Slashdot Mirror
Flashback Trojan Hits 600,000 Macs and Counting
twoheadedboy writes "A Flashback variant dubbed Backdoor.Flashback.39 has infected over 600,000 Macs, according to Russian security firm Dr Web. The virulent Flashback trojan infecting Apple machines sparked interest earlier this week after it was seen exploiting a Java vulnerability, although it was actually first discovered back in September last year. The Trojan has a global reach after Dr Web found infected Macs in most countries. More than half of the Macs infected are in the US (56.6 percent), while another 19.8 percent are in Canada. The UK has 12.8 percent of infected Macs."
Is it just wrong if I laugh a little?
Seven puppies were harmed during the making of this post.
Is there any way to check whether your Mac is infected?
It's only been a matter of time. Many people think that since the common knowledge is that Macs don't get viruses, they are immune to everything else (including trojans). Only the computer nerds differentiate between viruses, trojans, and malware you get by clicking on something on the internet.
it used to be magic pixie dust protected Macs but in the last 6 months i've been using the Spirit of Steve
time to find some new protection
The users just surfed wrong.
But seriously, Apple screwed the pooch really good on this one. Looks like it's time that their corporate culture goes through the same "trustworthy computing" initiative that Microsoft went through over the last few years.
I noticed there was a Java update the other day, and the article seems to indicate this was indeed patched on April 3rd.
I don't bother running any sort of virus/trojan detection on my mac currently. What do folks recommend?
thats nice
http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml
See here: http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml
Summary:
If you open Terminal and run
defaults read /Applications/Safari.app/Contents/Info LSEnvironment
and
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
and see:
The domain/default pair of [...] does not exist
for each, you are not infected. Also, if you run nearly any AV software or other tools like Little Snitch, you are not infected as it checks for these and deletes itself if found.
Also, no sensible person ever said "Macs don't get [infected/hacked/whatever]." It just a lot less likely, and has historically been, even accounting for differences in marketshare. As Mac share increases, it only makes sense they'll be targeted more with malware. But Macs, as a whole, are indeed "more secure", in that still, to this day, you are far less likely — even with the complacency or, if you prefer, ignorance, of Mac users — to become impacted with any malware than with Windows. Maybe someday this will change. But it's never been true to date, and isn't true now. The fact that single instances of Mac malware get so blown out of proportion, STILL, is ridiculous. (Though, Apple could do better with patching known vulnerabilities in Java on Mac OS X...)
The same advice and best practices for avoiding malware apply to Macs as well as any other desktop platform, and Mac users would do well to run current AV software. The Sophos free edition is nice.
Gizmodo's article shows how to determine if your machine is infected. http://www.gizmodo.co.uk/2012/04/mac-flashback-trojan-find-out-if-youre-one-of-the-600000-infected/
Can we please end the madness where people claim that since an OS is a variant of unix it can't get a virus? Users do stupid things, stupid things have consequences, doesn't matter the make of the car you are driving if you are a drunk moron soon enough you'll crash into something. Similarly if you are a horny moron eventually you'll browse to a site that will find a way to get you to install some junk that will trash your computer all in the name of some desperately needed friction motivation.
So It Has Come To This
They just don't get it, & by the same token, they'll NEVER end it (but it will end them and their OS of choice taking the top spot). Lies/FUD b.s. never go too far before the cat gets out of the bag and folks wise-up to it is why! In the end? That practice, destroys, and apparently, the marketshare figures show that much. Anyone doesn't like that, "argue with the numbers", it's that simple.
HAHA HAHAHHAHAHAHHA Hahahahahahhaahha
hahahahahhahahhahahahhahahahh
HAHAHAHAHAHAHahahahahahahaha
while those of us with more than two brain cells to rub together will continue to use the best of the best
See, I question if you really do have those two brain cells.
;P
Because most people who do? Know that there is no "best of the best".
As much as most slashdot readers love to hate on windows/apple and love on linux, the only "best" operating system is the one that suits the customers needs the most.
