Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Reply
 
Thread Tools Search this Thread Display Modes
Old Dec 13, 2012, 09:22 AM   #26
gnasher729
macrumors G5
 
gnasher729's Avatar
 
Join Date: Nov 2005
Here are the steps that you need to perform to get hit:

1. Go to a website that distributes the Trojan.
2. Download a .zip file from the website.
3. Extract the .zip file which contains an app that looks like an installer.
4. Double-click the app.
5. Either have your Mac set up so that it allows launching any app (stupid) or give the app explicitly permission to launch.
6. (New step) Ignore a warning from Apple that this app is dangerous.
7. Enter your phone number and some other number.

You'd have to be _quite_ stupid to be caught by this.

Next I'll send emails to all Mac users in the world "send me your money! " and everyone who sends me money will blame Apple for it.
gnasher729 is offline   4 Reply With Quote
Old Dec 13, 2012, 09:22 AM   #27
spyguy10709
macrumors 6502a
 
Join Date: Apr 2010
Location: One Infinite Loop, Cupertino CA
Quote:
Originally Posted by rrahimi View Post
And again, you are wrong about Windows. Or maybe you are stuck in a time loop about a decade ago.

Nothing can "escalate itself privelidge-wise [sic]" in Windows either. You have to have the permissions and even then explicitly allow extended "privelidges" [sic]. Unless someone is a dolt and disables all the default security that exists in Windows.
It can... as a matter of fact. That's what a virus is. UAC is useless, it's a ripoff of Unix based control - but it's not 100% accurate. Google windows privilege (whoops, slipped on the keys, so shoot me) escalation - and then get back to me. Thanks!

~Amateur Security Researcher
spyguy10709 is offline   2 Reply With Quote
Old Dec 13, 2012, 09:25 AM   #28
KdParker
macrumors 68030
 
KdParker's Avatar
 
Join Date: Oct 2010
I really hope that people will not give a cell number just to install some free software.
__________________
16g iPhone5s Space Grey; 16g iPhone5 White;
15" retina - MBP 2.6 GHZ 16 RAM;
iPad4 retina
KdParker is offline   0 Reply With Quote
Old Dec 13, 2012, 09:25 AM   #29
SPUY767
macrumors 68000
 
SPUY767's Avatar
 
Join Date: Jun 2003
Location: GA

The fact that it says introductio would have given away that it's fake for me.
__________________
Yo' mama's so STUPID, she went to Bangkok to get a TIE Fighter.
SPUY767 is offline   2 Reply With Quote
Old Dec 13, 2012, 09:27 AM   #30
0815
macrumors 65816
 
0815's Avatar
 
Join Date: Jul 2010
Location: here and there
Quote:
Originally Posted by PowerPCMacMan View Post
In the PowerPC days, viruses and malware in OSX was unheard of. While I agree the move from PPC was a much needed one, the switch to Intel meant trouble ahead for OS X on x86 hardware. Now Apple is getting viruses and malware. Terrible if u ask me.

Quote:
Originally Posted by Sony311 View Post
And people always defended OSX for being virus/spyware free... LOL. Welcome to reality. Hopefully Apple can keep up with the variations that are no doubt going to be roaming out in the wild based on this.
No no no ... the 'processor' has nothing to do with viruses or like in this case lame phishing attempts.

It is only that MacOS has finally reached the critical mass that it is more interesting to target mac os users. This would also happened on PowerPC if it would have been more successful during that time.

But anyway - this is still not a real virus - it requires that user to download something, click the installer, enter the password, click through the warnings, enter the SMS and reply to it (or use it's 'code') ... all user initiated, nothing happens hidden in the background.
__________________
sent from my computer

Last edited by 0815; Dec 13, 2012 at 09:38 AM.
0815 is offline   4 Reply With Quote
Old Dec 13, 2012, 09:28 AM   #31
KdParker
macrumors 68030
 
KdParker's Avatar
 
Join Date: Oct 2010
Quote:
Originally Posted by gnasher729 View Post
Here are the steps that you need to perform to get hit:

1. Go to a website that distributes the Trojan.
2. Download a .zip file from the website.
3. Extract the .zip file which contains an app that looks like an installer.
4. Double-click the app.
5. Either have your Mac set up so that it allows launching any app (stupid) or give the app explicitly permission to launch.
6. (New step) Ignore a warning from Apple that this app is dangerous.
7. Enter your phone number and some other number.

You'd have to be _quite_ stupid to be caught by this.

