Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Antivirus Firm Warns of New Mac OS X Spyware Application

yiyopr said:
I disagree,
Click to expand...

I understand where you are coming from...but you are missing a big point...just because you can program on Windows, doesn't mean you can program on OSX. The exploits that Windows attackers use are within the operating system, the APIs, etc. Windows and OSX are completely different...the underlying code, how it's written, APIs, etc.

So I can be a fantastic programmer in Windows and if you sat me at a Mac I wouldn't have a clue how to even write (let alone hack) the Mac. I'm not talking about writing C or Java programs...those are all basically universal as you simply compile your code on other machine...but in order to attack a system you need to know how the system works in great detail and be able to (in the computer world) write code to exploit any problems.

Just because I am an English speaking entrepeneur in the USA doesn't mean I can move to Spain and set up a business using the Spanish language (and coordinate all the ins and outs of doing business in Spain).
 
ericinboston said:
Yeah...busy day...but the fun part here is that I did not edit my original post...the flames were just coming too fast so I'll just sit here and watch people's veins boil because they can't read down a few posts to see my typo apology.

:)
Click to expand...

I saw your apology post, that is why I posted a reply :p
 
LOL ''Today Intego released a report''
I hate Intego bunch of liars and thieves. They probably had a hand, in this trojan's development.

Listen people. Don't install untrusted crappy software. If you do find yourself wanting installing some weird piece of programing. Make sure you download it from a trusted source, usually the developers site. Pay attention to what it want's you to install. If it requires you to download other packages or plugins, stay away.
 
Hints for newbies:

1. There is no virus problem for OS X

2. Still

3. Despite this hyped story

4. Even when OS X is used by billions
 
notjustjay said:
NO operating system is completely invincible.
Click to expand...

Maybe, Windows Vista with all of it's UAC controls :eek:


Anyways, I don't really download any freeware, and if I do, it's something that has good reviews and are preferably on cnet.com
 
Wow this is all a bit crazy. I'd say the chances are very low, but yesterday I downloaded a clock screensaver for the old orange iBook I bought a while back to use for music ... and for general awesomeness, even posting this from Safari 1.3.2, 10.3.9 :).

I've always really liked the 'show clock with screensaver' of SL, because I do actually have the screensaver set to come on, just out of habit I guess. Anyway, I had trouble finding one that would download successfully and run on Panther - tried a couple that were listed in an earlier post:
• 7art foliage clock screensaver tried to download a .exe so that didn't get very far;
• Another one could not successfully decompress - even on my SL machine it just stayed as a .gz and said there was something wrong with it, maybe it was already defending against the malware ;);
• In the end went with Time-Cycler, which is not on that list, and did not require any agreement to install, just drag & drop.

With that plus the fact it was made in '04, and the terminal command comes up blank, I think I'll be all right, but it is uncanny! And the poor orange iBook can't quite keep up with the movement of seconds and does 2 at once every 10 or so :).
 
iSee said:
Dang it, I hope this isn't a sign of things to come...

Serveral years ago I switched my wife to Mac. Despite my warnings, explanations, demands and threats, she would (apparently) download and installing almost anything purporting to help her consume celebrity gossip. Needless to say, this lead to many infections which I had to waste tons of time to wipe out.

I so don't want to go back there.

If this kind of thing becomes prevalent, I'll have to (at least) make her a non-admin on her machine, if I can get away with it...
Click to expand...

Be more subtle, give her an iPad :D
 
Small White Car said:
Because of all the Mac users I know, none of them download new screensavers. But of all the Windows users I know, I'd say a handful of people have done it.

So if no Mac users do it and some Windows users do it, well, that's something I'd call "a Windows thing."
Click to expand...

Because the people you know are indicative of the entire computer using population of planet earth, right?
 
ericinboston said:
Where are all the people on this forum that for years proclaimed that Mac OS was virus/spyware free and there would NEVER be viruses/spyware due to OSX being built on Linux.
Click to expand...
I don't know. I've been on these forums for a while and havn't seen such remarks. In 10 million entries by smug Mac users, you probably won't have any problems finding such statements. Or...
Well.. I dare you!
 
SteinMaster said:
The reason there is so much PC malware and not much OSX is it is more profitable for malware writers to infect PC's. There are many more PC users (individuals and companies) than Mac users. As Macs become more popular (i.e. Google switching to Linux or OSX), there will be more OSX threats. Linux/Unix is not immune to malware at all.
Click to expand...

TennisandMusic said:
This kind of thing will only increase as Macs continue to gain popularity. But it seems most people don't understand the difference between a "virus" and "malware." Does ANYONE on any platform get viruses anymore?

Any platform is susceptible to malware.
Click to expand...

Sure but virsues won't and that is what people keep claiming, yet it is untrue.