For you? It's mac. And that's great! I'm glad you found an OS you're happy with.
But that does not prove true for everyone.
Also, immediately dismissing the issue as a "hoax" before even reading the article isn't a sign of intelligence.
Especially so if you use a mac and should probably learn how to check if you're infected.
Where did the term "screwing the pooch" come from? Was someone's mistake way back in the day getting caught screwing the pooch and the name stuck? Reminds me of an old scottish joke.
American of scottish ancentory goes to Scottland for a trip. While there sees a nice pub and goes in and starts chatting with the bar keep.
barkeep "I'm McGregor I've been running this pub for twenty years. But do they call me McGregor the barkeep. Nooo."
yank: "Oh this is really nice brickwork on this building.
barkeep "Aye. I built this bar with me own two hands. But do they call me Mc Gregor the stone mason. Noooo."
yank "Oh and the fence out front that is very colourful."
barkeep "Aye. I built that too. But do they call my McGregor the fence mender. Nooo. But you fuck one goat ..."
So what you are telling me is they managed to get all of them?
It is their chief weapon, fear and surprise...surprise and fear...fear and surprise.... Our two weapons are fear and surprise...and ruthless efficiency.... Our *three* weapons are fear, surprise, and ruthless efficiency...and an almost fanatical devotion to the Pope.... Our *four*...no... *Amongst* our weapons.... Amongst our weaponry...are such elements as fear, surprise.... I'll come in again.
Only anti-Mac idiots ever say that.
Welcome to the club, Daniel.
NOBODY expects the Spanish Inquisition!
Is it just wrong if I laugh a little?
Hello Artie MacStrawman, how are you today?
So, Linux has NEVER had a java exploit?
There are two types of people in the world: Those who crave closure
I don't know how I'll ever sleep at night knowing that there's always that one Mac virus doing the rounds. But I know my Windows ME box hooked directly to my cable modem will always be safe.
This is the problem with the web. When the first DBI ( Drive By Infection ) happened the code that allowed this sort of thing to happen was not ripped out "with extreme prejudice" and in an old /. post I asked why and there was damn little in the way of a response.
So I ask once again, why has this not been fixed? Why are there so god damn many ways to do this and how come that ability has not been removed?
It seems to me that in the insanity of try to make the browser everything instead of a piece of software that renders text, there is nothing but vulnerability after vulnerability and I really don't see any end in sight since in trying to make the browser do everything it needs more and more access to the core functions of the OS it is running on. How can this not lead to more and more attack vectors?
Hey KID! Yeah you, get the fuck off my lawn!
Can't be laid at the feet of Microsoft.
Mac users have long embraced a culture of denial; "I'm safe, I use a Mac." Gloating Linux users should take note. Yes, Linux is among the best, but it isn't invincible. Due diligence in firewalls and vetting app sources is a requirement on ALL platforms. (Yes, you too, BSD folks.)
I hope for your sake that you're not living in Arizona.
Market share has something to do with it, as does a pretty good track record of security, but the type of users that use Linux is also a significant reason that we don't see widespread malware affecting desktop Linux. Your typical Linux user is generally more nerdy, computer literate and security concious.
If you did a survey of how many users clicked on pop-up banners, opened PDFs from spam email, granted permission to untrusted Java applets, etc, I bet the percentage of Linux users who fell in the traps would be smaller than the other OS users.
TROJAN. Trojans are installed by users who are faked out by a web page that demands they install a program using an admin-enabled account. There is no protecting an operating system from a person who installs strange programs on demand.
It is not a virus. Viruses infect Windows machines on bootup, through flaws in the OS, opening mail, spreadsheets, or scratching yourself, and probably on exposure to sunlight or eating Splenda. There are MILLIONS of viruses in Windows. And trojans. They exist because Windows had its bloodstream exposed in '95 when Gates and company welded the OS file system to the IE browser, making Windows a target of opportunity for decades.
There has not been a single virus on the Mac in the wild, ever. And it's not for lack of trying: the first black hat to release such a thing gets mad props forever, not to mention the thanks of the various Slavic mafias.
