Slashdot Mirror

← Back to Stories (view on slashdot.org)

EasyDoc Malware Adds Tor Backdoor To Macs For Botnet Control (theregister.co.uk)

Posted by msmash on from the security-woes dept.

An anonymous reader writes: Security firm Bitdefender has issued an alert about a malicious app that hands over control of Macs to criminals via Tor. The software, called EasyDoc Converter.app, is supposed to be a file converter but doesn't do its advertised functions. Instead it drops complex malware onto the system that subverts the security of the system, allowing it to be used as part of a botnet or to spy on the owner. "This type of malware is particularly dangerous as it's hard to detect and offers the attacker full control of the compromised system," said Tiberius Axinte, Technical Leader, Bitdefender Antimalware Lab. "For instance, someone can lock you out of your laptop, threaten to blackmail you to restore your private files or transform your laptop into a botnet to attack other devices. The possibilities are endless." The malware, dubbed Backdoor.MAC.Eleanor, sets up a hidden Tor service and PHP-capable web server on the infected computer, generating a .onion domain that the attacker can use to connect to the Mac and control it. Once installed, the malware grants full access to the file system and can run scripts given to it by its masters.A report on AppleInsider says that malware can also control the FaceTime camera on a victim's computer. But thankfully, Apple's Gatekeeper security prevents the unsigned app from being installed.

68 comments

  1. Gatekeeper by tripleevenfall · · Score: 5, Insightful

    Nice to see the security features of an *nix based OS working here. Gatekeeper will prevent most from installing it, and for those who disable security features, you ought to know what you are doing anyway.

    And - unwritten in TFA is the fact that there will probably be a fix for this post haste.

    1. Re:Gatekeeper by Anonymous Coward · · Score: -1, Offtopic

      Its more like "Nice to see Apple defaulting to only allowing developers who pay them rent to be able to install applications" This has nothing to do with UNIX. (Which had a terrible security model to begin with considering security was not even remotely a factor in the design. Linux ppl have had to constantly work to bypass that shitty design.)

      But it helps Apple that useful idiots like you who have absolutely zero knowledge about kernel design and won't ever have it, continue to suck dick for them.

    2. Re:Gatekeeper by Anonymous Coward · · Score: 0

      And - unwritten in TFA is the fact that there will probably be a fix for this post haste.

      Nothing to really fix, the user runs the app and gives it root privileges. That's not really a security flaw.

    3. Re:Gatekeeper by guruevi · · Score: 2

      Security has always been a factor in Unix, the freaking thing came out of an era where everybody shared the same resource (the CPU), was connected through terminals and networks and shouldn't be able to see into each other's business. Windows is the only OS still existent that was only geared towards the workstation or the single computer and thus didn't require permission levels, not even locally.

      --
      Custom electronics and digital signage for your business: www.evcircuits.com
    4. Re:Gatekeeper by tripleevenfall · · Score: 3, Informative

      Its more like "Nice to see Apple defaulting to only allowing developers who pay them rent to be able to install applications"

      You can install any developer's things onto an OSX machine. You just have to uncheck a checkbox to do it.

    5. Re:Gatekeeper by tlhIngan · · Score: 1

      Its more like "Nice to see Apple defaulting to only allowing developers who pay them rent to be able to install applications"

      Well, the default can be overridden on a per-app basis by holding down a key and double-clicking. It will let you force-run the app.

      The option to allow unsigned apps to run freely is going away in Sierra apparently - the only way to run unsigned apps is to Ctrl-double-click each app you want to run to add an exception for that app.

      And it's less rent, and more developer accountability - Apple has revoked several signing certificates already because they were used to sign malware (the apps then act unsigned, not that the apps are permanently blocked from running).

      I believe the main reason the option went away is developers not only set it fully open, but then they themselves got infected with malware because of it, and that's who their signing certificates got stolen - malware authors realize that the least secure machines are developer machines, and those machines are the ones with access to valuable Apple signing certificates.

    6. Re:Gatekeeper by Anonymous Coward · · Score: 0

      Bingo - really, it's exactly the same on Windows. The problem Windows has is that application installation often requires administrator rights no matter what, (to write to c:\program files); so users get desensitised to the UAC prompts.

      If MS had self-contained applications instead (which they're doing with the app store/marketplace) so applications were installed in c:\users\username\applications or something, and this was the norm, we'd see a lot less applications demanding administrator access. But they set the 'inertia' to using c:\program files back in Windows 2000 days and everyone's followed.

      When almost all apps demand admin rights to install, you tend to click yes even if it really technically didn't need those rights and could have installed per-user.

    7. Re:Gatekeeper by Anonymous Coward · · Score: 0

      Speaking of "useful idiots", how much does microsoft pay you to suck their dick? If these certificates were free, as soon as Apple revoked a compromised / malicious one, the author would just create a new one and distribute his payload using that new, free signature and the entire system is bypassed. It's almost like Apple might actually know what they are doing, and you're a uselessly incompetent troll. But sure, keep posting your FUD bullshit. There's a lot of it on Slashdot, and it's become very, very easy to see through these days.