There are thosuands upon tens of thousands of virii for pcs and none for Macs. Market share does not cause that to happen. If that were true there would be fewer for mac, but a lot compared to none means there is something more significant at play.
 
ericinboston said:
Correct on all points. And this is what you, me, and other intelligent people have been saying for decades.
Click to expand...

I'm not so sure you are as smart as you think you are. Read the comments below this article. http://www.infoworld.com/d/security...rity-keeps-them-safer-hacking-and-malware-138

Here is a part of one of the comments
>>>>>
There are millions and millions of Linux/BSD (OS X is basically BSD) computers connected to the Internet, which, if successfully exploited (not simply attacked) would create a powerful botnet indeed. If I were building a botnet I would much rather have a bunch of high performance Linux/BSD servers, connected to fat pipes and easily administered remotely at my 24/7 disposal than an equal or larger number of Windows boxes. Additionally, if I were only interested in stealing data, It seems to me that there is probably more valuable information stored on Linux/Unix/BSD servers out there than on Windows. The return on effort for successfully EXPLOITING a Linux/BSD/Unix would be more than worth the effort on the part of malware criminals. But the fact is, the efforts simply don't pay off. The BSD/Linux/Unix boxes are inherently more secure and the software that one compiles in these operating systems can be made far more secure than Windows by using PAM libraries and taking advantage of the work done by the NSA. Why is Windows so vulnerable? Windows is vulnerable to exploitation because it rests upon an architecture than never anticipated the Internet and Microsoft has found it impossible to maintain backward compatibility and simultaneously move away from the isolated, single user security weaknesses built in to the design of Windows
>>>>>>>>>
 
Suspicious Intego behavior

Subscription of Intego's Virusbarriers for people who obtained it with the last MacHeist just run out only a few days ago. Now you either need a new subscription or new product, what's up with that? Intego isn't giving away a free update for those just missing the boat either. Or maybe they are just exactly 2 months late with their April's Fools' joke.
 
azazel- said:
Fair enough, but I'm curious why a memory-resident malware scanner is blocking portions of this website from loading. I find it rather humorous, that a website plastering flamebait articles like this on their front page, is itself blocked by one of the most reputable Windows malware scanners on the market.
Click to expand...

Malwarebytes has an issue with Softlayer.

see: https://forums.macrumors.com/threads/864961/

arn
 
phillipduran said:
I'm not so sure you are as smart as you think you are. Read the comments below this article. http://www.infoworld.com/d/security...rity-keeps-them-safer-hacking-and-malware-138

Here is a part of one of the comments
>>>>>
There are millions and millions of Linux/BSD (OS X is basically BSD) computers connected to the Internet, which, if successfully exploited (not simply attacked) would create a powerful botnet indeed. If I were building a botnet I would much rather have a bunch of high performance Linux/BSD servers, connected to fat pipes and easily administered remotely at my 24/7 disposal than an equal or larger number of Windows boxes. Additionally, if I were only interested in stealing data, It seems to me that there is probably more valuable information stored on Linux/Unix/BSD servers out there than on Windows. The return on effort for successfully EXPLOITING a Linux/BSD/Unix would be more than worth the effort on the part of malware criminals. But the fact is, the efforts simply don't pay off. The BSD/Linux/Unix boxes are inherently more secure and the software that one compiles in these operating systems can be made far more secure than Windows by using PAM libraries and taking advantage of the work done by the NSA. Why is Windows so vulnerable? Windows is vulnerable to exploitation because it rests upon an architecture than never anticipated the Internet and Microsoft has found it impossible to maintain backward compatibility and simultaneously move away from the isolated, single user security weaknesses built in to the design of Windows
>>>>>>>>>
Click to expand...

While I would agree with that assessment I think it requires some additional details.

Sure, I would want all of those Linux, Unix, BSD, etc boxes to create a botnet. However, you have to consider that the majority of these are being managed by people who know security. And that is one stark difference between a Windows box and a Unix Server.

I don't doubt that Windows is vulnerable, but when you consider who is using and "managing" those Windows boxes it isn't surprising that you would spend your time exploiting Windows.

Those millions of Windows boxes are not being audited daily for vulnerabilities, like Unix servers are.
 
As I mentioned earlier, this whole topic is far too long to debate on a forum like this...and has been talked about in great detail in magazines before. Let me add some comments to your quote...all my comments are pointed at that author, not you.

phillipduran said:
>>>>>
There are millions and millions of Linux/BSD (OS X is basically BSD) computers connected to the Internet, which, if successfully exploited (not simply attacked) would create a powerful botnet indeed. If I were building a botnet I would much rather have a bunch of high performance Linux/BSD servers, connected to fat pipes and easily administered remotely at my 24/7 disposal than an equal or larger number of Windows boxes.
Click to expand...
First he seems to be talking about personal linux boxes, now all of a sudden servers within businesses. Which is it? Be clear. If you are purposely deviating, explain why.