You can't guard against ignorance, laziness, and lack of experience. Those things enable trojans to be installed, and always will be.
Macs still Just Work. That's because it's Unix with a fancy hat on.
This is a drive-by trojan, not a virus.
Trolling is a art,
I love the Apple marketing on this one. "A Mac isn’t susceptible to the thousands of viruses plaguing Windows-based computers. That’s thanks to built-in defenses in Mac OS X that keep you safe, without any work on your part." No, it's susceptible to Java and Office trojans. It's not our fault!
I recently attend an iOS for business event where the Senior Apple engineer declared that "even if you want to write a virus for iOS you can't" and "there is zero malware in the app store". That sounded like a challenge to the hacktivist community. Seriously, denial is the first step, and Apple needs to get their fanboys lining up to learn about the vulnerability and threats to the Apple community in addition to plopping $800 down for the latest iWhatever.
"Security-by-Obscurity"/lack of usership + marketshare allows for this from you, but, nothing more:
"That's because they generally *don't* get VIRUSES (see what I did there?)." - by ilsaloving (1534307) on Thursday April 05, @10:00AM (#39584241)
See my subject-line, & realize something: Today's 'hacker/cracker' isn't using TRADTIONAL VIRUSES (the type that attach to an executables' "tail" & alter its jump tables for functions used, and increases an executable's size in doing so).
They're instead using things like ADOBE products flaws, &/or JAVA known flaws in security issues.
That's what MOSTLY everyone who is "hit" by malware is hit by from today's "malware makers" (script kiddies mostly using tools for automating creation of exploits no less).
These malware makers are JUST LIKE THE PICKPOCKET - they will NOT spend efforts targetting a least used platform.
On less used computing platforms of ANY kind?
There's just NOT enough "ROI" for said effort in malware creation, AND, not enough users to target for monetary thieving returns (and yes, they are after your monies &/or personal information like credit card #'s... it's not a kid's game anymore, but REAL crime).
Just like pickpockets do? They go to where the CROWDS ARE on any computing platform (more on THAT below, with a *NIX variant no less)... to the "crowded malls, train & bus stations, & city streets" of Windows on PC's &/or Servers combined... this is where the "easy meat" noob users who are simpler to victimize, are.
Period/Point-blank.
---
"The security settings on unix based systems are usually more strict than on windows machines." - by ilsaloving (1534307) on Thursday April 05, @10:00AM (#39584241)
Tell that to the ANDROID folks... Android IS a Linux variant (it uses a Linux kernel/core, but isn't as secured for 'ease of use' by end users) on another computing platform: THE SMARTPHONE!
There, Android (a linux variant) is "king"... what happens to it? Ok, some examples (from reputable security sites etc.):
3,325% increase in malware targetting ANDROID:
http://blog.webroot.com/2012/02/17/report-3325-increase-in-malware-targeting-the-android-os/
Security firms: Android malware set to skyrocket @ The Register:
http://www.theregister.co.uk/2011/09/15/android_malware_skyrockets/
Android Malware May Have Infected 5 Million Users - Slashdot
http://yro.slashdot.org/story/12/01/28/0431251/android-malware-may-have-infected-5-million-users
More than $1 million stolen from Android users in 2011, mobile threats to increase in 2012:
http://www.bgr.com/2011/12/14/more-than-1-million-stolen-from-android-users-in-2011-mobile-threats-to-increase-in-2012/
Android bug lets attackers install malware without warning @ The Register:
http://www.theregister.co.uk/2011/09/20/google_android_vulnerability_patching/
APK
P.S.=> Would you like MORE such examples? I have, oh, roughly another 100++ or thereabouts... apk
Yeah but when have u seen 50% of the US linux boxes vuln to a 5 months old bug?
True but how many people make this same distinction when it comes to Windows. Every infected windows machine I’ve ever come across was done so via a Trojan of some sort. I’m sure if you didn’t count Trojans, overall Windows infections would be lower granted its really high to begin with.
