Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Updates Anti-Malware Definitions to Address Fake Flash Player Trojan
- Thread starter MacRumors
- Start date
- Sort by reaction score
Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_5 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8L1 Safari/6533.18.5)
I get that this isn't a virus, but I'd also like to point out that the overwhelming majority of Windows-based malware also consists of trojans rather than actual viruses. In addition, I don't think the distinction means much to your average end user.
I get that this isn't a virus, but I'd also like to point out that the overwhelming majority of Windows-based malware also consists of trojans rather than actual viruses. In addition, I don't think the distinction means much to your average end user.
It doesn't help at all in this case. And it hijacks NXDOMAIN responses to serve up ads instead, which goes against the very spec of DNS.
No thank you.
What net?
OpenDNS does not follow RFCs for name resolution. They hijack and redirected failed name look-ups.
I'm amazed how their front page gets more than 1 new rummor/news post about Apple every day
It is a trojan but is really does have nothing to do with Flash. This could be posing as an update to Safari, Mail.app, iPhone or anything else basically.
They also provide some anti-phishing and typo correction, which basically means if you really wanted to go to that phishing site or to gogle.com, you can't.
And again : It doesn't help at all in this case. Once the host file is modified, unless you changed your nsswitch.conf to make dns take priority over the host file, the system resolver will honor the entry in the host file.
yes, it's beginning. mac is not ruled out from malware, virus anymore. it means that mac os X could be vulnerable (even worst than windows 7). in terms of system protection, mac os x is very weak. you should remember it.
it comes standard built in. My advice to any mac owner, is just keep up with the updates. It lets you know of any once every week automatically i believe
Well that's what I mean. I know they have existed for like forever, but I think we can agree on the fact that there hundreds, maybe even thousands trojans available in the wild, but they just pass the review unnoticed. But since there tend to afloat more (they even get posted on MR!), wouldn't this also imply there are more unnoticed samples?
somewhat offtopic: Does anyone know of a Rootkit for OS X (obsolete or not)?
It's a Trojan that appears to be a Flash update. Besides some images and some text they have nothing in common. If I paint my Opel red and draw a stallion on front, do I have a Ferrari?
Jailbreakme.com uses an actual exploit in the operating system. I was speaking generally about a basic trojanone which tricks the user into installing it only to become something unexpected. Through the App Store the only way this can happen is if Apple actually allows it to slip through inspection. To hype that slim possibility as statistically significant would be hyperbolic. Actually, it is a little hyperbolic to use jailbreakme.com as an example of there being a real trojan threat on iOS, whether combining an exploit or otherwise.Ever heard of the site jealbreakme.com?
If you jailbreak it, some. If you don't jailbreak it, what? Spyware, perhaps, in the form of applications extracting information which isn't clearly announced to the user, but not on par with what many people expect when they hear the word 'Spyware' these days.
The hosts file is not the only file in OS X that can be altered to yield malicious results. Apple would have to undertake an enormous amount of effort to protect every file that a given instance of malware can tamper with.
The problem, to me, seems to be traditional installers that do all kinds of things behind the user's back. I don't understand why Apple even supports installers anymore. Apple created a brilliant method of software installation with app bundles. Just drag and drop the app to your Applications folders and it's done. I'd always assumed that's where OS X was headed eventually and that installers were on their way out.
Question is does Xprotect have the capability to undo damage done by this malware? Can it repair the hosts file?
Yep. Every time I've tried to use it I've come across some kind of crazy problem or another, usually involving accessing certain types of content on the internet. I don't have much love for OpenDNS.
I agree. The App Store nulls the drag-and-drop installation that we've come to love, and I think many third-party developers have abused multi-step installers, maybe in an attempt to make the software installation process familiar to Windows converts.
Long live application bundles. There's no reason that an application can't install the necessary support files upon the first launch. That would make it self-repairing if those files were ever removed afterwards. No need for a separate installer.
It's just a text file. Open it with your favorite text editor and delete the unwanted entries.
The detail in which these developers are going to mimic real software is simply striking.