Good point. We should probably expect a lot of this corporate-sponsored nonsense about how Windows is just as secure as OS X in the fext few days and weeks. Lies, of course, but that's how the game is played.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Antivirus Firm Warns of New Mac OS X Spyware Application
- Thread starter MacRumors
- Start date
- Sort by reaction score
Good point. We should probably expect a lot of this corporate-sponsored nonsense about how Windows is just as secure as OS X in the fext few days and weeks. Lies, of course, but that's how the game is played.
Just for the sake of clarity it was a joke:
Google adopts Mac OS X -> Mac OS X becomes 'Mainstream' -> More Mac OS X viruses
I could b e wrong....
I could be wrong, but the way I read this, you have to install the software yourself and type in your password to make this effective. I do not believe that it comes as part of software you get via MacUpdate, with the possible exception of some obscured software.
As the arcicle reads the additinal software is downloaded when you download the legitimate package, which means to me that either MacUpdate is responsible for the malware since they allow it to be sent to us or the issue is with the developer responsible for the software package that gets downloaded to my system.
Even withthe auto download, it sounds like you have to accept installing the foreight package and type your password to install.
Anyone can write a script that causes damages, however you have to download it, decide to install it, then you need to also execute it before it bites you in the butt.
This is probably a concern for those auto-clickers that click yes to anything without even reading. I do not believe most OSX users will need worry about it.
Those that provide the downloads like MacUpdate and others will need to worry about it or they may see their butget eaten by legal fees.
I could be wrong, but the way I read this, you have to install the software yourself and type in your password to make this effective. I do not believe that it comes as part of software you get via MacUpdate, with the possible exception of some obscured software.
As the arcicle reads the additinal software is downloaded when you download the legitimate package, which means to me that either MacUpdate is responsible for the malware since they allow it to be sent to us or the issue is with the developer responsible for the software package that gets downloaded to my system.
Even withthe auto download, it sounds like you have to accept installing the foreight package and type your password to install.
Anyone can write a script that causes damages, however you have to download it, decide to install it, then you need to also execute it before it bites you in the butt.
This is probably a concern for those auto-clickers that click yes to anything without even reading. I do not believe most OSX users will need worry about it.
Those that provide the downloads like MacUpdate and others will need to worry about it or they may see their butget eaten by legal fees.
o sorry
i tried to put that command in and it said command not found so either im doing something wrong, im in the clear or that command wont work so idkedit: got the command to work and nothing came up so im good woooooo!
Guess I'm clean... but if it was a trap, I fell for it
Not a chance. Netstat command is to monitor network status only. Run netstat only to see all network connections.
Hate to break it to ya, but there's been a dozen posts like this one every single time something which even vaguely resembles a security threat has come along for OS X. And that trend is going to continue.
Assuming Windows 7 and OS X are roughly equal in terms of security (I'm assuming here) but Windows has a much larger target on its back along with a far bigger catalog of malware, I'll go ahead and stick with OS X for the time being, for my main OS.
OS X is built on FreeBSD with a Mach-kernel. Linux is no part of it. At all.
Not at all. We all know that one of those developers decided to spend their 20% "me time" writing this thing. Apple should sue.
List of affected Apps from Macnn.
