Another Apple myth goes down in flames - GoFuckYourself.com

$5 submissions · 04-03-2012, 03:34 PM

New wave of trojans target Mac computers http://gizmodo.com/5897693/ms-office...yware-exploits

It goes with the territory though. Apple's ecosystem is huge and this hasn't been lost on botnet operators

Young · 04-03-2012, 04:28 PM

This is like saying "doors don't work at keeping burglars out, i left my door opened the other day and they walked right in"

This particular Trojan (as all Trojans do) require's ignorance or stupidity on the part of the user. They have to actively download and launch the file. Ignoring the warning that you are about to launch a program that was downloaded off of the web. Ignoring the fact that the Word file you are about to download is more than likely useless to you.

Not to mention the user has to have Microsoft Word installed in order for the Trojan to do it's damage. It takes advantage of bugs in the program. Fucking Microsoft.

So in reality...if you have a 3rd party App installed and are stupid enough to download and open a Word file that you don't need - you deserve a virus.

The only argument that can be made here is that the myth that Mac's can not be exploited might lead to reckless downloading and execution of Trojans.

When self installing (no user action required) Malware runs rampant in Macs (I'm not referring to hacking contests) due to bugs in Safari (ala Windows and practically every version of IE). Then let the hysterics begin.

anexsia · 04-03-2012, 05:39 PM

Quote:

Originally Posted by Young

This is like saying "doors don't work at keeping burglars out, i left my door opened the other day and they walked right in"

This particular Trojan (as all Trojans do) require's ignorance or stupidity on the part of the user. They have to actively download and launch the file. Ignoring the warning that you are about to launch a program that was downloaded off of the web. Ignoring the fact that the Word file you are about to download is more than likely useless to you.

Not to mention the user has to have Microsoft Word installed in order for the Trojan to do it's damage. It takes advantage of bugs in the program. Fucking Microsoft.

So in reality...if you have a 3rd party App installed and are stupid enough to download and open a Word file that you don't need - you deserve a virus.

The only argument that can be made here is that the myth that Mac's can not be exploited might lead to reckless downloading and execution of Trojans.

When self installing (no user action required) Malware runs rampant in Macs (I'm not referring to hacking contests) due to bugs in Safari (ala Windows and practically every version of IE). Then let the hysterics begin.

http://www.digitaljournal.com/article/322338

"An unpatched Java vulnerability in Apple operating systems is the gateway to the infection. One of the significant problems is that no user action needs to occur for this latest version of the trojan, dubbed Flashback.K, to infect. Users can get infected by simply visiting a website on this go around, reports MacWorld."

"In May 2011, the first construction kit for Mac OS X trojans emerged in the form of a scareware called MacDefender. This malware, which resembled the type of scareware that has plagued Windows users for years, rapidly spread through the computers of Mac users caught off-guard. Since then several different types of malware aimed at Macs have emerged."

Colmike9 · 04-03-2012, 08:08 PM

I worked for Apple 6 years ago and there was a trojan that went around using iTunes but then I guess got downgraded to just technically being a 'script'....

$5 submissions · 04-03-2012, 10:47 PM

Quote:

Originally Posted by anexsia

http://www.digitaljournal.com/article/322338

"An unpatched Java vulnerability in Apple operating systems is the gateway to the infection. One of the significant problems is that no user action needs to occur for this latest version of the trojan, dubbed Flashback.K, to infect. Users can get infected by simply visiting a website on this go around, reports MacWorld."

"In May 2011, the first construction kit for Mac OS X trojans emerged in the form of a scareware called MacDefender. This malware, which resembled the type of scareware that has plagued Windows users for years, rapidly spread through the computers of Mac users caught off-guard. Since then several different types of malware aimed at Macs have emerged."

yep

$5 submissions · 04-05-2012, 01:22 PM

Here's a follow up. 500K units http://www.bbc.co.uk/news/science-environment-17623422

Dirty F · 04-05-2012, 01:25 PM

Quote:

Originally Posted by Young

This is like saying "doors don't work at keeping burglars out, i left my door opened the other day and they walked right in"

This particular Trojan (as all Trojans do) require's ignorance or stupidity on the part of the user. They have to actively download and launch the file. Ignoring the warning that you are about to launch a program that was downloaded off of the web. Ignoring the fact that the Word file you are about to download is more than likely useless to you.