Additionally, if I were only interested in stealing data, It seems to me that there is probably more valuable information stored on Linux/Unix/BSD servers out there than on Windows.
Click to expand...
You're joking right? a)there are far far far far more Windows and Unix servers out there than Linux. Simple mathematics tells you that the odds are much higher you will find gold attacking a Windows server than a Linux server. b)Even Linux boxes within corporate enterprises are not always storing/serving precious data...ditto for Windows or any other box in the company. I've visited numerous enterprises and their Linux boxes are merely web/app servers...not database servers or storing anything "mission critical". That's my experience and I'm not demeaning Linux.

The return on effort for successfully EXPLOITING a Linux/BSD/Unix would be more than worth the effort on the part of malware criminals.
Click to expand...
Bad comment...should have read "exploiting an enterprise server vs. exploiting a personal computer at a home". And even so, now we're judging criminals?....oh, he's stupid for targeting millions of users and trying to collect $5 from each person...wouldn't he be better off stealing one big $4million chunk from one company? One person's reasons are not anothers.

But the fact is, the efforts simply don't pay off. The BSD/Linux/Unix boxes are inherently more secure...
>>>>>>>>>
Click to expand...

Again, define "secure". In the past few years, yes, comparing OSX to XP or Vista would likely garner an agreement worldwide that in general, OSX is more secure than XP and Vista. But again, as I and others have stated, define "secure" and also note that something that's "secure" today will eventually be unsecure.
 
ericinboston said:
Where are all the people on this forum that for years proclaimed that Mac OS was virus/spyware free and there would NEVER be viruses/spyware due to OSX being built on Linux.
Click to expand...
To my recollection, no one here has ever stated that there would never be any malware for Macs.

Note: there have been very rare instances of malware for OS X already.

The only thing I remember reading is a lot of people saying that Macs are basically safer than Windows (as opposed to being more secure).

Besides, the underpinnings of OS X are based on BSD, not Linux. ;)
 
Reed Rothchild said:
Possibly... though it would be trivial for a malware writer (on submission of your password) to replace all of your system commands (including netstat) with their own version that reports whatever they program it to. Not an unusual occurrence in the Unix malware world.

But by and large, I wouldn't get too paranoid about it.
Click to expand...

That's what rootkits do, right? They hijack the system (file info, processes, all information is bogus) so you can't detect them/delete them... SONY is Evil!™
 
ericinboston said:
Huh? You're trying to argue a LARGE topic here by throwing out a few sentences. This topic of "why Macs have basically been less prone to security risks from 1992-2008 than Windows" has been talked in great length in other threads on this forum, other forums, and well-published magazines and newspapers. There is no way to summarize it. Please go find those threads if you really want to understand the technical and NON-technical reasons why systems are prone to security attacks...and why some systems more than others.

And no, who ever said that as soon as Mac personal computer market share hit 51% that they would all do down? The simpler statement would be that, as long as malware/spyware/viruses are legal/hard-to-punish in many countries they will continue to exist and evolve...and...they will continue to be written to affect the most widely adopted platforms/systems. Currently, if you were a malware/spyware/virus programmer, you would want to annoy the most people for your efforts. Therefore, hit the Windows platform. Next up would likely be a tie between Mac and Linux. And I believe that right now we are starting to see evil programmers take aim at the Mac as the Mac platform gains adoption. It's Marketing 101...if you're selling air conditioners, you're probably not going waste your budget and advertise in Alaska.
Click to expand...

That doesn't make any sense and is not true.
 
I'm curious as to why people are comparing any desktop OS with a secured version of BSD or Linux, running on a server, with no desktop software and often only one or two apps, with no user access.

Nobody surfs the web on a BSD box serving up a website/db/etc. Unless there's a bug exploitable by a worm, there's not going to be an issue with malware like there would be on a desktop OS.

It would be a lot more useful to compare like for like, instead of completely dissimilar setups.

marksman said:
That doesn't make any sense and is not true.
Click to expand...

I'm assuming you've never heard of Charlie Miller then?
 
iMouse said:
Get that update to Xprotect out, Apple!

You may not be able to prevent users from downloading and installing known spyware/malware, but you can certainly make it very apparent that you're installing something malicious if your system knows what it is.
Click to expand...

NewSc2 said:
Let's see how fast Apple patches this.
Click to expand...

Can't Apple update that list of known malware and then OS X will alert us that it is malware when it is downloaded and tries to install? Is that what you are talking about iMouse? You know that whole thing they added in Snow Leopard and all the PC guys cried anti-virus ignorantly.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back