    8. Re:Gatekeeper by macs4all · · Score: 1

      Nice to see the security features of an *nix based OS working here. Gatekeeper will prevent most from installing it, and for those who disable security features, you ought to know what you are doing anyway.

      And - unwritten in TFA is the fact that there will probably be a fix for this post haste.

      It's also nice that in more recent version of OS X/macOS, Gatekeeper only lets you be completely unprotected for a certain time period, and then reverts back to the middle-level of security. So you can only be stupid for awhile...

    9. Re:Gatekeeper by macs4all · · Score: 1

      Its more like "Nice to see Apple defaulting to only allowing developers who pay them rent to be able to install applications" This has nothing to do with UNIX. (Which had a terrible security model to begin with considering security was not even remotely a factor in the design. Linux ppl have had to constantly work to bypass that shitty design.)

      But it helps Apple that useful idiots like you who have absolutely zero knowledge about kernel design and won't ever have it, continue to suck dick for them.

      You don't have to pay Apple "rent" for any such thing, hater.

      Apple now will hand out for FREE a Developer Cert. to anyone who Registers. No "rent" required.

    10. Re:Gatekeeper by Anonymous Coward · · Score: 0

      Yeah, Apple sure knows what they're doing. They're asking you to bend over and lube up. And you love it..

    11. Re:Gatekeeper by Anonymous Coward · · Score: 0

      You are a know-nothing idiot. Like seriously, you look at the buxted UNIX UGO/RWX model and think its security? The way suid checks were hard coded in the kernel? Security? The reason Linux has had to _constantly_ patch the fucked up UNIX design. Security? haha.. wow. You are fucking stupid bruhhhh. But you are a useful-idiot who keeps parroting nonsense. Things which you have _NO IDEA_ about and never will. You have never even attempted to design an operating system and know absolutely nothing on the topic.

      "The first fact to face is that UNIX was not developed with security, in any realistic sense, in mind;
      this fact alone guarantees a vast number of holes."

      - Dennis M. Richie. (On the Security of UNIX)

      But yeah, I'm sure you know better shitstain.

  2. Been there, haven't done that by rickb928 · · Score: 1

    I get this download offered a lot when I'm on dodgy file sites. I never trust these anyways, and a moment's research on Google brings up lots of complaints.

    But I'm there, on this dodgy site, and I expect they will try to fling poo at my machine. So I have always avoided it.

    And having a Windows machine, everything wants to infect it, even Windows Update.

    --
    deleting the extra space after periods so i can stay relevant, yeah.
    1. Re:Been there, haven't done that by DamonHD · · Score: 2

      The ads smelt so badly of deception that I just blocked them all (and there were a lot of variants) in my AdSense account to protect my visitors and my sites' reputation.

      And I'll keep doing it to any ad that offers clearly deceptive generic 'download now' ads/buttons that are intended to confuse visitors into thinking that they are downloading from the host site.

      Rgds

      Damon

      --
      http://m.earth.org.uk/
    2. Re:Been there, haven't done that by techno-vampire · · Score: 2

      What's really funny is running across one of those fake virus scan malwares when you're running Linux and watching it claim to find all sorts of virus infections in folders that not only don't exist on your machine, they can't because the paths are malformed for Linux. And, even if they try to download and execute their payload it doesn't work because the files aren't marked executable by default. Linux isn't perfect, by any means, but at least it's immune to that kind of attack.

      --
      Good, inexpensive web hosting
    3. Re:Been there, haven't done that by Anonymous Coward · · Score: 0

      The attack where the user will follow instructions to get the free pirated software? The vast majority of Windows infections are from the people who blindly follow Readme files inside of this kind of thing.

      You bet your ass the person will untick any setting they're told to. Saying "oh, but this will stop it" will do nothing. Windows specifically warns you that you could install malicious software when you try to run unsigned software, and people just keep going because it told them to.

      Holy cow, you guys are such fanboys... you don't even realize what this software is trying to do.

    4. Re:Been there, haven't done that by techno-vampire · · Score: 1

      Holy cow, you guys are such fanboys... you don't even realize what this software is trying to do.

      Yup! It's trying to use social engineering to get around the system's built-in protections. As of now, Linux still has better protections (Even if you let a malware program run it can't get at your system files unless you're stupid enough to run as root) but I'll gladly admit that Windows is much better now than it was ten years ago, even without the third-party protections that Linux doesn't need. And, I'm sure that there are attack vectors against Linux, even holes in things like SELinux or AppArmor. I was just pointing out that this particular way of infecting a machine is nothing more than a moment's entertainment on Linux.