Next I'll send emails to all Mac users in the world "send me your money! " and everyone who sends me money will blame Apple for it.
That's alot of work to get that trojan.
__________________
16g iPhone5s Space Grey; 16g iPhone5 White;
15" retina - MBP 2.6 GHZ 16 RAM;
iPad4 retina
KdParker is offline   1 Reply With Quote
Old Dec 13, 2012, 09:36 AM   #32
Jsameds
macrumors 6502a
 
Join Date: Apr 2008
Quote:
Originally Posted by SPUY767 View Post
Image
The fact that it says introductio would have given away that it's fake for me.
the 'for MAC on MAC' is a bit of a giveaway aswell
Jsameds is offline   3 Reply With Quote
Old Dec 13, 2012, 09:37 AM   #33
GCRoberts
macrumors newbie
 
Join Date: Apr 2011
There is another level of security you can easily add. If you contact your cell carrier, they can block any subscriptions being added to your cell phone account. Then, even if you fall for something like described in this thread, it'll still be blocked by the carrier. I use AT&T, and I know they support blocking. I would suspect other carriers could do the same.
GCRoberts is offline   0 Reply With Quote
Old Dec 13, 2012, 09:38 AM   #34
mono1980
macrumors 6502
 
Join Date: Feb 2005
Location: Lansing, MI
People need to learn the difference between a virus and a trojan.
mono1980 is offline   2 Reply With Quote
Old Dec 13, 2012, 09:38 AM   #35
oneMadRssn
macrumors 6502a
 
oneMadRssn's Avatar
 
Join Date: Sep 2011
Location: Boston, MA
Quote:
Originally Posted by rrahimi View Post
And again, you are wrong about Windows. Or maybe you are stuck in a time loop about a decade ago.

Nothing can "escalate itself privelidge-wise [sic]" in Windows either. You have to have the permissions and even then explicitly allow extended "privelidges" [sic]. Unless someone is a dolt and disables all the default security that exists in Windows.
Really? Nothing? How about on that infamous OS, which still has about 3 times as compared to the quantity of mac users. Windows XP (still about 20-35% market share, depending on how you measure) is is certainly able to get have viruses take over the entire os, rendering it practically unfixable, regardless of default security features. Let's not forget the second most popular OS of today.

However, your are correct as to Windows7, which does fare much much better, and has the most users of all.
oneMadRssn is offline   0 Reply With Quote
Old Dec 13, 2012, 09:39 AM   #36
rrahimi
macrumors member
 
Join Date: Sep 2012
Quote:
Originally Posted by spyguy10709 View Post
It can... as a matter of fact. That's what a virus is. UAC is useless, it's a ripoff of Unix based control - but it's not 100% accurate. Google windows privilege (whoops, slipped on the keys, so shoot me) escalation - and then get back to me. Thanks!

~Amateur Security Researcher
Firstly, access control, "superuser" and "userland" have existed in computing long before Unix. Secondly UAC is neither useless nor a ripoff. It is similar in implementation to 'sudo' and that's all. You don't innovate on what is proven to work. It's not a competition. Thirdly, nothing is 100% secure.

I'm amazed that an "Amateur Security Researcher" would post such a meaningless statement and then direct people to "Google it duuude" as proof.
rrahimi is offline   1 Reply With Quote
Old Dec 13, 2012, 09:41 AM   #37
0815
macrumors 65816
 
0815's Avatar
 
Join Date: Jul 2010
Location: here and there
Quote:
Originally Posted by GCRoberts View Post
There is another level of security you can easily add. If you contact your cell carrier, they can block any subscriptions being added to your cell phone account. Then, even if you fall for something like described in this thread, it'll still be blocked by the carrier. I use AT&T, and I know they support blocking. I would suspect other carriers could do the same.
This should be the DEFAULT ... too bad the carriers don't care about user protection (guess they get some share of those sales)
__________________
sent from my computer
0815 is offline   0 Reply With Quote
Old Dec 13, 2012, 09:48 AM   #38
MacFoodPoisoner
Banned
 
Join Date: Dec 2012
Quote:
Originally Posted by LimeiBook86 View Post
Glad to see Apple keeping things up to date.
Not exactly keeping up to date when they managed to compromise at least 500,000 users data last year with the flashback trojan.

So far they 've only been "in talks" with security firms, unless they stop being cheapskates and start purchasing and incorporating some security companies to work on os x's security they won't be able to keep up with half measures. They 've grown way too large to keep ignoring the threats.