Not to mention the user has to have Microsoft Word installed in order for the Trojan to do it's damage. It takes advantage of bugs in the program. Fucking Microsoft.

So in reality...if you have a 3rd party App installed and are stupid enough to download and open a Word file that you don't need - you deserve a virus.

The only argument that can be made here is that the myth that Mac's can not be exploited might lead to reckless downloading and execution of Trojans.

When self installing (no user action required) Malware runs rampant in Macs (I'm not referring to hacking contests) due to bugs in Safari (ala Windows and practically every version of IE). Then let the hysterics begin.

Jesus, you Mac users are sensitive.

Bladewire · 04-05-2012, 02:18 PM

Quote:

Originally Posted by Dirty F

Jesus, you Mac users are sensitive.

Colmike9 · 04-05-2012, 02:20 PM

It's really not hard to exploit a Mac. If you can hack Linux then you can hack a Mac.. (sudo chmod 775 /)

$5 submissions · 04-05-2012, 06:07 PM

Quote:

Originally Posted by Dirty F

Jesus, you Mac users are sensitive.

magicmike · 04-05-2012, 06:46 PM

Java exploit. Apple needs to update java more often, but its hardly just a mac thing.

raymor · 04-05-2012, 09:55 PM

The idea that Mac is highly secure certainly has an element of truth, and is also somewhat based on how old Mac systems worked, a lack of functionality that made them immune to certain classes of attacks.

Mac was way more secure than Windows through the 1990s, and still is today, but in a different way, a more Linux like way.
Mac was the last of the pure disk operating systems. Through the 1970s, computers were multi-user, running network operating systems. That meant they had to be secure inside and out so that one user couldn't mess with another user's stuff. This was the age of Unix. 1981 was the dawn of the PERSONAL computer and it's Disk Operating System. To make disk operating systems run with only 256k of RAM, all of that unnecessary security stuff was removed. That was cool. No need for security on a personal, non-networked system, so DOS, Mac, and then Windows were fine.

Then the internet happened. Suddenly, personal, disk based computers with no security were being connected to a global network. Microsoft quickly began tossing network features at Windows, like remote desktop and SMB. They even took technologies that were entirely inappropriate for web use, like COM, and renamed it ActiveX, selling it as an "internet feature." On a platform with no security, but with remote access, this resulted in all hell breaking loose, desktops averaging 30 different infections apiece.

Apple didn't go nuts putting things like remote network access on top of their disk based systems. They continued to treat it as a personal computer, not a (fundamentally broken) network computer, so they didn't have the security problems that Microsoft had. Mac gained a well deserved reputation for security at that time. (MS still hasn't finished cleaning up the mess. With Windows 7 they are starting to get CLOSE to having proper security for a network OS, pretty close to what the network OSes of the 1970s had.)

In 2001-2002, Apple went full bore with a completely different OS, an actual network OS with network OS security, a Unix known as OS X. (Unix 3.0 certified.) The new Mac doesn't have the security advantage of the old Mac, which lacked exploitable features like remote access. Instead, it has Unix style security - the user, and user-run programs, can't fuck up the SYSTEM. You may recall MS testifying in court that Explorer, which was both the MS browser and the desktop shell, is so deeply embedded in the system that Windows won't boot without it. That implies that exploits encountered by the browser can run deep within the system. Mac and other POSIX systems like Linux don't suffer from that. On Mac and Linux a browser is just a browser. It can only load web pages. It's not part of the boot process, so fucking with it can't fuck up your system.

webgurl · 04-05-2012, 10:00 PM

wow what fantastic news! <sigh>

Dirty F · 04-05-2012, 10:05 PM

Quote:

Originally Posted by magicmike

Java exploit. Apple needs to update java more often, but its hardly just a mac thing.

It's about Macs getting infected but it's hardly a Mac thing?? Let me guess you are a Mac user?

webgurl · 04-05-2012, 10:17 PM

Quote:

Originally Posted by Dirty F

Jesus, you Mac users are sensitive.

It's a religion, peeps will go to war for Macs

V_RocKs · 04-05-2012, 10:36 PM

I fucked Steve's mom and all I got was this GFY thread to reply in.

travs · 04-05-2012, 11:29 PM

Quote:

Originally Posted by webgurl

It's a religion, peeps will go to war for Macs

hahahahahaha

just a punk · 04-06-2012, 02:25 AM

Backdoor.Flashback.39, the piece of malware designed to target computers running Mac OS X, caused a lot of headaches for Mac users, especially because one of the Java vulnerabilities it exploited remained unpatched by Apple.

Security experts have found that even after Apple patched the flaw, the cybercriminals behind the operation didn't seem to be discouraged.

Researchers from Russian security firm Doctor Web analyzed the malicious element and determined that the infection begins when users are redirected to shady sites from compromised domains.

A piece of JavaScript code, placed on websites such as godofwar3.rr.nu, ironmanvideo.rr.nu, killaoftime.rr.nu, or gangstasparadise.rr.nu, loads the Java applet that contains the exploit.

The exploit then saves an executable onto the infected Mac machine. This executable file connects to a remote server from which it downloads and executes the final payload.

If at first the cybercrooks relied on Java vulnerabilities that were addressed back in 2011 and at the beginning of 2012, on March 16 they switched to the now-famous CVE-2012-0507, the security hole that was left unpatched by Apple until April 3.

Dr. Web experts noticed that around April 1 a new variant of Backdoor.Flashback.39 was released. Before stepping into play, the Trojan scans the system and generates the list of control servers only if there’s no trace of security software.

After that, it starts sending notifications to the statistics server utilized by the masterminds of the campaign.

“It should be noted that the malware utilizes a very peculiar routine for generating such addresses. It can also switch between several servers for better load balancing,” Dr. Web experts reveal.

“After receiving a reply from a control server, BackDoor.Flashback.39 verifies its RSA signature and then, if successful, downloads and runs payload on the infected machine. It may get and run any executable specified in a directive received from a server.”

So far, more than 550,000 machines have been found to be infected, which means that Apple users should rush to apply the Java update and maybe even install a security application.

src: http://news.softpedia.com/news/Russi...9-262924.shtml

DamageX · 04-06-2012, 02:36 AM

Quote:

Originally Posted by Dirty F

Jesus, you Mac users are sensitive.

You would be too, if you had gotten suckered into paying twice for something that does nothing more than competing products, except for look pretty.

DamianJ · 04-06-2012, 03:33 AM

Quote:

Originally Posted by webgurl

wow what fantastic news! <sigh>

News? This was out last September...

seeandsee · 04-06-2012, 03:46 AM

There is no virus for mac,linux etc... yeah right, nobody just care to make it, and now we got it on all shit...

Dirty F · 04-06-2012, 04:08 AM

Quote:

Originally Posted by DamageX

You would be too, if you had gotten suckered into paying twice for something that does nothing more than competing products, except for look pretty.

Yeah you're right.

potter · 04-06-2012, 07:07 AM

Quote:

Originally Posted by anexsia

http://www.digitaljournal.com/article/322338

"An unpatched Java vulnerability in Apple operating systems is the gateway to the infection. One of the significant problems is that no user action needs to occur for this latest version of the trojan, dubbed Flashback.K, to infect. Users can get infected by simply visiting a website on this go around, reports MacWorld."

I have to disagree with that. Wouldn't the user have to enable Java? I believe Chrome is the only browser that has it enable by default. Safari and Firefox both shut Java down by default (rightly so I might add).

Quote:

Originally Posted by raymor

The idea that Mac is highly secure certainly has an element of truth, and is also somewhat based on how old Mac systems worked, a lack of functionality that made them immune to certain classes of attacks.

Mac was way more secure than Windows through the 1990s, and still is today, but in a different way, a more Linux like way.
Mac was the last of the pure disk operating systems. Through the 1970s, computers were multi-user, running network operating systems. That meant they had to be secure inside and out so that one user couldn't mess with another user's stuff. This was the age of Unix. 1981 was the dawn of the PERSONAL computer and it's Disk Operating System. To make disk operating systems run with only 256k of RAM, all of that unnecessary security stuff was removed. That was cool. No need for security on a personal, non-networked system, so DOS, Mac, and then Windows were fine.

Then the internet happened. Suddenly, personal, disk based computers with no security were being connected to a global network. Microsoft quickly began tossing network features at Windows, like remote desktop and SMB. They even took technologies that were entirely inappropriate for web use, like COM, and renamed it ActiveX, selling it as an "internet feature." On a platform with no security, but with remote access, this resulted in all hell breaking loose, desktops averaging 30 different infections apiece.

Apple didn't go nuts putting things like remote network access on top of their disk based systems. They continued to treat it as a personal computer, not a (fundamentally broken) network computer, so they didn't have the security problems that Microsoft had. Mac gained a well deserved reputation for security at that time. (MS still hasn't finished cleaning up the mess. With Windows 7 they are starting to get CLOSE to having proper security for a network OS, pretty close to what the network OSes of the 1970s had.)

In 2001-2002, Apple went full bore with a completely different OS, an actual network OS with network OS security, a Unix known as OS X. (Unix 3.0 certified.) The new Mac doesn't have the security advantage of the old Mac, which lacked exploitable features like remote access. Instead, it has Unix style security - the user, and user-run programs, can't fuck up the SYSTEM. You may recall MS testifying in court that Explorer, which was both the MS browser and the desktop shell, is so deeply embedded in the system that Windows won't boot without it. That implies that exploits encountered by the browser can run deep within the system. Mac and other POSIX systems like Linux don't suffer from that. On Mac and Linux a browser is just a browser. It can only load web pages. It's not part of the boot process, so fucking with it can't fuck up your system.

Good point. Another one of Windows main flaws from a security standpoint is it has a bad base, and in an attempt to fix the problem they have simply thrown ten pounds of shit ontop of it. What I mean is unix and linux operating systems are more secure by default, it's just how the os was designed. It is when you add user features to that base which starts to open up security flaws.

Windows however has an extremely insecure base. To fix this they've thrown a ton of rules and walls up ontop of the base to try and close up any holes in the base. This is bad in a multitude of ways. The first being, it's still easy to hack - you just have to hack through multiple walls before getting to the base. The second being is now every time a user does something a little popup appears that "this is happening, do you want to continue" - that DOES NOT protect the user, it creates a UX that trains them to ignore operating system popups. Because after the 100th popup they're no longer reading the popup but just click the accept button. A third point being it creates the issue that a user must turn off a bunch of this "protection services" just to accomplish normal tasks. The operating system has so many of these walls up that a user by default must actually turn off a bunch of them just to do things a normal user would need to do. And then lastly, the point that there are so many walls up that they become utterly useless, easy to bypass, or another wall creates a rule that voids another one. For example the other day we were having a hard time moving some work over to an IIS server. PUT requests were being rejected. Well, this is because IIS assumes you only want to use half the internet and throws up dozens of stupid walls. We ended up resolving this issue with POST Tunneling, we passed the request as POST but with the header "X-HTTP-Method-Override : PUT" - problem solved. And the windows "security rule" completely irrelevant and bypassed.

baddog · 04-06-2012, 07:27 AM

It has long been my contention that the only reason there were no [or very limited] exploits was due to one thing and one thing only, not enough incentive to do so. Now that there are so many out there, you can be sure they will pop up more often. JMHO, of course.

raymor · 04-06-2012, 09:05 AM

Quote:

Originally Posted by baddog

It has long been my contention that the only reason there were no [or very limited] exploits was due to one thing and one thing only, not enough incentive to do so. Now that there are so many out there, you can be sure they will pop up more often. JMHO, of course.

See my post. That seems like it might make sense if you don't happen to know the history of operating systems. For many years, Unix systems were the ONLY systems. 98% market share. They were reasonably secure when they had 98% of the market and they are still secure for the same reasons today. (Mac is officially Unux 3.0).

Windows lacks security ON PURPOSE and for good reason. They literally deleted all of the security related functions. Well, it WAS a good reason until surprise - the web was invented.

Colmike9 · 04-06-2012, 10:48 AM

Quote:

Originally Posted by DamageX

You would be too, if you had gotten suckered into paying twice for something that does nothing more than competing products, except for look pretty.

Apple products are all just betas with a nice case..

anexsia · 04-06-2012, 08:26 PM

Quote:

Originally Posted by potter

I have to disagree with that. Wouldn't the user have to enable Java? I believe Chrome is the only browser that has it enable by default. Safari and Firefox both shut Java down by default (rightly so I might add).

Not sure, I was just linking to the news article. Either way, I don't care whether someone uses a Mac, Windows, or Linux...it's whatever some one is more comfortable with and likes. I like building my own rigs and customizing them to my liking so I don't really buy Macs.

$5 submissions · 04-07-2012, 02:22 AM

Shot down in flames....

just a punk · 04-07-2012, 07:49 AM

Quote:

Originally Posted by raymor

See my post. That seems like it might make sense if you don't happen to know the history of operating systems. For many years, Unix systems were the ONLY systems. 98% market share. They were reasonably secure when they had 98% of the market and they are still secure for the same reasons today. (Mac is officially Unux 3.0).

Windows lacks security ON PURPOSE and for good reason. They literally deleted all of the security related functions. Well, it WAS a good reason until surprise - the web was invented.

potter · 04-07-2012, 08:31 AM

Quote:

Originally Posted by anexsia

Not sure, I was just linking to the news article. Either way, I don't care whether someone uses a Mac, Windows, or Linux...it's whatever some one is more comfortable with and likes. I like building my own rigs and customizing them to my liking so I don't really buy Macs.

I researched it some more as well and that article is very misleading. The virus is still malware - the user has to install it. It's just that to install it the user doesn't need to type in their administrator password. So the article claims "no user input" but by that they don't actually mean user input, then mean user typing in their password.

Very poorly written article imo.

SpeedoDave · 04-07-2012, 09:27 AM

Quote:

Originally Posted by webgurl

It's a religion, peeps will go to war for Macs

Hahahaha

DamianJ · 04-07-2012, 10:31 AM

Quote:

Originally Posted by Colmike7

Apple products are all just betas with a nice case..

Your mom is a beta

Colmike9 · 04-07-2012, 10:40 AM

Quote:

Originally Posted by DamianJ

Your mom is a beta

And yours was used for the stress tests..

DamageX · 04-07-2012, 11:02 AM

Quote:

Originally Posted by Colmike7

And yours was used for the stress tests..

just a punk · 04-07-2012, 11:29 AM

Quote:

Originally Posted by potter

I researched it some more as well and that article is very misleading. The virus is still malware - the user has to install it. It's just that to install it the user doesn't need to type in their administrator password. So the article claims "no user input" but by that they don't actually mean user input, then mean user typing in their password.

Backdoor.Flashback.39 does not require any "user input". It installs itself w/o asking for a user password. This is why it's not just a trojan but a Backdoor - the malware which doesn't use the front door to infect your OS. The only thing you need to do is to open the "proper" URL in your browser.

$5 submissions · 04-07-2012, 03:34 PM

Quote:

Originally Posted by CyberSEO

Backdoor.Flashback.39 does not require any "user input". It installs itself w/o asking for a user password. This is why it's not just a trojan but a Backdoor - the malware which doesn't use the front door to infect your OS. The only thing you need to do is to open the "proper" URL in your browser.

04-03-2012, 03:34 PM	#1
$5 submissions I help you SUCCEED Industry Role: Join Date: Nov 2003 Location: The Pearl of the Orient Seas Posts: 32,195	Another Apple myth goes down in flames New wave of trojans target Mac computers http://gizmodo.com/5897693/ms-office...yware-exploits It goes with the territory though. Apple's ecosystem is huge and this hasn't been lost on botnet operators __________________ Need a NON-ADULT income stream? We build your YOUTUBE CHANNEL for only $20 per video! For Hire: $3/hour or $400 per month Marketing Specialist Virtual Assistants