MishInc FLV To Mp3
Secret Land ScreenSaver v.2.8 Color Therapy Clock ScreenSaver v.2.8 7art Foliage Clock ScreenSaver v.2.8 Nature Harmony Clock ScreenSaver v.2.8 Fiesta Clock ScreenSaver v.2.8 Fractal Sun Clock ScreenSaver v.2.8 Full Moon Clock ScreenSaver v.2.8 Sky Flight Clock ScreenSaver v.2.8 Sunny Bubbles Clock ScreenSaver v.2.9 Everlasting Flowering Clock ScreenSaver v.2.8 Magic Forest Clock ScreenSaver v.2.8 Freezelight Clock ScreenSaver v.2.9 Precious Stone Clock ScreenSaver v.2.8 Silver Snow Clock ScreenSaver v.2.8 Water Color Clock ScreenSaver v.2.8 Love Dance Clock ScreenSaver v.2.8 Galaxy Rhythm Clock ScreenSaver v.2.8 7art Eternal Love Clock ScreenSaver v.2.8 Fire Element Clock ScreenSaver v.2.8 Water Element Clock ScreenSaver v.2.8 Emerald Clock ScreenSaver v.2.8 Radiating Clock ScreenSaver v.2.8 Rocket Clock ScreenSaver v.2.8 Serenity Clock ScreenSaver v.2.8 Gravity Free Clock ScreenSaver v.2.8 Crystal Clock ScreenSaver v.2.6 One World Clock ScreenSaver v.2.8 Sky Watch ScreenSaver v.2.8 Lighthouse Clock ScreenSaver v.2.8
MishInc FLV To Mp3
Secret Land ScreenSaver v.2.8 Color Therapy Clock ScreenSaver v.2.8 7art Foliage Clock ScreenSaver v.2.8 Nature Harmony Clock ScreenSaver v.2.8 Fiesta Clock ScreenSaver v.2.8 Fractal Sun Clock ScreenSaver v.2.8 Full Moon Clock ScreenSaver v.2.8 Sky Flight Clock ScreenSaver v.2.8 Sunny Bubbles Clock ScreenSaver v.2.9 Everlasting Flowering Clock ScreenSaver v.2.8 Magic Forest Clock ScreenSaver v.2.8 Freezelight Clock ScreenSaver v.2.9 Precious Stone Clock ScreenSaver v.2.8 Silver Snow Clock ScreenSaver v.2.8 Water Color Clock ScreenSaver v.2.8 Love Dance Clock ScreenSaver v.2.8 Galaxy Rhythm Clock ScreenSaver v.2.8 7art Eternal Love Clock ScreenSaver v.2.8 Fire Element Clock ScreenSaver v.2.8 Water Element Clock ScreenSaver v.2.8 Emerald Clock ScreenSaver v.2.8 Radiating Clock ScreenSaver v.2.8 Rocket Clock ScreenSaver v.2.8 Serenity Clock ScreenSaver v.2.8 Gravity Free Clock ScreenSaver v.2.8 Crystal Clock ScreenSaver v.2.6 One World Clock ScreenSaver v.2.8 Sky Watch ScreenSaver v.2.8 Lighthouse Clock ScreenSaver v.2.8
There's a big difference (in the results) of hacking servers vs. personal computers. If you attack a server, you're likely either trying to tick off a company and shut it down for a few hours or you're actively trying to steal massive amounts of data...whether it's trade secrets or credit card numbers. Also, to address your Linux question....I'm sure people are attacking Linux every day of the week...but for all the promotion of Linux being in the enterprise, it's not always serving up cool data that some hacker may want. I'm certainly not saying Linux is 2nd fiddle to Windows or Unix on a technical level, but from a business standpoint, Linux is rarely the critical system in an IT department's array of systems. I said rarely.
For personal computers, usually viruses are out there to erase your data. Spyware and Malware, on the other hand, are out there to steal your personal data and/or attempt to trick you to purchase a tool to supposedly fix the infestation. Sometimes the malware/spyware is just there to open popups and click on links so the author will get a nickel for every click. Some install keystroke loggers. I would much rather get a virus than malware/spyware.
So folks need to be clear about what kind of security threat they are talking about...spyware? virus? malware? DOS attack? etc.
I would have to guesstimate that since 2005, 90% of "virus reports" by PC end users are really Malware or Spyware. I know lots of people who have gotten malware or spyware...however, in the past 10+ years, I know of nobody who has truly gotten a "virus".
I know... but the 'fgrep' sounds creepy. Isn't that kind of "Search and replace/regular expressions" kinda stuff?
Except that it was the other way around, it was not a gift from the Trojans, it was gift given to the Trojans.
Guess I'm clean... but if it was a trap, I fell for it
I am also tempted to give that a try...
Can anyone else confirm this isn't a trap?
No, that would be sed. Ever heard of man ?
NAME
grep, egrep, fgrep - search a file for a pattern
Wow, what a dangerous command. I meant, searching a file for a pattern. Real trouble right there.