So, cough it up apple, we as users have been coughing up 50% margins long enough so you can afford it...
MacFoodPoisoner is offline   3 Reply With Quote
Old Dec 13, 2012, 10:01 AM   #39
0815
macrumors 65816
 
0815's Avatar
 
Join Date: Jul 2010
Location: here and there
Quote:
Originally Posted by oneMadRssn View Post
Really? Nothing? How about on that infamous OS, which still has about 3 times as compared to the quantity of mac users. Windows XP (still about 20-35% market share, depending on how you measure) is is certainly able to get have viruses take over the entire os, rendering it practically unfixable, regardless of default security features. Let's not forget the second most popular OS of today.

However, your are correct as to Windows7, which does fare much much better, and has the most users of all.
So you are telling me it would be safe to free up some resources on windows 7 machines and remove the virus scanner?
__________________
sent from my computer
0815 is offline   0 Reply With Quote
Old Dec 13, 2012, 10:06 AM   #40
JHankwitz
macrumors 68000
 
Join Date: Oct 2005
Location: Wisconsin
Send a message via AIM to JHankwitz
Quote:
Originally Posted by Sony311 View Post
And people always defended OSX for being virus/spyware free... LOL. Welcome to reality. Hopefully Apple can keep up with the variations that are no doubt going to be roaming out in the wild based on this.
And people say the earth is flat and man never walked on the moon. So? There are always 'outliers' in every population.
JHankwitz is offline   0 Reply With Quote
Old Dec 13, 2012, 10:10 AM   #41
Sacird
macrumors 6502a
 
Join Date: May 2010
Location: Northern, VA
Quote:
Originally Posted by 0815 View Post
So you are telling me it would be safe to free up some resources on windows 7 machines and remove the virus scanner?
God I would be way too freaked over drive by downloads and I am pretty PC savvy, not the best in the world but won't make any really bad mistakes. As far as I am aware of at the moment a fully patched OSX system doesn't have anything that can affect it. I am sure there is one or two though out there but I feel safe with no condom on OSX.
Sacird is offline   0 Reply With Quote
Old Dec 13, 2012, 10:17 AM   #42
JHankwitz
macrumors 68000
 
Join Date: Oct 2005
Location: Wisconsin
Send a message via AIM to JHankwitz
Quote:
Originally Posted by ArtOfWarfare View Post
Nicely handled, it would seem.

But really, it seems to me this is an issue phone service providers should handle. Why is the money that they handle handled so insecurely? Shouldn't our provider send us some sort of message for us to confirm that some company is going to start leaching money via our phone bill and shouldn't they block companies that they find frequently commit this kind of fraud?
They do and they did. That's why Apple sends you an e-mail every time you make an iTunes or Apple account has been charged. Sources of these problems are very hard to track down, if not impossible. If you 'follow the money', the ones that benefit the most from these scams are usually the virus software companies. Without constant attacks, their sales drop significantly.
JHankwitz is offline   0 Reply With Quote
Old Dec 13, 2012, 10:18 AM   #43
oneMadRssn
macrumors 6502a
 
oneMadRssn's Avatar
 
Join Date: Sep 2011
Location: Boston, MA
Quote:
Originally Posted by 0815 View Post
So you are telling me it would be safe to free up some resources on windows 7 machines and remove the virus scanner?
Anymore other than Microsoft's own Windows Security Essentials is superfluous on Win7 at this point. I have stopped using Norton/Symantec/McAfee/Avira/AVG/Avast/etc a while ago on my Win7 computers.

As with every system: the best defense is being ready, so having an automatic nightly backup is most important.
oneMadRssn is offline   1 Reply With Quote
Old Dec 13, 2012, 10:21 AM   #44
JHankwitz
macrumors 68000
 
Join Date: Oct 2005
Location: Wisconsin
Send a message via AIM to JHankwitz
Quote:
Originally Posted by KdParker View Post
I really hope that people will not give a cell number just to install some free software.
There are many people out there that will do anything their computer tells them to do. They even believe what they read on the internet. Go figure.
JHankwitz is offline   1 Reply With Quote
Old Dec 13, 2012, 10:27 AM   #45
futileBuffalo
macrumors newbie
 
Join Date: Dec 2012
For those arguing if Mac is virus free or not, keep in mind that you can never guarantee an operating system to be 100% secure. It might be possible to infest a Mac with a virus.
Here's an exmple. Apple somehow automatically updates the list of malware signatures on your computer. That means when your computer receives a message from Apple, it writes to a file on your computer with (most likely) root privileges. This is a possible attack point, where a hacker could perform a middle man attack and put a malicious payload in the packets.