      --
      Good, inexpensive web hosting
    5. Re:Been there, haven't done that by Anonymous Coward · · Score: 0

      > As of now, Linux still has better protections

      The illusion of security provided by web browsers, and by SELinux, are doing their best to eliminate this protection. "I'm safe, I have this seatbelt in place to keep me from sticking an icepick in my left eye!!!"

  3. Hosts also "stop the drop" of botnet malware by Anonymous Coward · · Score: -1

    APK Hosts File Engine 9.0++ SR-4 32/64-bit http://www.bing.com/search?q=%...

    Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus (slows you) + less security issues/complexity. Compliments firewalls (w/ layered drivers blocking less used IP addys vs. hosts blocking more used domains) & DNS (lightens dns load). Gets data via 10 security sites.

    Ads rob bandwidth/speed, security (malvertising), privacy (tracking) + anonymity.

    Hosts add speed (hardcodes/adblocks), security (bad sites/poisoned dns), reliability (dns down), & anonymity (dns requestlogs/trackers) natively. Hosts != ClarityRay blockable (vs. souled-out to admen inferior wasteful redundant slow usermode addons)

    Works vs. caps & HTTP PUSH ads w/ firewalls.

    Avg. webpage = big as Doom http://www.theregister.co.uk/2... & ads = 40% of the size.

    APK

    P.S. - Safe https://www.virustotal.com/en/... (Verified by Malwarebytes' S. Burn "I've seen the code & it's safe" http://forum.hosts-file.net/vi... )

    1. Re:Hosts also "stop the drop" of botnet malware by Anonymous Coward · · Score: 2, Interesting

      Hello APK. didn't you want to leave this site after you've had a quarrel with whipslash?In fact you claimed to have made your "last post ever" on this site!

    2. Re:Hosts also "stop the drop" of botnet malware by Anonymous Coward · · Score: 1

      "souled-out to admen"

      Total fail. My 11-year old wouldn't make this ridiculous spelling error.

    3. Re:Hosts also "stop the drop" of botnet malware by Anonymous Coward · · Score: 0

      whiplash has no clue how the site works, I doubt he has ever reviewed slashcode. He is completely unaware that users are able to ban other users, which is why most of us never register and post AC so that we cannot be banned by other users who disagree with what we say.

      Disclaimer: I am not APK.

    4. Re:Hosts also "stop the drop" of botnet malware by Anonymous Coward · · Score: 0

      Err - isn't this story about OS X malware? You are advertising something even more irrelevant than usual!

    5. Re:Hosts also "stop the drop" of botnet malware by Anonymous Coward · · Score: 0

      Fuck off, had enough of your spamming.

    6. Re:Hosts also "stop the drop" of botnet malware by Coren22 · · Score: 1

      Users banning other users? What crack are you on?

      I can set someone as foe and make all foes show as -6 moderation, but that only shows for me, not everyone else. You can also be down-modded for trolling or posting off topic and get bad karma which makes it harder to make good posts, but that isn't banning either.

      You don't have an account for the same reason APK refuses to use his account; you don't want to be held accountable for what you post.

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
    7. Re:Hosts also "stop the drop" of botnet malware by Coren22 · · Score: 1

      Well, TBH, Macs have hosts files too, and they are just as useless for what APK wants everyone to do.

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
    8. Re:Hosts also "stop the drop" of botnet malware by Anonymous Coward · · Score: 0

      APK's on topic offering a potential solution. You're off topic not offering one. Get on topic please.

  4. Appald Trump will fix this! by Anonymous Coward · · Score: 0

    This is LUDDITE software disguised as an app! Vote for Appald Trump, and he will deport these LUDDITES to LUDDITE Mexico and MAKE APPS APPY AGAIN!

    Apps!

    1. Re:Appald Trump will fix this! by Anonymous Coward · · Score: 0

      OK, you've convinced me to vote for Trump. Happy now?

    2. Re:Appald Trump will fix this! by Anonymous Coward · · Score: 0

      Only LUDDITES will vote for Appald Trump in the LUDDITE election

  5. Play Stupid Games, Win Stupid Prizes by Penguinisto · · Score: 1

    "Go ahead - download that iffy software from some random pr0n site advert so you can see your b00bie pictures better... it'll be fine..."

    --
    Quo usque tandem abutere, Nimbus, patientia nostra?
  6. Hosts also "stop the drop" of botnet malware by Anonymous Coward · · Score: -1

    APK Hosts File Engine 9.0++ SR-4 32/64-bit http://www.bing.com/search?q=%...

    Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus (slows you) + less security issues/complexity. Compliments firewalls (w/ layered drivers blocking less used IP addys vs. hosts blocking more used domains) & DNS (lightens dns load). Gets data via 10 security sites.

    Ads rob bandwidth/speed, security (malvertising), privacy (tracking) + anonymity.

    Hosts add speed (hardcodes/adblocks), security (bad sites/poisoned dns), reliability (dns down), & anonymity (dns requestlogs/trackers) natively. Hosts != ClarityRay blockable (vs. souled-out to admen inferior wasteful redundant slow usermode addons)

    Works vs. caps & HTTP PUSH ads w/ firewalls.