04-03-2012, 04:28 PM	#2
Young Bland for life Industry Role: Join Date: Nov 2004 Posts: 10,468	This is like saying "doors don't work at keeping burglars out, i left my door opened the other day and they walked right in" This particular Trojan (as all Trojans do) require's ignorance or stupidity on the part of the user. They have to actively download and launch the file. Ignoring the warning that you are about to launch a program that was downloaded off of the web. Ignoring the fact that the Word file you are about to download is more than likely useless to you. Not to mention the user has to have Microsoft Word installed in order for the Trojan to do it's damage. It takes advantage of bugs in the program. Fucking Microsoft. So in reality...if you have a 3rd party App installed and are stupid enough to download and open a Word file that you don't need - you deserve a virus. The only argument that can be made here is that the myth that Mac's can not be exploited might lead to reckless downloading and execution of Trojans. When self installing (no user action required) Malware runs rampant in Macs (I'm not referring to hacking contests) due to bugs in Safari (ala Windows and practically every version of IE). Then let the hysterics begin. __________________ ★★★

04-03-2012, 08:08 PM	#4
Colmike9 (>^_^)b Industry Role: Join Date: Dec 2011 Posts: 7,223	I worked for Apple 6 years ago and there was a trojan that went around using iTunes but then I guess got downgraded to just technically being a 'script'.... __________________ Join the BEST cam affiliate program on the internet! I've referred over $1.7mil in spending this past year, you should join in. I make a lot more money in the medical field in a lab now, fuck you guys. Don't ask me to come back, but do join Chaturbate in my sig, it still makes bank without me touching shit for years..

04-05-2012, 01:22 PM	#6
$5 submissions I help you SUCCEED Industry Role: Join Date: Nov 2003 Location: The Pearl of the Orient Seas Posts: 32,195	Here's a follow up. 500K units http://www.bbc.co.uk/news/science-environment-17623422 __________________ Need a NON-ADULT income stream? We build your YOUTUBE CHANNEL for only $20 per video! For Hire: $3/hour or $400 per month Marketing Specialist Virtual Assistants

04-05-2012, 02:20 PM	#9
Colmike9 (>^_^)b Industry Role: Join Date: Dec 2011 Posts: 7,223	It's really not hard to exploit a Mac. If you can hack Linux then you can hack a Mac.. (sudo chmod 775 /) __________________ Join the BEST cam affiliate program on the internet! I've referred over $1.7mil in spending this past year, you should join in. I make a lot more money in the medical field in a lab now, fuck you guys. Don't ask me to come back, but do join Chaturbate in my sig, it still makes bank without me touching shit for years..

04-05-2012, 06:46 PM	#11
magicmike Confirmed User Industry Role: Join Date: Feb 2003 Location: JustPorno Posts: 2,384	Java exploit. Apple needs to update java more often, but its hardly just a mac thing. __________________ Just Porno with both classic and mobile porn versions. Gay Porn Our mega gay site tranny porn

04-05-2012, 09:55 PM	#12
raymor Confirmed User Join Date: Oct 2002 Posts: 3,745	The idea that Mac is highly secure certainly has an element of truth, and is also somewhat based on how old Mac systems worked, a lack of functionality that made them immune to certain classes of attacks. Mac was way more secure than Windows through the 1990s, and still is today, but in a different way, a more Linux like way. Mac was the last of the pure disk operating systems. Through the 1970s, computers were multi-user, running network operating systems. That meant they had to be secure inside and out so that one user couldn't mess with another user's stuff. This was the age of Unix. 1981 was the dawn of the PERSONAL computer and it's Disk Operating System. To make disk operating systems run with only 256k of RAM, all of that unnecessary security stuff was removed. That was cool. No need for security on a personal, non-networked system, so DOS, Mac, and then Windows were fine. Then the internet happened. Suddenly, personal, disk based computers with no security were being connected to a global network. Microsoft quickly began tossing network features at Windows, like remote desktop and SMB. They even took technologies that were entirely inappropriate for web use, like COM, and renamed it ActiveX, selling it as an "internet feature." On a platform with no security, but with remote access, this resulted in all hell breaking loose, desktops averaging 30 different infections apiece. Apple didn't go nuts putting things like remote network access on top of their disk based systems. They continued to treat it as a personal computer, not a (fundamentally broken) network computer, so they didn't have the security problems that Microsoft had. Mac gained a well deserved reputation for security at that time. (MS still hasn't finished cleaning up the mess. With Windows 7 they are starting to get CLOSE to having proper security for a network OS, pretty close to what the network OSes of the 1970s had.) In 2001-2002, Apple went full bore with a completely different OS, an actual network OS with network OS security, a Unix known as OS X. (Unix 3.0 certified.) The new Mac doesn't have the security advantage of the old Mac, which lacked exploitable features like remote access. Instead, it has Unix style security - the user, and user-run programs, can't fuck up the SYSTEM. You may recall MS testifying in court that Explorer, which was both the MS browser and the desktop shell, is so deeply embedded in the system that Windows won't boot without it. That implies that exploits encountered by the browser can run deep within the system. Mac and other POSIX systems like Linux don't suffer from that. On Mac and Linux a browser is just a browser. It can only load web pages. It's not part of the boot process, so fucking with it can't fuck up your system. Last edited by raymor; 04-05-2012 at 10:02 PM..

04-05-2012, 10:00 PM	#13
webgurl Confirmed User Join Date: Aug 2002 Location: Clouds with Carebears Posts: 7,954	wow what fantastic news! <sigh>

04-05-2012, 10:36 PM	#16
V_RocKs Damn Right I Kiss Ass! Industry Role: Join Date: Dec 2003 Location: Cowtown, USA Posts: 32,409	I fucked Steve's mom and all I got was this GFY thread to reply in.

04-06-2012, 02:25 AM	#18
just a punk So fuckin' bored Industry Role: Join Date: Jun 2003 Posts: 32,384	Backdoor.Flashback.39, the piece of malware designed to target computers running Mac OS X, caused a lot of headaches for Mac users, especially because one of the Java vulnerabilities it exploited remained unpatched by Apple. Security experts have found that even after Apple patched the flaw, the cybercriminals behind the operation didn't seem to be discouraged. Researchers from Russian security firm Doctor Web analyzed the malicious element and determined that the infection begins when users are redirected to shady sites from compromised domains. A piece of JavaScript code, placed on websites such as godofwar3.rr.nu, ironmanvideo.rr.nu, killaoftime.rr.nu, or gangstasparadise.rr.nu, loads the Java applet that contains the exploit. The exploit then saves an executable onto the infected Mac machine. This executable file connects to a remote server from which it downloads and executes the final payload. If at first the cybercrooks relied on Java vulnerabilities that were addressed back in 2011 and at the beginning of 2012, on March 16 they switched to the now-famous CVE-2012-0507, the security hole that was left unpatched by Apple until April 3. Dr. Web experts noticed that around April 1 a new variant of Backdoor.Flashback.39 was released. Before stepping into play, the Trojan scans the system and generates the list of control servers only if there’s no trace of security software. After that, it starts sending notifications to the statistics server utilized by the masterminds of the campaign. “It should be noted that the malware utilizes a very peculiar routine for generating such addresses. It can also switch between several servers for better load balancing,” Dr. Web experts reveal. “After receiving a reply from a control server, BackDoor.Flashback.39 verifies its RSA signature and then, if successful, downloads and runs payload on the infected machine. It may get and run any executable specified in a directive received from a server.” So far, more than 550,000 machines have been found to be infected, which means that Apple users should rush to apply the Java update and maybe even install a security application. src: http://news.softpedia.com/news/Russi...9-262924.shtml __________________ Obey the Cowgod

04-06-2012, 03:46 AM	#21
seeandsee Check SIG! Industry Role: Join Date: Mar 2006 Location: Europe (Skype: gojkoas) Posts: 50,945	There is no virus for mac,linux etc... yeah right, nobody just care to make it, and now we got it on all shit... __________________ BUY MY SIG - 50$/Year Contact here

04-06-2012, 07:27 AM	#24
baddog So Fucking Banned Industry Role: Join Date: Apr 2001 Location: the beach, SoCal Posts: 107,089	It has long been my contention that the only reason there were no [or very limited] exploits was due to one thing and one thing only, not enough incentive to do so. Now that there are so many out there, you can be sure they will pop up more often. JMHO, of course.

04-07-2012, 02:22 AM	#28
$5 submissions I help you SUCCEED Industry Role: Join Date: Nov 2003 Location: The Pearl of the Orient Seas Posts: 32,195	Shot down in flames.... __________________ Need a NON-ADULT income stream? We build your YOUTUBE CHANNEL for only $20 per video! For Hire: $3/hour or $400 per month Marketing Specialist Virtual Assistants