Josh
Correct
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
You wish.
Too bad Apple is selling 4+M Macs per quarter.
There are two types of people in the world: Those who crave closure
leave java and flash to the shitty windows world, don't want it, don't need it
Wrong.
Here, step by step directions on how you can make one:
http://www.offensive-security.com/metasploit-unleashed/SET_Java_Applet_Attack
There are two types of people in the world: Those who crave closure
HAHA HAHAHHAHAHAHHA Hahahahahahhaahha
hahahahahhahahhahahahhahahahh
HAHAHAHAHAHAHahahahahahahaha
I know, right?! Six hundred thousand? Out of fifty million Macs in the world? This is the end-of-the world, Macs-are-doomed infection we've all been waiting for?
0.012%?
That's like a rounding error, it's hilarious. Microsoft would kill for infection rates like that.
Dr. Web sells a mac anti-virus "solution".
Everyone knows there are no viruses for Macs because it is based on a Unix kernel~
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
Before we rehash the same old comments - and effectively clone a number of threads that have gone before, shouldn't we examine the claim of 600,000 infections?
That's the remarkable thing about this story. I'm not overly familiar with Dr.Web as a security company, but I'm more than a little skeptical about the distribution of infections.
The website gives little information about how the research was carried out http://news.drweb.com/?i=2341&c=5&lng=en&p=0.
How is it that the UK has seen 12.8% of worldwide infections, while Ireland has seen just 0.1% of infections? The UK has a population ten times bigger than Ireland, so given roughly equal market share (5 to 6%), you'd expect a tenth of number of infections or thereabouts.
Switzerland has a much higher market share than Ireland (17%) and a larger population, but comes out with the same 0.1%.
I'd like to understand how these numbers were arrived at and verfied. If they are genuine and valid, I'd love to know how Switzerland is staying safe, because we should probably all adopt their methodology.
There are over 100 million Macs in use in the world*. So what we have here is some random Russian anti-virus firm is claiming that 0.6% of them are infected with a trojan due to a vulnerability in Oracle's Java engine (for which Apple has already sent out an update to patch the vulnerability). And that Russian firm would love to sell you the cure.
Yeah, that totally proves that Macs are just as unsafe as PCs.
* http://wiki.answers.com/Q/How_many_Macintosh_computers_are_in_use_worldwide
Does anybody know if Gatekeeper which is touted for the next OSX release would have prevented this? And if so how does it stack up against pending changes in windows and Linux?
The piece said 50% of infected machines were in the US, not 50% of US machines were infected.
And actually I do see linux boxes with old vulnerabilities pretty often. One of the problems with OSS is that updating often breaks libraries... which if you have compiled 3rd party software installed can be a real barrier to updating. We have one machine that has not been updated with any patches for 2-3 years now because they will break installed apps.
by at least an order of magnitude.
The users just surfed wrong.
Windows infection vectors these days are either through Flash or Java VM. Slashdot previously ran a story on how windows gets infected with malware back on Oct 5, 2011 with an included source link in the summary.
Life is not for the lazy.
Good catch. How dare they be so misleading, with the title of "Flashback trojan hits 600,000 Macs and Counting"? It's a trojan people, not a virus.
I do have to take exception with this statement, however: "There has not been a single virus on the Mac in the wild, ever."
Some of the first viruses ever (but not THE first), back in the early 80s, were Mac viruses spread over the Texas A&M network. Not to mention Elk Cloner, AutoStart 9805, OSX.Oomp, and others. You have either a very selective or very limited memory.
I had to tell my CEO he might be infected today. He is one of only a handful of people who use on here at work.
Macs still Just Work. That's because it's Unix with a fancy hat on.
I used to have a Mac, and I know from a deeply personal experience that Mac is more like UNIX with a ball-gag on and its hands tied behind its back. It is the best platform if all you want is to get reamed by Zombie Steve.
If Microsoft hadn't written this crappy software and they'd used Linux instead, this wouldn't have happened.
that is all
So
Chas - The one, the only.
