hours...)
No offense meant to Mac users, but find a way to escape the reality distortion field if you are still in it.
If you remember the "I'm a PC" and "I'm a Mac" commercials, the gist of several of the ads was that Macs COULDN'T be compromised like PCs.
While geeks always new better, I think the point the OP was trying to make is that the majority of Mac users, those who "just want it to work", were sold on the idea that they weren't succeptibal to viruses and malware.
From now on, all Macs will have a firewall and any download will only happen after being approved by Apple. Like the AppStore makes your computer safe from third-party apps, this will make your computer safe from Web.
I'm much more funny, interesting and insightful than the moderators think
Vigilance is very important on all platforms. The worst infection I ever had was on a Solaris 9 box. Some piece of garbage zombie bot took advantage of a weakness in CDE. Who the hell targets CDE?!
Which versions of Java are vulnerable? Basic details are nice to have...
The "Im a PC ads" certainly made that statement. Youre not going to look at this ad... ...and tell me that the implication isnt supposed to be that "Macs are immune to viruses".
http://www.youtube.com/watch?v=GQb_Q8WRL_g
I also find it telling that folks who are not very technical and not qualified to comment on the security of an OS somehow have this idea that Macs cant get viruses. Now where do you suppose that assumption comes from?
Regardless, this is neither a virus nor a worm. It's a trojan. You're supposed to know the difference.
That commercial did not, in fact, make the statement that "Macs are immune to viruses."
It did say that there were "114,000 known viruses for PCs" to which the Mac replies "PCs. Not Macs."
It's worded in such a way that your casual listener will likely believe "Oh, Macs don't get PCs", but it's ALSO worded so that Apple could easily argue that they merely meant that there are simply *not* 114,000 viruses for Macs. Maybe there's 100,000. Maybe 150,000. Maybe 0. But they didn't say outright, "Macs don't get viruses."
It's their fault that everyone heard it that way and that everyone assumes that, but really. They never said Macs don't get viruses.
And yes, I agree. Fuck Apple and their wordplay.
If you have to deliberately install it, it's neither a virus nor a worm. It's an app.
Help stamp out iliturcy.
I don't think they ever said "couldn't" or "can't", but instead said, "don't."
It is a "new variant of Flashback"
A new variant??
something made with parts that have been used previously?
maybe even on a PC?
code parts that could run on any grey unspectacular computer?
a modified version of something coded for the masses?
Please tell me, they at least improved it so it would use functions only genuine apple hardware could provide.
The only reason why Macs are perceived as more secure is because they have less market share, and therefore less interest to those who make the malware.
-1, Security Through Obscurity.
I'll remind you yet again that in the pre-OS X era, there was quite a bit of Mac malware floating around; never as much for DOS/Windows PCs, to be sure, but still a lot of it. At a rough guess, it existed about in proportion to the relative market share of the Mac OS ... which kind of gives credence to the market share argument, except that when OS X became the standard, the number dropped to damn near zero, and stayed there for many years. There's more OS X malware out there than there used to be, now, but the proportion is still nowhere near the market share of OS X relative to Windows. And the vast majority of exploits are, like this one, browser-based, rather than targeting the OS itself.
In short, the market share argument is just as much bullshit as security-through-obscurity arguments always are.
The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.
The fact that this is even considered a story makes the point that Macs are still less afflicted by this stuff than Win boxes. Can you imagine if Slashdot were to post a story for every new Windows malware variant that appears?
On Windows there is a user called System and most programs need to be installed/run as the system user which gives a virus Trojan unlimited access to the full system.
Thats just plain not accurate on several levels.
For starters, I have never in my life seen an installer that needed to run as System. Administrator, yes, but thats not the same thing. For another, you need to install system programs on Mac as root, which IS the same thing as "the system user", as it has the highest rights on the system.
Third, most programs do NOT need to be installed as an admin-- you can install them to the local user's folder. I assume you could pull this off in a Mac, but Im not sure.
If you have a knowledgeable user on a Mac he can run the system securely with out a need for a virus scanner. Unfortunately on Windows you do not have this option.
Baloney. If youre downloading random executables from the net, I suppose you might want that scanner; but if your browser plugins are out of date it wont matter terribly much what OS you use or whether you have a scanner, as each year's Pwn2Own proves (with Mac getting hacked first each time).
That commercial did not, in fact, make the statement that "Macs are immune to viruses."