    Avg. webpage = big as Doom http://www.theregister.co.uk/2... & ads = 40% of the size.

    APK

    P.S. - Safe https://www.virustotal.com/en/... (Verified by Malwarebytes' S. Burn "I've seen the code & it's safe" http://forum.hosts-file.net/vi... )

  7. Whipslash argues w/ himself (not I)... apk by Anonymous Coward · · Score: -1

    "APK's days are numbered" - by whipslash ( 4433507 ) on Tuesday February 09, 2016 @10:37PM (#51475843 FROM https://slashdot.org/comments.pl?sid=8727633&cid=51475843

    See that quote of his he can't make good on & all he had to do was ASK NICELY/politely & I'd be gone, but no - he shot his mouth off instead & now has to "EAT HIS WORDS" for it... lol!

    * :)

    I wonder how MANY more months he "graciously allows me" (lol, not) when all I do is post about a totally FREE program (not commercialware as he also made a HUGE mistake on also regarding it) ON TOPIC where it applies to help vs. many threats online?

    (So much for LITTLE wannabe tin-plated god forums dictators & their big mouths...)

    APK

    P.S.=> It's not my fault he overestimated his LIMITED skills & abilities - & IF he had some manners? I'd have listened but instead he opened his big mouth only to humiliate himself... apk

  8. Hosts "stop the drop" of botnet malware by Anonymous Coward · · Score: -1

    APK Hosts File Engine 9.0++ SR-4 32/64-bit http://www.bing.com/search?q=%...

    Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus (slows you) + less security issues/complexity. Compliments firewalls (w/ layered drivers blocking less used IP addys vs. hosts blocking more used domains) & DNS (lightens dns load). Gets data via 10 security sites.

    Ads rob bandwidth/speed, security (malvertising), privacy (tracking) + anonymity.

    Hosts add speed (hardcodes/adblocks), security (bad sites/poisoned dns), reliability (dns down), & anonymity (dns requestlogs/trackers) natively. Hosts != ClarityRay blockable (vs. souled-out to admen inferior wasteful redundant slow usermode addons)

    Works vs. caps & HTTP PUSH ads w/ firewalls.

    Avg. webpage = big as Doom http://www.theregister.co.uk/2... & ads = 40% of the size.

    APK

    P.S. - Safe https://www.virustotal.com/en/... (Verified by Malwarebytes' S. Burn "I've seen the code & it's safe" http://forum.hosts-file.net/vi... )

    1. Re:Hosts "stop the drop" of botnet malware by Coren22 · · Score: 1

      Because posting your garbage three times will make people see the light of day?

      Grow up APK, your software and solution totally suck, and don't protect half as well as a proper solution of DNS or Ad blocking software.

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
    2. Re:Hosts "stop the drop" of botnet malware by Coren22 · · Score: 1

      Four times now? No wonder Whipslash wants to get rid of you, I guess it is the same as everyone else. Spam is annoying when it comes in through email, where it is simple to just delete, but on Slashdot, you just piss off the audience, you don't even get through to the people you are targeting.

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
    3. Re:Hosts "stop the drop" of botnet malware by Anonymous Coward · · Score: 0

      Coren22 you want apk gone since he made you out a fool publicly for your mistakes https://apple.slashdot.org/com...

      Whipslash is a webmaster who fears apk's hosts program blocking monies he makes on Google ads.

      It's obvious!

      Plenty of people like apk and his work. I've seen quotes of them stating it https://apple.slashdot.org/com... and it's also obvious you like making yourself out a butthurt fool who's sore he can't do things like apk has in computing after he also made you out a complete imbecile in the first link above too. Give up already! Do you like looking stupid?

    4. Re:Hosts "stop the drop" of botnet malware by Anonymous Coward · · Score: 0

      Coren22 haven't you had enough of apk making you look stupid 3 times from 7 security pros https://apple.slashdot.org/com... , slashdot users https://apple.slashdot.org/com... and your rather stupid mistakes against apk too https://apple.slashdot.org/com... ? It's one thing to be jealous that apk actually creates things that are useful and good but it's another to be a frustrated loon like you're turning into.

    5. Re:Hosts "stop the drop" of botnet malware by Coren22 · · Score: 1

      Except, APK, you have in no way made a fool of me. You have instead repeatedly displayed your unfathomable ignorance of technology, and human interaction.

      Whipslash is the face of Slashdot, he doesn't fear your hosts file software in any way, he fears losing users because you drive them off with your spam, which is far worse than any ad they run on this site. The ads on this site are quite tasteful, and targeted well at the audience. If you don't like them, block them. They used to have a "turn off advertising" checkbox for people who contribute well to Slashdot's discussions, however that stopped working properly under Dice as far as I have heard. Whipslash I believe said he wanted to fix that checkbox, but I could be misremembering that conversation.