THANK GOD!!!
Thank you.
It's a sad day when the reddit thread is having a mature and helpful discussion about this, while Slashdot (with the exception of your above post) is having a circlejerk making fun of Mac users.
"Mind, as manifested by the capacity to make choices, is to some extent present in every electron." -Freeman Dyson
Only on slashdot.
Damn stupid signon...
As I was going to say. Malicious software is malicious software. REGARDLESS OF ATTACK VECTOR.
You can continue to rant and cry about how your precious little "lifestyle choice" isn't at fault for this.
The fact remains that Macs are vulnerable to malicious software. And the head-in-the-sand (or up-ass, depending on whom you speak to) attitude displayed by all the elitist prats in the Mac community doesn't help this.
Chas - The one, the only.
THANK GOD!!!
Please RTFA, it's a drive-by attack and does not require user interaction.
It would really be useful if there was an easy way for the Mac user to run downloaded programs in a sandbox or in another user account that has very few permissions.
The biggest dangers to Mac users these days from what I have seen are:
1) Hard disk dies and you don't have a bootable image. Even with Time Machine it was not easy for Mom to restore her apps, and had decided not to buy two extra hard disks, 1 for time machine and 1 for full image backup like superduper. I have a feeling this is more common than one would expect.
2) You download a malicious app that trashes your user's home directory.
In either case Macs can have many user accounts but nobody is using this facility much, and it could be quite useful.
What sort of retarded package manager does not know to retain older versions of a library, as required by installed apps? If you are not using package management, why have you not sandboxed the troublesome apps yet?
Something bad is coming when people are suddenly anxious to tell the truth.
One of the problems with OSS is that updating often breaks libraries...
I haven't had that happen in years and years. Debian 3.0 era (though I suppose jumping distro releases in RHEL has the tendency to break RPMs on occasion).
which if you have compiled 3rd party software installed can be a real barrier to updating.
That's your problem. You've got crap not built from packages. Why didn't you package them? There's a good case for doing so. (Either you need to build things from source and package them, use packages, or drop your binaries fully outside the system tree - eg. /opt - and modify the $PATH.)
We have one machine that has not been updated with any patches for 2-3 years now because they will break installed apps.
Are there no updates for those apps? I've not yet seen an app which wouldn't deal with the newer versions of a library, not even proprietary stuff.
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
Not all apps go through package management, and sometimes they depend on libraries that other system components also depend on.
Unfortunately 'sandboxing' sometimes requires so much of the system that the only solution is to set up a VM, which puts you right back in the 'old distribution' category'
I can't speak for GP, but for my home computer, NVidia drivers, VMWare, Flash and the fragile sound system are the worst offenders. On every kernel / core libraries update, there is a good chance some of these will break. So I'm sometimes reluctant about updating, too.
*shrug* not everything comes with source or has source available, and not all vendors are happy (or willing) to keep providing new binaires over the years, esp if you are not paying them for it.
Which gets back to the issue with OSS in this specific domain. OSX and Windows do a pretty good job of maintaining backward binary compatibility. You install an app, that app will probably keep working across many updates. OSS tends to assume that you have the ability to rebuild form source or your app is being maintained through the packaging system of that distribution. For most people this is indeed the case, but when it is not such systems can become a real headache and it is not always possible (or at least not always easy) to isolate large parts of the system in order for the app to use some system libraries while everything else uses another. It gets even worse when you are talking about things that need kernel modules.
It kinda come back to 'to each their strengths and weaknesses', and this is a weakness of OSS when it comes to deploying exotic 3rd party applications.
The users just surfed wrong.
Windows infection vectors these days are either through Flash or Java VM. Slashdot previously ran a story on how windows gets infected with malware back on Oct 5, 2011 with an included source link in the summary.
Don't forget Adobe Reader.
What a piece of shit.
You are correct. However, what detects both of those? Antivirus software! By differentiating the two for the average user, you are doing them a disservice, in that they won't bother to run antivirus because they will see it as ineffective against these vere real threats, when it would actually benefit them.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
Oh yes. Indeed. It's a massive piece of shit. I hate everything about Acrobat Reader from how the browser plugin fucks up reading bank statements in PDF format, the bloat, and slowness despite 2D acceleration features. And to make it all worse, it makes a nice web browser vector by which to get infected by. Ta daaa!
Life is not for the lazy.
A couple weeks ago, while taking my asian girlfriend shopping at the local mall, I had to take a piss. As I entered the john, Steve Jobs -- the messiah himself -- came out of one of the booths. I stood at the urinal looking at him out of the corner of my eye as he washed his hands. He didn't once look at me. He was busy and in any case I was sure the security guards wouldn't even let me shake his hand.
As soon as he left I darted into the booth he'd vacated, hoping there might be a lingering smell of shit and even a seat still warm from his sturdy ass. I found not only the smell but the shit itself. He'd forgotten to flush. And what a treasure he had left behind. Three or four beautiful specimens floated in the bowl. It apparently had been a fairly dry, constipated shit, for all were fat, stiff, and ruggedly textured. The real prize was a great feast of turd -- a nine inch gastrointestinal triumph as thick as his cock -- or at least as I imagined it!
I knelt before the bowl, inhaling the rich brown fragrance and wondered if I should obey the impulse building up inside me. I'd always been a liberal thinker and had been an Apple customer since 1984. Of course I'd had fantasies of meeting Jobs, sucking his cock and balls, not to mention sucking his asshole clean, but I never imagined I would have the chance. Now, here I was, confronted with the most beautiful five-pound turd I'd ever feasted my eyes on, a sausage fit to star in any fantasy and one I knew to have been hatched from the asshole of Steve Jobs, the chosen one.
Why not? I plucked it from the bowl, holding it with both hands to keep it from breaking. I lifted it to my nose. It smelled like rich, ripe limburger (horrid, but thrilling), yet had the consistency of cheddar. What is cheese anyway but milk turning to shit without the benefit of a digestive tract?
I gave it a lick and found that it tasted better then it smelled.
I hesitated no longer. I shoved the fucking thing as far into my mouth as I could get it and sucked on it like a big half nigger cock, beating my meat like a madman, and thrusting my pink iPod Shuffle into my ass. I wanted to completely engulf it and bit off a large chunk, flooding my mouth with the intense, bittersweet flavor. To my delight I found that while the water in the bowl had chilled the outside of the turd, it was still warm inside. As I chewed I discovered that it was filled with hard little bits of something I soon identified as peanuts. He hadn't chewed them carefully and they'd passed through his body virtually unchanged. I ate it greedily, sending lump after peanutty lump sliding scratchily down my throat. My only regret was that Steve Jobs wasn't there to see my loyalty and wash it down with his piss.
I soon reached a terrific climax. I caught my cum in the cupped palm of my hand and drank it down. Believe me, there is no more delightful combination of flavors than the hot sweetness of cum with the rich bitterness of shit. It's even better than reading an Apple press release!
Afterwards I was sorry that I hadn't made it last longer. But then I realized that I still had a lot of fun in store for me. There was still a clutch of virile turds left in the bowl. I tenderly fished them out, rolled them into my handkerchief, and stashed them in my briefcase. In the week to come I found all kinds of ways to eat the shit without bolting it right down. Once eaten it's gone forever unless you want to filch it third hand out of your own asshole. Not an unreasonable recourse in moments of desperation or simple boredom.
I stored the turds in the refrigerator when I was not using them but within a week they were all gone. The last one I held in my mouth without chewing, letting it slowly dissolve. I had liquid shit trickling down my throat for nearly four hours. I must have had six orgasms in the process.
I often think of Steve Jobs dropping solid gold out of his sweet, pink asshole every day, never knowing what joy it could, and at least once did, bring to a grateful Apple customer.
C|N>K
I'm a Mac user for about 27 years, but I LOL'd.
I won't be buying any more Apple products (I have only bought used for years anyway; saves thousands) until they change their supply chain to be environmentally sustainable and not abusive of workers (a problem which is not unique to Apple, of course). Which is unlikely to ever be resolved in China. So...
you had me at #!
Reminds me of Archduke Ferdinand right after the gunshot: "It is nothing".
Marketshare has an effect, but the pro-Microsoft crowd vastly oversells it when excusing the prevalence of malware on a given platform (Windows).
Mac marketshare dropped precipitously well over a decade ago, yet malware was a very big concern on pre-OSX systems. Even though Mac marketshare has recovered these days, the severity of infection rates on OS X doesn't even approach how bad it was in the pre-Unix days.
I would assume so if Apple doesn't support Mac OS X 10.5.x anymore. I hope disabling Java in web browsers is enough since there's no way to uninstall it because Mac OS X came with it. :(
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
AV vendors would certainly like to claim otherwise. But some OSes are better at protection than others.
The lack of any expectation of OS protection is what made Windows the festering cesspit that the general population associates with pain. Regardless of whether its attached to a PC or not, there isn't a single MS product today with the 'Windows' moniker that isn't either losing money or in decline. (And thank goodness for that!)
PS - The article is about a trojan (user-installed) which you are mistakenly confusing with a virus.
How do you get those numbers, unless you wrote the software yourself?
Coincidentally, the originators of the information (a Russia based firm called Dr Web) have a virus scanner they can sell you. You'll probably need root to install it...
Nope! Nothing suspect here...
http://news.drweb.com/?i=2341&c=5&lng=en&p=0
MYTHS!
https://vms.drweb.com/myths/
Does anyone have any suggestions for getting rid of the damn thing?
Instead of flaming each other maybe we can skip to the part where we say how to remove it completely. Same goes for Windows Malware. If we put in one tenth of the energy documenting the removal of these things that we do into flaming there wouldn't be malware to speak of. Removing the stuff is a pain and every tech I know has a different set of tools they use to do the job.
In regard to this piece of malware I have scanned computers with Integro's VirusBarrier X6 and it takes days to complete a scan and doesn't seem to be able to remove it anyway. How it takes days is beyond me, there's only a handful of malware for macs and it seems like a full scan would take seconds, but hey, that's just me.
Leave your computer on and at 3am ish it'll install the updates and reboot, if needed. For regular update cycles it is a bit lax about what day it happens on, presumably to keep load down, but for really important ones it forces it Tuesday.
If you leave Windows in its default setting, it'll mind after itself quite well.
Gawdam, it's really too bad that wouldn't fit readably on a T-Shirt.
They use 'security-by-obscurity' to "twist the truth" you spoke of because it APPEARS that way (lack of usership which malware makers don't attack, not enough #'s of victims to rob & not enough "ROI" for their time put in creating said malware "for the masses" (a key point, right there))
No - you're telling it how it really is, and what proves it? Android on SmartPhones (& yes, it IS A LINUX because it uses a Linux core/kernel (that is, unless someone wants to prove otherwise & state for instance, it's really Windows or MacOS X's BSD core instead, lol)).
* It's getting "mauled" every week... & yes, again - it IS a Linux.
APK
P.S.=> 1 good thing, however, come of that - the malware makers, whether they LIKE IT or NOT, do 1 great thing - they point out what needs "shoring up"/reinforcement... apk
Is this was actually a Big Mac Attack?
--- If the bible proves the existence of God, then Superman comics prove the existence of Superman.
Get a Mac to avoid getting hacked they said...
rm /usr/bin/tknd
I'm afraid you don't have a clue. To start with, that would not be a Linux exploit. As you pointed out it would be a Java exploit. A Java exploit on Linux, Windows, or OS X is not a Linux, Windows, or OS X exploit. Obviously if I run software you have written on my machine that software will have vulnerabilities. On most Windows boxen in the wild (i.e. horribly and wrongfully configures out of the box), once I exploit your app I can own your OS. On almost all Linux distributions, however, you may access local user data and screw up the local users stuff, but you will not own the OS.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
IS needed (bugs too) - nothing does it like masses of users, and, especially "noob" type users.