I'm not saying this is going to work. It most definitely won't. But if you're creative enough, and smart enough, you could maybe find a way to infect the Mac. Nothing is 100% secure. It just so happens that people have spent decades already terrorizing Windows and there are many books to learn how to do this.
Not so much for Mac.
futileBuffalo is offline   0 Reply With Quote
Old Dec 13, 2012, 10:30 AM   #46
dreadnort
macrumors member
 
Join Date: Jun 2012
If Mac's don't get infected why have they change the 'Why OSX is better' page on their site from Don't get viruses to built to be safe.

On that note

Quote-----------
One common mistake that people make when the topic of a computer virus arises is to refer to a worm or Trojan horse as a virus. While the words Trojan, worm and virus are often used interchangeably, they are not exactly the same thing. Viruses, worms and Trojan Horses are all malicious programs that can cause damage to your computer, but there are differences among the three, and knowing those differences can help you better protect your computer from their often damaging effects.

It's about knowing whats what and how to deal with it. OSX is safer but not immune.
It's only bullet proof until you start shooting at it
dreadnort is offline   1 Reply With Quote
Old Dec 13, 2012, 10:43 AM   #47
Shrink
macrumors Demi-God
 
Shrink's Avatar
 
Join Date: Feb 2011
Location: New England, USA
Quote:
Originally Posted by KdParker View Post
That's alot of work to get that trojan.
Slacker!!

If you're not willing to do a little work to get a Trojan, well...you just don't deserve one.

Such laziness!!

__________________
Two things are infinite, the universe and human stupidity; and I'm not sure about the universe. -- Albert Einstein
Shrink is offline   1 Reply With Quote
Old Dec 13, 2012, 10:43 AM   #48
topmounter
macrumors 68000
 
topmounter's Avatar
 
Join Date: Jun 2009
Location: FEMA Region VIII
Good News: This "scam" only works on the clinically retarded.

Bad News: The lack of common sense nowadays has crippled a large percentage of the population with a certain level of clinical retardation.
__________________
iLoveDrones.com
topmounter is offline   3 Reply With Quote
Old Dec 13, 2012, 11:31 AM   #49
TallManNY
macrumors 68000
 
TallManNY's Avatar
 
Join Date: Nov 2007
Setting aside the installation issue (which we have to do from time to time, I'm looking at you Adobe), I don't get how the payment works though. If your mobile phone is getting debited, then isn't your phone company collecting the money? Since this is an identified scam, why would your phone company be turning that money over to the criminals. And even if the criminals slipped a bunch of installations through before this was identified, shouldn't the phone company have the paper trail that shows which bank the money was sent to? And the bank (at least US banks) are required to be able to identify their customers. Which means there should be a paper trail leading back to the criminals secret lair. Of course there is little chance these criminals are in the US. And banking laws are more relaxed overseas. But still this scam should be traceable or at least intercept-able by the phone company.
__________________
Mid-2011 3.1GHz i5 iMac (6970m); Late-2007 Macbook; HP Spectre (Win 8.1)
BBRY Q10; iPhone 5; iPad Mini-R
Apple Stockholder (a nice dividend, stock buybacks and cutting edge innovation? yes please!)
TallManNY is offline   0 Reply With Quote
Old Dec 13, 2012, 11:42 AM   #50
CodeBreaker
macrumors 6502
 
Join Date: Nov 2010
Location: Sea of Tranquility
Does GateKeeper allow the installer to run?
In other words, is the installer code signed by a valid developer certificate?
__________________
.
CodeBreaker is offline   0 Reply With Quote

Reply
MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Apple Enforces Adobe Flash Player Security Upgrade with Updated Malware Definitions MacRumors Mac Blog Discussion 51 Feb 15, 2014 11:04 AM
Problem with some safari malware or trojan inscrewtable Mac Basics and Help 3 Oct 30, 2013 11:01 AM
Malicious Apple Store Gift Card Scam Emails Target Users with Malware MacRumors Mac Blog Discussion 36 Aug 12, 2013 05:23 PM
Apple Updates OS X Anti-Malware Definitions to Block 'Yontoo' Adware MacRumors MacRumors.com News Discussion 66 Mar 26, 2013 08:22 AM
I want to perform a one-off virus/trojan/malware scan duncyboy OS X 10.8 Mountain Lion 9 Oct 19, 2012 02:32 PM

Forum Jump

All times are GMT -5. The time now is 04:47 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC