Mac's First Trojan Begins to Breed

Discussion in 'MacBytes.com News Discussion' started by MacBytes, Nov 8, 2007.

  1. macrumors bot

    Joined:
    Jul 5, 2003
    #1
  2. macrumors Penryn

    Eidorian

    Joined:
    Mar 23, 2005
    Location:
    Cuidad de México
    #2
    First trojan?

    What about the iChat one from 2 years ago that used a Safari open safe file exploit. :rolleyes:
     
  3. macrumors 604

    QuarterSwede

    Joined:
    Oct 1, 2005
    Location:
    Colorado Springs, CO
    #3
    So the answer is still the same. Don't be stupid and give suspicious things downloaded from the internet access. D U H.
     
  4. macrumors 6502a

    foodog

    Joined:
    Sep 6, 2006
    Location:
    Atlanta, GA
    #4
    Oh WOW! not

    It is so crafty how it installs.
    1. You go to a website
    2. The dmg file downloads
    3. You Mac says "Hey do you want to open this file?" (unless you turned this off)
    4. The dmg file mounts, and a finder window opens
    5. You manually launch the installer
    6. You type in an admin name and password so the Trojan can install / load.

    Look out all the Macs on the planet are doomed. :rolleyes:

    Same Trojan on Windows

    1. You go to a website
    2. You get blasted by the driveby download
    3. You go buy a new computer because it runs really slow and the guy at the store tells you you need faster hardware. :D


     
  5. macrumors 65816

    GenesisST

    Joined:
    Jan 23, 2006
    Location:
    Where I live
    #5
    Well, it's from pr0n websites... So users have less blood to the brain and have to work with only one hand... :D
     
  6. Retired

    psychofreak

    Joined:
    May 16, 2006
    Location:
    London
    #6
    I don't think you can turn this off unfortunately, its a pain in the arse...
     
  7. macrumors 6502a

    gceo

    Joined:
    Jul 13, 2007
    Location:
    San Diego, CA
    #7
    As a Mac IT guy, this is pretty easy. I don't give anyone the password to their own workstation....

    Looks like win is pwned on this one.

    Anyone here remember the Auto-start (AKA Hong Kong) virus?
     
  8. macrumors member

    Joined:
    Sep 11, 2006
    Location:
    Belgium, Maaseik
    #8
    oh no? my safari automatically mounts my downloaded dmg files once they are completed so... :)
     
  9. macrumors 68000

    pgwalsh

    Joined:
    Jun 21, 2002
    Location:
    Colorado Springs, Colorado
    #9
    That's really wrong, but funny. :D
     
  10. Retired

    psychofreak

    Joined:
    May 16, 2006
    Location:
    London
    #10
    Mine too...although when first opening an app there is a message...
     
  11. macrumors 6502a

    byakuya

    Joined:
    Jul 26, 2007
    #11
    LOOL...that was a good one...
    while I think even Mac users will have to deal with malware and viruses eventually, this one can hardly be classified as "dangerous".
    best antivirus and malware protection is still a brain that is being used...regardless of the OS.
     
  12. macrumors G4

    Rodimus Prime

    Joined:
    Oct 9, 2006
    #12
    This is far from over. We can expect an expectational growth in the number of Trojans for the macs because of this. This one really has done some damage and now people are modifying them for there own usage and putting it back out there.

    It is going to grown and become worse and worse. Plus this is the first step down the road to the first virus hitting the mac. Also it going to be at some point mac user will need to start running antispyware scans, and AV scans. The spyware scanners coming first
     
  13. macrumors regular

    Joined:
    Jul 9, 2006
    Location:
    Washington D.C.
    #13
    that is exactly how it got me.....haha
     
  14. macrumors 6502

    Joined:
    Sep 14, 2007
    #14
    Earlier today, Safari gave me all these little popup windows that said "Your computer may be infected with a trojan" and offered for me to download virus protection. I clicked "cancel" on every one, and my computer seems just fine.
     
  15. macrumors 68000

    pgwalsh

    Joined:
    Jun 21, 2002
    Location:
    Colorado Springs, Colorado
    #15
    It's only going to get worse if people don't pay attention to what they're downloading and installing.
     
  16. macrumors 68000

    cal6n

    Joined:
    Jul 25, 2004
    Location:
    Brighton, UK
    #16
    Mine doesn't. In fact it doesn't do anything with downloads until I tell it.
     
  17. macrumors 6502

    Joined:
    Sep 11, 2007
    #17
    Go into your preferences and tell it not to automatically download and open. Problem solved.
     
  18. macrumors 68000

    cal6n

    Joined:
    Jul 25, 2004
    Location:
    Brighton, UK
    #18
    You're completely and utterly wrong. This changes almost nothing. It's just social engineering, that's all. Anyone who gives their password to a random website deserves all they get. Sorry to sound harsh, but that's it.

    *edit* On reflection, it does change something. It's probably actually worth running separate user and admin accounts now.
     
  19. macrumors 6502

    Joined:
    Sep 11, 2007
    #19
    Just like anyone who jailbreaks their phone and installs 3rd party apps is just asking for trouble.
     
  20. macrumors 65816

    Squonk

    Joined:
    Mar 15, 2005
    #20
    So let's just say I was stupid enough to install this. How can I remove it? [Please refrain from bashing me, ok??? please...] I'll say it again, I was stupid.
     
  21. macrumors Penryn

    Eidorian

    Joined:
    Mar 23, 2005
    Location:
    Cuidad de México
    #21
    http://www.macworld.com/2007/10/firstlooks/trojanhorse/index.php

    That took about 30 seconds of work in Google. That's an eternity for me.
     
  22. macrumors 68000

    cal6n

    Joined:
    Jul 25, 2004
    Location:
    Brighton, UK
    #22
    Read this and then learn to search...
     
  23. macrumors 603

    solvs

    Joined:
    Jun 25, 2002
    Location:
    LaLaLand, CA
    #23
    Especially since, if a non-admin on a locked down Windows machine gets a virus or trojan, which is entirely possible, they usually can't run the installer fix without an admin password.

    I'm with everyone else, don't download and install it if you don't know what it is.
     
  24. macrumors 65816

    Squonk

    Joined:
    Mar 15, 2005
    #24
  25. macrumors Penryn

    Eidorian

    Joined:
    Mar 23, 2005
    Location:
    Cuidad de México
    #25
    It wasn't the first hit and it took about 2 pages of hopping before I found it. :eek:
     

Share This Page