      You however, there is no way to block. You spam the hell out of so many discussions because you think you are helping things. You also for some reason believe you are being persecuted against, even though the down modding is because you are spewing garbage, not because people dislike you.

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  9. It's intentionally spelled thus by Anonymous Coward · · Score: -1

    See subject: Why? Clearly you lack the sensitivity & creativity to understand adblock lost their SOUL selling out not doing the 1 job they had by default!

    APK

    P.S.=> Doesn't surprise me 1 bit though - why? Not that many here ARE creative (like myself creating the single BEST overall solution for function + efficiency for more speed, security, reliability & anonymity online by using what you already NATIVELY have in kernelmode vs. usermode redundant SLOW methods that don't do as much yet use 100x more too, lol, by illogically "Bolting on 'MoAr'" stupidly)... apk

  10. Mohammed is the life of the party! by Anonymous Coward · · Score: -1

    Mohammed: Did you see Mohammed at the meeting today?
    Mohammed: No, but his brother Mohammed showed up.
    Mohammed: What did Mohammed talk about?
    Mohammed: Mohammed introduced us to Mohammed who is also a mason!
    Mohammed: A mason? No shit? How long has he been one?
    Mohammed: About five years. He was referred to the local lodge by Mohammed.
    Mohammed: Ah, yes, Mohammed. He has a shit ton of connections around town!
    Mohammed: Yes, and our brothers, police be upon them, Mohammed and Mohammed from Egypt came, too.
    Mohammed: I've been thinking of becoming a clown.
    Mohammed: A clown, Mohammed, why?
    Mohammed: So I can film myself being gay.
    Mohammed: Oh, you.
    Mohammed: So anyway, is Mohammed, Mohammed, and Mohammed coming to the next party?
    Mohammed: Indeed. Mohammed was so funny last time.
    Mohammed: Well it wouldn't be a party without Mohammed.
    Mohammed: Yes, my friend. POLICE BE UPON THEM!

  11. Gatesleeper by Anonymous Coward · · Score: 0

    Yeah, gatekeeper prevents it from being installed... Unless the user right-clicks and clicks open in the menu there... Then it's game-on.

    1. Re:Gatesleeper by macs4all · · Score: 1

      Yeah, gatekeeper prevents it from being installed... Unless the user right-clicks and clicks open in the menu there... Then it's game-on.

      And if that wan't allowed, the entire innertubes would be ablaze about how the Mac is not allowing software from anywhere but the App Store.

      So tell me, how EXACTLY does Apple "win" here?

    2. Re:Gatesleeper by Anonymous Coward · · Score: 0

      Gatekeeper is not a replacement for a brain.

  12. Fag by Anonymous Coward · · Score: -1

    See subject

  13. But Macs don't get PC viruses! by Anonymous Coward · · Score: 0

    I must be perfectly safe from it, then.

  14. Data outflow flickering light flickering. by pigsycyberbully · · Score: 0

    The data flow light on their router would be constantly flicking meaning dater is leaving their computer and coming in. How could this not be noticed and stopped easily.

    Let's take the simplest of home computer users accessing the Internet, and let's suppose that their data flow light flickers all the time regardless
    like some cable Internet users lights do ( those having their data flow monitored ).

    Surely people put a second Router in line that only flickers when dater is leaving and coming into their computer.
    Data cannot leave your computer without you noticing your data outflow flickering light flickering.

    I don't believe this story I know lots of people are very stupid on computers but you only have to glance at your data flow light.

    1. Re:Data outflow flickering light flickering. by Anonymous Coward · · Score: 0

      Yeah, nobody ever leaves their browser open with Twitter, Facebook, or whatever running....

      Nobody ever visits websites with persistent ad loading.

      Nobody ever has a tab with an online game running.

      And I don't know about you, but when I'm not using my computer, of course I'm going to take time to look at my router, and everyone else will do this because they're just as tech-geeky as I am....

      Oh, welcome to 2016 from the land of 1985 modems!

  15. Hosts "stop the drop" of botnet malware by Anonymous Coward · · Score: 0

    APK Hosts File Engine 9.0++ SR-4 32/64-bit http://www.bing.com/search?q=%...

    Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus (slows you) + less security issues/complexity. Compliments firewalls (w/ layered drivers blocking less used IP addys vs. hosts blocking more used domains) & DNS (lightens dns load). Gets data via 10 security sites.

    Ads rob bandwidth/speed, security (malvertising), privacy (tracking) + anonymity.

    Hosts add speed (hardcodes/adblocks), security (bad sites/poisoned dns), reliability (dns down), & anonymity (dns requestlogs/trackers) natively. Hosts != ClarityRay blockable (vs. souled-out to admen inferior wasteful redundant slow usermode addons)

    Works vs. caps & HTTP PUSH ads w/ firewalls.

    Avg. webpage = big as Doom http://www.theregister.co.uk/2... & ads = 40% of the size.

    APK

    P.S. - Safe https://www.virustotal.com/en/... (Verified by Malwarebytes' S. Burn "I've seen the code & it's safe" http://forum.hosts-file.net/vi... )

  16. Coren22 = accountable for his blunders by Anonymous Coward · · Score: 0

    Don't speak for me. I see no benefits in accts & want no tracking by cookie/script chains SLOWNESS you force on yourself!

    APK

    P.S.=> See subject & this (no denying it):

    won't demonstrate security of his product by exposing the source - by Coren22 (1625475)

    57 antiviruses show different https://www.virustotal.com/en/...

    MalwareBytes' employee hosts & recommends it -> http://hosts-file.net/?s=Downl...

    secretary at MalwareBytes took a look at his source code and said it looked all good - by Coren22

    My code's verified by Mr. S. Burn of Malwarebytes

    "I've seen the code and yes it is safe." FROM http://forum.hosts-file.net/vi...

    NO secretary!

    I don't give it away to be misused like GOOGLE CHROME http://it.slashdot.org/story/1... ... apk

  17. Coren22, as usual, "EAT YOUR WORDS" by Anonymous Coward · · Score: 0

    his hosts program is actually pretty good by xenotransplant

    his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources by alexgieg

    I've never tried to belittle (APK's) work, I've flat out said it's good by BronsCon

    I like your host file system by Karmashock

    I find your hosts file admirable by vel-ex-tech

    take a look at the APK hosts file engine by SuperKendall

    APK is kinda right. I've given up on JS based adblocking and gone to blackholing in /etc/hosts, just like it was back in the 90s. The computational load has gotten intolerable for any ad-blocking using JS. I've tried his hosts file generating software. It works by bmo

    APK is totally right on this count. Adblock Plus on Firefox mobile is a dog on older, or lower end, phones. A hostfile based adblocker makes for a much better experience by chihowa

    APK

    P.S.=> Want more? Ask & "ye SHALL receive" by the dozens - see subject, lol... apk

    1. Re:Coren22, as usual, "EAT YOUR WORDS" by Coren22 · · Score: 1

      How exactly does that in any way refute what I said?

      No one wants to be advertised to, you try to make a living from blocking people advertising to others...by advertising. You are pissing off people who don't want to see advertising, to try to get them to pay money for your product that blocks advertising. How about a product that will block your advertising, I'd pay for that!

      You are not winning people over to your side by spamming Slashdot, you just piss people off, and make them remark on your possible mental illness.

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
    2. Re:Coren22, as usual, "EAT YOUR WORDS" by Anonymous Coward · · Score: 0

      APK's on topic. You're not. Quit trolling and grow up please.

    3. Re:Coren22, as usual, "EAT YOUR WORDS" by Coren22 · · Score: 1

      So, APK (you...), advertising a software product for Windows hosts file manipulation, in response to a piece of malware that your hosts file wouldn't be able to stop, that is only for MacOS. Yeah, totally on topic, congratulations on your off topic masterpiece!
       

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
    4. Re:Coren22, as usual, "EAT YOUR WORDS" by Anonymous Coward · · Score: 0

      Get on topic. Apk's on topic offering a free solution. You don't. Output from his program works as hosts work on bsd based ip stacks. Based on your off topic ravings directed apk's way it seems you can't stand he's clearly better than you are and you know it unable to stand it on your end. If you're as good as he is then build a native MacOS solution like he has or is that beyond your limited abilities? Obviously it is. All you do is blather on forums from what I see. You create nothing. That makes you utterly useless.

    5. Re:Coren22, as usual, "EAT YOUR WORDS" by Coren22 · · Score: 1

      Get on topic, APK, you are so far off topic it isn't even funny. Keep railing away at me, I have all day.

      So, since output of your software will work on a Mac, how does a Mac owner use your software? Running your software just to get a hosts file which will slowdown the computer's network access by a considerable amount...again, the worst solution ever, that won't block anything about this malware.

      APK, trying to claim I am offtopic when I am responding directly to what you posted makes you looks like a pot. I am only a black kettle if you are a black pot. As you seem to think a WINDOWS only solution, that generates a hosts file that WOULDN'T stop this malware, is on topic, why are you telling me to stay on topic (which I am entirely)?

      Oh, and as far as native MacOS, use Safari to download the hosts files from the internet, use cat [files] | sort | unique > hosts. Wow, that is a HARD solution. I guess that makes me the Ultimate Programmer and Security expert just like you APK!

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
    6. Re:Coren22, as usual, "EAT YOUR WORDS" by Anonymous Coward · · Score: 0

      Hosts are faster than adblock you mentioned. Apk's shown us that from superuser.com tests many times in his posts. His program also directs you to avoid slowdowns using hosts in Windows while saving cpu cycles, ram, and other io. Hosts work on Macs. What is it about all of this you don't get Coren22? He's also written the software that does more than just what your script kiddie crap does. You haven't and you obviously can't. Get a job Coren22. Get a job. You obviously don't have one sitting around on Slashdot trolling others off topic as you have here in most of your posts on this page.

    7. Re:Coren22, as usual, "EAT YOUR WORDS" by Coren22 · · Score: 1

      Wow, it looks like I touched a nerve, does diddums need to have a cry?

      I'm sorry that you are such an incompetent programmer that I can write out what your program does in 10 seconds. It must burn you up that you can't actually program worth a damn, so have to hide your source code.

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
    8. Re:Coren22, as usual, "EAT YOUR WORDS" by Anonymous Coward · · Score: 0

      So what job in computing is it you allegedly have Coren22. Come on now, citation (as you're so fond of saying to others you troll): Prove it. Nothing to say now suddenly on that note? No citation or proof??

    9. Re:Coren22, as usual, "EAT YOUR WORDS" by Anonymous Coward · · Score: 0

      Coren22 no that's not your own work in code. It's using others' programs in non-gui junk nobody wants that only does part of what apk's work does. So if you can write up a gui standalone executable, not a script kiddie use of others' programs which only does part of what apk's work does, to do the same then why don't you do a better one? Clearly you can't. Limitations of being a script kiddie on your end and you only describe a small part of what apk's program does too.

    10. Re:Coren22, as usual, "EAT YOUR WORDS" by Coren22 · · Score: 1

      I wrote it, therefore it is my code.

      See, the thing is, I have never claimed to be an epic programmer, yet you have, without proving yourself even once.

      You know you fail when trying to prove yourself as an expert, because you aren't. You are a wanna-be with no credentials trying to act all big and tough and demand other's credentials without ever giving your own.

      I have written something in 10 seconds that does everything your crapware does. I have proven my ability, but you still haven't proven yourself anything more than a blowhard.

      Have fun in your incompetence, I am not giving you my credentials until you provide your own.

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
    11. Re:Coren22, as usual, "EAT YOUR WORDS" by Anonymous Coward · · Score: 0

      Scripting *NIX tools isn't writing the code for their internal workings. Apk's work actually is HIS code doing the work and it does a lot more than what you claim which is only a tiny part of his hosts program. Repeat so facts get to you: You didn't write code at all. You scripted others tools. There's a difference.I can say I wrote Oracle's DB engine too you know when I use SQL on them I suppose from your twisted way of thinking!

  18. Coren22 7 Real Security/Web Pros disagree by Anonymous Coward · · Score: 0

    Aryeh Goretsky NOD32/ESET hosts = good security http://it.slashdot.org/comment...
    Steven Burn of Malwarebytes does (hosting & recommending my ware no less - something YOU can never ever manage, lol).
    Oliver Day (SYMANTEC/SECURITYFOCUS) http://www.securityfocus.com/c...
    Brocke Wilders of WILDERS' SECURITY does http://www.wilderssecurity.com...
    Steve Gibson https://www.grc.com/sn/sn-045....
    OReilly for security http://oreilly.com/pub/a/windo...
    OReilly for speed http://www.oreillynet.com/pub/...

    APK

    P.S.=> "EAT YOUR WORDS" (again) just like here today too https://apple.slashdot.org/com... hmmm?... apk

  19. Coren22 makes a fool of himself again by Anonymous Coward · · Score: 0

    "Macs have hosts files too & they are just as useless for what APK wants" - by Coren22 ( 1625475 ) on Friday July 08, 2016 @03:40PM (#52473587)

    7 security & web pros disagree w/ your offtopic bullshit:

    Aryeh Goretsky NOD32/ESET hosts = good security http://it.slashdot.org/comment...
    Steven Burn of Malwarebytes does (hosting & recommending my ware no less - something YOU can never ever manage, lol).
    Oliver Day (SYMANTEC/SECURITYFOCUS) http://www.securityfocus.com/c...
    Brocke Wilders of WILDERS' SECURITY does http://www.wilderssecurity.com...
    Steve Gibson https://www.grc.com/sn/sn-045....
    OReilly for security http://oreilly.com/pub/a/windo...
    OReilly for speed http://www.oreillynet.com/pub/...

    APK

    P.S.=> "EAT YOUR WORDS" (again) just like here too https://apple.slashdot.org/com... ... apk

  20. Coren22, same way this refutes you by Anonymous Coward · · Score: 0

    "Macs have hosts files too & they are just as useless for what APK wants" - by Coren22 ( 1625475 ) on Friday July 08, 2016 @03:40PM (#52473587)

    Coren22 7 security & web pros disagree w/ your offtopic bs (just as our /. peers did per my last post):

    Aryeh Goretsky NOD32/ESET hosts = good security http://it.slashdot.org/comment...
    Steven Burn of Malwarebytes does (hosting & recommending my ware no less - something YOU can never ever manage, lol).
    Oliver Day (SYMANTEC/SECURITYFOCUS) http://www.securityfocus.com/c...
    Brocke Wilders of WILDERS' SECURITY does http://www.wilderssecurity.com...
    Steve Gibson https://www.grc.com/sn/sn-045....
    OReilly for security http://oreilly.com/pub/a/windo...
    OReilly for speed http://www.oreillynet.com/pub/...

    APK

    P.S.=> "EAT YOUR WORDS" (again) just like here vs. your offtopic ASSBURGER mental defective brain bs here too https://apple.slashdot.org/com... ... apk

    1. Re:Coren22, same way this refutes you by Coren22 · · Score: 1

      Again, you haven't refuted anything I said, just provided more evidence of your lack of reading abilities.

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  21. Coren22 refutes himself (lol) by Anonymous Coward · · Score: 0

    "Macs have hosts files too & they are just as useless for what APK wants" - by Coren22 ( 1625475 ) on Friday July 08, 2016 @03:40PM (#52473587)

    Coren22 7 security & web pros disagree w/ your offtopic bs (just as our /. peers did too in the link in my ps below too):

    Aryeh Goretsky NOD32/ESET hosts = good security http://it.slashdot.org/comment...
    Steven Burn of Malwarebytes does (hosting & recommending my ware no less - something YOU can never ever manage, lol).
    Oliver Day (SYMANTEC/SECURITYFOCUS) http://www.securityfocus.com/c...
    Brocke Wilders of WILDERS' SECURITY does http://www.wilderssecurity.com...
    Steve Gibson https://www.grc.com/sn/sn-045....
    OReilly for security http://oreilly.com/pub/a/windo...
    OReilly for speed http://www.oreillynet.com/pub/...

    APK

    P.S.=> "EAT YOUR WORDS" (again) just like here vs. your offtopic ASSBURGER mental defective brain bs here too WHERE OUR /. PEERS AGREE w/ ME, not you Coren22, lol-> https://apple.slashdot.org/com... ... apk

  22. Coren22, talk credentials after this by Anonymous Coward · · Score: 0

    Windows NT Magazine (now Windows IT Pro) April 1997 "BACK OFFICE PERFORMANCE" issue, page 61

    (&, for work done for EEC Systems/SuperSpeed.com on PAID CONTRACT (writing portions of their SuperCache program increasing its performance by up to 40% via my work) albeit, for their SuperDisk & HOW TO APPLY IT, took them to a finalist position @ MS Tech Ed, two years in a row 2000-2002, in its HARDEST CATEGORY: SQLServer Performance Enhancement).

    WINDOWS MAGAZINE, 1997, "Top Freeware & Shareware of the Year" issue page 210, #1/first entry in fact (my work is there)

    PC-WELT FEB 1998 - page 84, again, my work is featured there

    WINDOWS MAGAZINE, WINTER 1998 - page 92, insert section, MUST HAVE WARES, my work is again, there

    PC-WELT FEB 1999 - page 83, again, my work is featured there

    CHIP Magazine 7/99 - page 100, my work is there

    GERMAN PC BOOK, Data Becker publisher "PC Aufrusten und Repairen" 2000, where my work is contained in it

    HOT SHAREWARE Numero 46 issue, pg. 54 (PC ware mag from Spain), 2001 my work is there, first one featured, yet again!

    Being paid for an article that made me money over @ PCPitstop in 2008 http://pcpitstop.com/news/winn... for writing up a guide that has people showing NO VIRUSES/SPYWARES & other screwups, via following its point, such as THRONKA sees here -> http://www.xtremepccentral.com...

    It's also been myself helping out the folks at the UltraDefrag64 project (a 64-bit defragger for Windows), in showing them code for how to do Process Priority Control @ the GUI usermode/ring 3/rpl 3 level in their program (good one too), & being credited for it by their lead dev & his team... see here -> http://ultradefrag.sourceforge... or here http://sourceforge.net/tracker...

    Which ended up fixing a "bug" for them later, here -> http://sourceforge.net/p/ultra... via its implementation (only partial - if they want low priority background defrags, it's part of the trick to getting it too, not just high priority ops...)

    Also, a British PC Mag in 2002 for many utilities I wrote, saw it @ BORDERS BOOKS but didn't buy it... by that point, I had moved onto other areas in this field besides coding only.

    APK

    P.S.=> Programs like my APK Hosts File Engine does the rest (hosted AND RECOMMENDED by the best antimalware's people no less)

    Along w/ a professional trackrecord & resume from 1994 in computing - & THAT is only a TINY FRACTION of what I could put out above as to "credentials" - which is MORE THAN YOU EVER WILL (& we haven't seen any actual code from you THAT YOU WROTE COMPLETELY YOURSELF either LET ALONE WHAT YOU ARE ASKED FOR (proof you work in computing) FIRST which you EVADE TO NO END, lol)... apk