It did say that there were "114,000 known viruses for PCs" to which the Mac replies "PCs. Not Macs."
What about this one?
It says, "I run Mac OS X, so I don't have to worry about your spyware and viruses."
I suppose the argument could be made that the commercial meant that the person running OS X didn't have to worry about anyone's spyware and viruses but his own (due to the word "your"), but only someone who was already on guard against Apple's duplicitous salesmanship would interpret the commercial in that way.
**** BEGIN PEDANTRY DETERRENCE ****
**** REASONABLE READERS MAY DISREGARD ****
Also, because the Mac representative has spent the previous entirety of the commercial scoffing at the PC representative's paranoia, there is a much more obvious and likely meaning of "your spyware and viruses", as in, "Take your average virus, for example. It doesn't worry me." This usage of "your" does not convey possession (by the PC representative), and thus does not distinguish between viruses and spyware by platform.
**** END PEDANTRY DETERRENCE ****
The commercial clearly suggests that Mac OS X boasts some special resistance or protection (immunity, perhaps?) against spyware and viruses that saves its users the trouble of worrying about same.
"The only reason why Macs are perceived as more secure is because they have less market share, and therefore less interest to those who make the malware."
That may be why techies believe it, but then they tell their non-techie friends who just spread the word that macs are immune to viruses. I know a lot of people who tell others that they're immune to viruses without knowing why that might be.
Worst I had a teacher, whom I was a TA for, telling freshmen that macs couldn't get viruses. If I recall correctly his logic was they they were unix and therefore the open source nature had eliminated all bugs.
First thing to stop using when you get an OSX machine, in my book.
When I first got MBP, fall 2010, I had few hard freezes. They stopped as soon as I stopped using Safari.
It may be a coincidence, but my MBP is definitely more stable without. A lot more stable!
As for users ignoring warnings... It looks like good case for Apple to close OSX as they closed iOS - force us to use single app store. Good thing gnome-shell is really nice env, so current OSX users have upgrade, errr, escape path available.
http://opencm3.net, http://www.nongnu.org/gm2/
" you remember the "I'm a PC" and "I'm a Mac" commercials, the gist of several of the ads was that Macs COULDN'T be compromised like PCs."
And at that time it was 100% correct.
Pc's would get a virus just by letting it sit on the internet without a firewall. MAC's would not do this as they actually had a firewall in the BSD underpinnings.
I know that MS fanbois hate that this was a fact and most try like hell to ignore it, but it's also the reason why Linux is far more secure than Windows. Ms is getting better 10 years later, but they still have a long way to go.
Do not look at laser with remaining good eye.
Not only that, but this isn't a virus. It's a trojan, and there is no secure system free of trojans unless no human ever interacts with it. As far as I know, as of right now, there are no viruses in the wild for a Mac, as opposed to the 100K plus that are there for a PC. In that respect, the chances that a user will be duped into installing a bit of code with this specific trojan are pretty limited.
Why is it that when we hear about the 1 or 2 trojans for Mac that come out each year, the anti-apple folks come out of the woodwork claiming they are all 'viruses' and that Mac users think they are immune, etc. Of course slashdot extremists will pander to this and mark such posts insightful. The very fact that we're talking about a trojan on a Mac and that it is 'news' speaks volumes. The vector of infection for a trojan has nothing to do with the OS, and unless you need to turn in your geek card, everyone here damn well knows that.
Is a Mac immune? Of course not. No user system is immune from Trojans. Are you less likely to be infected on a Mac? Certainly, and claims to the contrary are patently false. Will that change in one year? Ten years? Who knows. That doesn't change the fact that the gist of the I"m a Mac commercials is still valid, even today.
You really mean all those apps on my Mum's Apple are drugged? Don't tell her she might 'frique out!
Sent from my ASR33 using ASCII
The only reason why Macs are perceived as more secure is because they have less market share, and therefore less interest to those who make the malware. Period.
Bullshit yourself. Do you think there is like only three Macs out there?
If they were vulnerable, the millions of Macs out there would make them a nice platform to use and distribute. After all, you can ask PC fans, Mac users are depicted as computer illiterate idiots. A vulnerable platform plus stupid users is an almost irresistible target and ideal distribution network.
But believe as you wish. A good story helps some folks believe that they made the right choice.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
I'm on a Mac, where do I click for a working example?