|
Another Apple myth goes down in flames
New wave of trojans target Mac computers http://gizmodo.com/5897693/ms-office...yware-exploits
It goes with the territory though. Apple's ecosystem is huge and this hasn't been lost on botnet operators |
This is like saying "doors don't work at keeping burglars out, i left my door opened the other day and they walked right in"
This particular Trojan (as all Trojans do) require's ignorance or stupidity on the part of the user. They have to actively download and launch the file. Ignoring the warning that you are about to launch a program that was downloaded off of the web. Ignoring the fact that the Word file you are about to download is more than likely useless to you. Not to mention the user has to have Microsoft Word installed in order for the Trojan to do it's damage. It takes advantage of bugs in the program. Fucking Microsoft. So in reality...if you have a 3rd party App installed and are stupid enough to download and open a Word file that you don't need - you deserve a virus. The only argument that can be made here is that the myth that Mac's can not be exploited might lead to reckless downloading and execution of Trojans. When self installing (no user action required) Malware runs rampant in Macs (I'm not referring to hacking contests) due to bugs in Safari (ala Windows and practically every version of IE). Then let the hysterics begin. |
Quote:
"An unpatched Java vulnerability in Apple operating systems is the gateway to the infection. One of the significant problems is that no user action needs to occur for this latest version of the trojan, dubbed Flashback.K, to infect. Users can get infected by simply visiting a website on this go around, reports MacWorld." "In May 2011, the first construction kit for Mac OS X trojans emerged in the form of a scareware called MacDefender. This malware, which resembled the type of scareware that has plagued Windows users for years, rapidly spread through the computers of Mac users caught off-guard. Since then several different types of malware aimed at Macs have emerged." |
I worked for Apple 6 years ago and there was a trojan that went around using iTunes but then I guess got downgraded to just technically being a 'script'....
|
Quote:
|
Here's a follow up. 500K units http://www.bbc.co.uk/news/science-environment-17623422
|
Quote:
|
Quote:
|
It's really not hard to exploit a Mac. If you can hack Linux then you can hack a Mac.. (sudo chmod 775 /)
|
Quote:
|
Java exploit. Apple needs to update java more often, but its hardly just a mac thing.
|
The idea that Mac is highly secure certainly has an element of truth, and is also somewhat based on how old Mac systems worked, a lack of functionality that made them immune to certain classes of attacks.
Mac was way more secure than Windows through the 1990s, and still is today, but in a different way, a more Linux like way. Mac was the last of the pure disk operating systems. Through the 1970s, computers were multi-user, running network operating systems. That meant they had to be secure inside and out so that one user couldn't mess with another user's stuff. This was the age of Unix. 1981 was the dawn of the PERSONAL computer and it's Disk Operating System. To make disk operating systems run with only 256k of RAM, all of that unnecessary security stuff was removed. That was cool. No need for security on a personal, non-networked system, so DOS, Mac, and then Windows were fine. Then the internet happened. Suddenly, personal, disk based computers with no security were being connected to a global network. Microsoft quickly began tossing network features at Windows, like remote desktop and SMB. They even took technologies that were entirely inappropriate for web use, like COM, and renamed it ActiveX, selling it as an "internet feature." On a platform with no security, but with remote access, this resulted in all hell breaking loose, desktops averaging 30 different infections apiece. Apple didn't go nuts putting things like remote network access on top of their disk based systems. They continued to treat it as a personal computer, not a (fundamentally broken) network computer, so they didn't have the security problems that Microsoft had. Mac gained a well deserved reputation for security at that time. (MS still hasn't finished cleaning up the mess. With Windows 7 they are starting to get CLOSE to having proper security for a network OS, pretty close to what the network OSes of the 1970s had.) In 2001-2002, Apple went full bore with a completely different OS, an actual network OS with network OS security, a Unix known as OS X. (Unix 3.0 certified.) The new Mac doesn't have the security advantage of the old Mac, which lacked exploitable features like remote access. Instead, it has Unix style security - the user, and user-run programs, can't fuck up the SYSTEM. You may recall MS testifying in court that Explorer, which was both the MS browser and the desktop shell, is so deeply embedded in the system that Windows won't boot without it. That implies that exploits encountered by the browser can run deep within the system. Mac and other POSIX systems like Linux don't suffer from that. On Mac and Linux a browser is just a browser. It can only load web pages. It's not part of the boot process, so fucking with it can't fuck up your system. |
wow what fantastic news! <sigh>
|
Quote:
|
Quote:
|
I fucked Steve's mom and all I got was this GFY thread to reply in.
|
Quote:
|
Backdoor.Flashback.39, the piece of malware designed to target computers running Mac OS X, caused a lot of headaches for Mac users, especially because one of the Java vulnerabilities it exploited remained unpatched by Apple.
Security experts have found that even after Apple patched the flaw, the cybercriminals behind the operation didn't seem to be discouraged. Researchers from Russian security firm Doctor Web analyzed the malicious element and determined that the infection begins when users are redirected to shady sites from compromised domains. A piece of JavaScript code, placed on websites such as godofwar3.rr.nu, ironmanvideo.rr.nu, killaoftime.rr.nu, or gangstasparadise.rr.nu, loads the Java applet that contains the exploit. The exploit then saves an executable onto the infected Mac machine. This executable file connects to a remote server from which it downloads and executes the final payload. If at first the cybercrooks relied on Java vulnerabilities that were addressed back in 2011 and at the beginning of 2012, on March 16 they switched to the now-famous CVE-2012-0507, the security hole that was left unpatched by Apple until April 3. Dr. Web experts noticed that around April 1 a new variant of Backdoor.Flashback.39 was released. Before stepping into play, the Trojan scans the system and generates the list of control servers only if there’s no trace of security software. After that, it starts sending notifications to the statistics server utilized by the masterminds of the campaign. “It should be noted that the malware utilizes a very peculiar routine for generating such addresses. It can also switch between several servers for better load balancing,” Dr. Web experts reveal. “After receiving a reply from a control server, BackDoor.Flashback.39 verifies its RSA signature and then, if successful, downloads and runs payload on the infected machine. It may get and run any executable specified in a directive received from a server.” So far, more than 550,000 machines have been found to be infected, which means that Apple users should rush to apply the Java update and maybe even install a security application. src: http://news.softpedia.com/news/Russi...9-262924.shtml |
Quote:
|
Quote:
|
There is no virus for mac,linux etc... yeah right, nobody just care to make it, and now we got it on all shit...
|
Quote:
|
Quote:
Quote:
Windows however has an extremely insecure base. To fix this they've thrown a ton of rules and walls up ontop of the base to try and close up any holes in the base. This is bad in a multitude of ways. The first being, it's still easy to hack - you just have to hack through multiple walls before getting to the base. The second being is now every time a user does something a little popup appears that "this is happening, do you want to continue" - that DOES NOT protect the user, it creates a UX that trains them to ignore operating system popups. Because after the 100th popup they're no longer reading the popup but just click the accept button. A third point being it creates the issue that a user must turn off a bunch of this "protection services" just to accomplish normal tasks. The operating system has so many of these walls up that a user by default must actually turn off a bunch of them just to do things a normal user would need to do. And then lastly, the point that there are so many walls up that they become utterly useless, easy to bypass, or another wall creates a rule that voids another one. For example the other day we were having a hard time moving some work over to an IIS server. PUT requests were being rejected. Well, this is because IIS assumes you only want to use half the internet and throws up dozens of stupid walls. We ended up resolving this issue with POST Tunneling, we passed the request as POST but with the header "X-HTTP-Method-Override : PUT" - problem solved. And the windows "security rule" completely irrelevant and bypassed. |
It has long been my contention that the only reason there were no [or very limited] exploits was due to one thing and one thing only, not enough incentive to do so. Now that there are so many out there, you can be sure they will pop up more often. JMHO, of course.
|
Quote:
Windows lacks security ON PURPOSE and for good reason. They literally deleted all of the security related functions. Well, it WAS a good reason until surprise - the web was invented. |
Quote:
|
Quote:
|
Shot down in flames....
|
Quote:
|
Quote:
Very poorly written article imo. :2 cents: |
Quote:
|
Quote:
|
Quote:
|
Quote:
|
Quote:
http://i0.kym-cdn.com/photos/images/...png?1318992465 |
Quote:
|
| All times are GMT -7. The time now is 03:35 AM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123