That's the ONLY WAY to really know how well Linux would do vs. Windows, in terms of how "insecure" it may actually be - after all, security-wise? They're NOT ALL THAT DIFFERENT FROM ONE ANOTHER principal security-architecture-wise nowadays!
Especially NOT IF we see the /. mythical "year of Linux" where it takes over the topmost used spot on PC's &/or Servers combined.
Then (and ONLY then), you'd have a real comparison/test...
HOWEVER?
Smartphones based on ANDROID are seeing Linux's showing security-wise, and, not liking the results I'd say (due to so many exploits occurring on it there on that computing platform)).
No - Because Linux only has 1.2% of marketshare on PC desktops @ home + corporate desktops @ work + Servers overall combined (well, better w/ servers @ around, oh, 51% I would say, mostly due to no cost buyin for Linux & the fact that yes, it does the job well as a server)?
You penguins haven't even begun to see what could happen on PC's &/or Servers combined @ this point due to lack of users/marketshare if Linux was in the topspot for being the most used (and yes, that IS what gets attacked on any computing platform the most, & both Windows + ANDROID prove it).
That's the "true test" & we're already seeing what happens to Linux variants that way, via ANDROID (yes, it is a Linux, because it uses a Linux kernel/core (unless someone can prove otherwise & show us it's really BSD based like MacOS X, or Windows based)).
APK
P.S.=> HOWEVER? Well... 1 nice thing comes out of the malware makers' insistence (and actually "good logic" for them @ least - ROI is better for work-efforts expended in malware creations by going after the biggest mass of users possible @ "1 shot", & usually "noob" users who are not security-saavy too) to attack the most used computing platforms OS' used: It exposes weaknesses that need reinforcement(s)
... apk
allows you to go back in time to a point where you should have been wearing one?
Just to play devil's advocate here, AV2012 probably infects that many each day, or hour for that matter.
Sigh. Stay classy slashdot.
"-1 Troll" does not mean "I disagree".
fed non-executable content downloaded from the internet (data files only) and 'sneakernetted' to the air-gapped computer.
When in doubt. use a trusted hex-editor on the air-gapped computer to read the content.
Problem solved(?)
All = not good, & ur only mincing words w\ definitions (a charlatan's trick).
Guys, easily detect if u r infected and fix the problem...
http://infophiles.com/?tag=detect-trojan-virus-in-mac
http://apple.slashdot.org/comments.pl?sid=2767979&cid=39584519
Years of /. *NIX "can't get (insert malware-of-choice)" b.s. is FUD!
All the "spinmaster" use of "mincing words" or "let's invent new categories to try to 'contain and mitigate + manage the situation'"? Newflash - It doesn't work on your part (or those of your fellow *NIX lovers either) to convince us that years of outright lies and twisting truths went on here and elsewhere from *NIX people online.
You really shouldn't speak about yourself in that way. Such a lack of self-esteem.
Seven puppies were harmed during the making of this post.
Even on desktops, I find the standard windows automatic updates schedules to be insufficient.
At work, most people shut down their computers overnight, missing update windows. Other people never log off, so you can not expect the computers to install updates at shutdown. People can not be relied on to notice the Automatic Updates icon and click to allow updates either. I am reluctant to force a computer to reboot when someone is logged on, in case they have unsaved work.
I have found to well is to have updates install overnight, but if the update window is missed, the computers will install patches 15 minutes after booting. If someone is logged when patches are installed, then the computers will prompt the user once per hour to reboot the computer after patching if a reboot is required. I configure this through Active Directory at work and through group policy on stand alone computers at home and for friends and relatives.
You can set the delay after booting to whatever you want. When this option is turned on, the default is 5 minutes, but that can create a new problem. It seems that the Automatic Update service checks to see if someone is logged in when it starts patching, not when it is finished. So if someone logs in after patching has started, the computer may reboot on them without warning. If the delay is longer, say an hour, computers that are only turned on for short periods may never get patched.