And before you ask, fgrep is simply grep -F. What -F does is an exercise left up to the reader.
I am also tempted to give that a try...
Can anyone else confirm this isn't a trap?
*sigh*
Seriously guys :
netstat - network statistics
-an - -a displays "all connections", -n is to prevent ressource resolution and just display numerical adresses/ports
-f inet - display only inet family. This would be TCP/UDP/IP connections.
| - The pipe symbol. Send whatever the netstat command writes to standard out to the next command on its standard in.
fgrep - search a file for a pattern (or in the case, search input on stdin for a pattern)
pattern - the pattern to look for.
The man command. Use it.
It's basically adware
I read up on this here:
http://blog.intego.com/2010/06/01/p...lications-that-install-osxopinionspy-spyware/
and here
http://www.premieropinion.com/About.aspx
Looks like this is a version of adware, which was once pervasive in Windows shareware (not sure if it still is - I don't download Windows software). It's a "sort-of" spyware, but that's unknown since we're unsure exactly what data they collect. But they're clear they do collect detailed web browsing habits - their privacy page makes that obvious. They claim the info isn't shared, and is only used in aggregate. Who knows.
Basically the PremierOpinion people pay shareware authors to include their software in their downloads. So the authors get their money from them instead of from you. In exchange, the PremierOpinion software sends some personal info to them, which they collect and then do something with. What they collect and what they do with that info isn't clear from their web site.
There are only two companies' products listed in the Intego blog post - one that makes a bunch of screensavers, and one that makes an audio converter. That's it. The developers of these apps are responsible for creating the relationship between them and PremierOpinion, and thus putting this in the hands of the users.
I haven't installed the software (nor will I) but it does NOT appear to be a virus or trojan of any type. It's a twist on adware. (Adware also collected your private info in addition to filling your screen with crappy ads.) There's a business behind it, of at least some level of legitimacy. In other words - someone who is responsible for this. They shouldn't exist, but they do.
In my opinion the software vendors are the ones to blame here, for agreeing to pollute their software with this crap. They should be embarrassed. Hopefully these two unknown companies are the only ones doing this, and it ends here.
Intego should also be held accountable for labeling this as something it isn't, and using it to their own marketing advantage.
I read up on this here:
http://blog.intego.com/2010/06/01/p...lications-that-install-osxopinionspy-spyware/
and here
http://www.premieropinion.com/About.aspx
Looks like this is a version of adware, which was once pervasive in Windows shareware (not sure if it still is - I don't download Windows software). It's a "sort-of" spyware, but that's unknown since we're unsure exactly what data they collect. But they're clear they do collect detailed web browsing habits - their privacy page makes that obvious. They claim the info isn't shared, and is only used in aggregate. Who knows.
Basically the PremierOpinion people pay shareware authors to include their software in their downloads. So the authors get their money from them instead of from you. In exchange, the PremierOpinion software sends some personal info to them, which they collect and then do something with. What they collect and what they do with that info isn't clear from their web site.
There are only two companies' products listed in the Intego blog post - one that makes a bunch of screensavers, and one that makes an audio converter. That's it. The developers of these apps are responsible for creating the relationship between them and PremierOpinion, and thus putting this in the hands of the users.
I haven't installed the software (nor will I) but it does NOT appear to be a virus or trojan of any type. It's a twist on adware. (Adware also collected your private info in addition to filling your screen with crappy ads.) There's a business behind it, of at least some level of legitimacy. In other words - someone who is responsible for this. They shouldn't exist, but they do.
In my opinion the software vendors are the ones to blame here, for agreeing to pollute their software with this crap. They should be embarrassed. Hopefully these two unknown companies are the only ones doing this, and it ends here.
Intego should also be held accountable for labeling this as something it isn't, and using it to their own marketing advantage.
What would they patch? The hole in the brains of the users that decide to click "yes" on the installation dialog?
Thank you! I'm not a command-line guy, you know
Yeah I heard of man back in school... the first example was (drumroll...) "man man"EDIT: And sorry for starting the 'panic'... I wasn't that worried