New Java-Based Malware Targets Mac OS X, But Threat Level Disputed

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Oct 27, 2010.

  1. macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    [​IMG]

    Security alert dialog box generated by malware's installation attempts
    Yesterday, Mac antivirus firm SecureMac issued an alert regarding a new piece of malware capable of infecting systems running Mac OS X by using a trojan horse method of entry to deploy a Java-based payload enabling a wide variety of nefarious functions.
    Rival antivirus firm Intego responded with a notice of its own, downplaying the imminent threat from the malware due to the fact that it does not appear to functioning as intended.
    Both companies have conveniently noted that they offer products capable of identifying and eliminating the malware, although users without protection software should be alerted by the malware installation generating a Mac OS X dialog box regarding the attempted action.

    Article Link: New Java-Based Malware Targets Mac OS X, But Threat Level Disputed
     
  2. TennisandMusic

    Joined:
    Aug 26, 2008
    #2
    Hmm...it's starting?
     
  3. macrumors 6502a

    Lucky736

    Joined:
    Jan 18, 2004
    Location:
    TX or MI
    #3
    If you're dumb enough to type your admin password, and sometimes username, along with clicking enter to something you have no idea about.... you deserve it.
     
  4. macrumors 6502

    Bonch

    Joined:
    May 28, 2005
    Location:
    Lithuania
    #4
    There isn't much business for anti-virus Mac OSX software. They might make more money developing iPhone fart apps.
     
  5. macrumors 6502

    Joined:
    Apr 12, 2003
    #5
    Callous as it may sound, anyone who lets Facebook install anything on their computer, especially something that asks for your password (does this even do that?), is an idiot. Sadly, idiots abound in the computer world. Just take a look at that intellectual hellhole known as Yahoo Answers. It's horrifying.
     
  6. macrumors 68040

    koobcamuk

    Joined:
    Oct 23, 2006
    #6
    My thoughts exactly.

    And so, it begins.

    This is what happens when average joe starts buying things I like. :mad:
     
  7. macrumors 601

    Yvan256

    Joined:
    Jul 5, 2004
    Location:
    Canada
    #7
    How do we completely delete Java from our system? I'm guessing a Spotlight search for "Java" will reveal most folders, but is there some other places to look for?
     
  8. macrumors 6502a

    RichardI

    Joined:
    Feb 21, 2007
    Location:
    Southern Ontario, Canada
    #8
    What are the odds that one of the companies mentioned in the original post would hire a hacker "under the covers" to create viruses and malware for the Mac so that they could then sell more anti-virus software?:confused:

    Rich :cool:
     
  9. macrumors 65816

    morespce54

    Joined:
    Apr 30, 2004
    Location:
    Around the World
    #9
    So what does it have to do with a "PhotoAlbum" certificate?
     
  10. macrumors 6502a

    Xian Zhu Xuande

    Joined:
    Jul 30, 2008
    #10
    Probably an observation like this in every thread discussing every would-be threat for every year since OS X was initially released.
     
  11. macrumors 603

    saving107

    Joined:
    Oct 14, 2007
    Location:
    San Jose, Ca
    #11
    read the article again,

     
  12. macrumors newbie

    Joined:
    Jan 29, 2009
    #12
    Didnt they just release a java update? maybe it was to address this
     
  13. macrumors member

    Joined:
    Mar 4, 2009
    #13
    What ever happened to the sandboxing thing in Java?
     
  14. macrumors newbie

    Joined:
    Mar 6, 2007
    #14
    Only days after Apple announces they will stop developing Java for Mac...
     
  15. macrumors 6502

    Joined:
    Feb 21, 2010
    #15
    I expect a security system update this evening to be rolled out fixing this issue.
     
  16. macrumors member

    Joined:
    Jun 13, 2007
    #16
    Pos

    Java is just as bad as Flash. Security holes in it all over the place. Now that Oracle has taken over Sun, it will just get worse as Oracle is just a bigger Adobe.
     
  17. macrumors 68000

    4JNA

    Joined:
    Feb 8, 2006
    Location:
    looking for trash files
    #17
    there, fixed that for you.
     
  18. macrumors 601

    Yvan256

    Joined:
    Jul 5, 2004
    Location:
    Canada
    #18
    The first, fastest and easiest way to counter such a problem is to uncheck the "Enable Java" checkbox in your Safari preferences. I haven't enabled Java in well over four years anyway.
     
  19. macrumors 6502a

    Joined:
    Oct 23, 2007
    Location:
    UK
    #19
    So, is it true that this trojan can instal itself without the need for the user to type an admin password? If so, this seems a slightly higher level of threat to the usual "if you're dumb enough to type in your password..." type of trojans in the past...

    I understand the article seems to suggest it, but is this behaviour confirmed?
     
  20. macrumors member

    Joined:
    Mar 4, 2009
    #20
    I found a potential video that could be something

    [​IMG]
     
  21. macrumors regular

    gguerini

    Joined:
    Jun 28, 2007
    Location:
    São Paulo, Brazil
    #21
    Don't worry guys. Apple just dropped the support for Java on Lion!! :D:D
    See, there was a reason. And you guys complaining... hahaha
     
  22. macrumors 603

    Carlanga

    Joined:
    Nov 5, 2009
    Location:
    PR
    #22
    I bet you that SecureMac created this malware....:rolleyes:
     
  23. macrumors 6502

    Joined:
    Jan 26, 2006
    #23

    They are not clear, which seems deliberate. Trojans are not like viruses, trojans require the user to accept it, thus the name. Since they say it runs an installer and modifies system files, it is probably requesting a password for the system through the installer. Note that all infections to date on Macs require the user to input their password to become infected. As stated above, anyone who actually gives the installer, that auto runs after playing the video, your password is not being cautious or educated and deserves it as a means of learning the hard way not to do this. There will never be a way to stop Trojans on any OS, it's the viruses that are the real threat.

    Still no viruses for Macs.
     
  24. macrumors regular

    Joined:
    Apr 20, 2010
    #24
    if not java - what?

    wow, didn't know that - java applets were sold to us very secure - the whole sandbox concept. I see why sj wants to put that in the past - but what can replace it?
     
  25. macrumors 65816

    frunkis54

    Joined:
    Apr 2, 2009
    #25
    the only potential problem i see is a can't watch the above video :rolleyes:
     

Share This Page