Mac malware adopts porn video disguise

[MacBytes]

Category: News and Press Releases
Link: Mac malware adopts porn video disguise
Description:: Computer security company discovers two new pieces of malware for the Apple Mac OS X operating system - one of which is distributed via an adult hardcore video website.

Posted on MacBytes.com
Approved by Anonymous

 

[NinjaHERO]

Yeah, how long before we get an update that fixes this problem?

 

[dejo]

Yeah, how long before we get an update that fixes this problem?

How is an update going to prevent a trojan from being installed via social engineering tricks?

 

[Rodimus Prime]

Yeah, how long before we get an update that fixes this problem?

for apple quite a while. Apple is pretty poor when it comes to fixing things like this.

Apple Zero day incedent response time rate is very bad.

 

[Tallest Skil]

Yeah, how long before we get an update that fixes this problem?

I don't know. How long do you think it will take to make the general public more intelligent?

20 IQ points each should do it.

 

[speakerwizard]

you cannot stop someone from downloading something, mounting / unzipping it, installing it and then verifying it with an admin password, if you get that far and go to that effort to install the malware, chances are you deserve it to teach you a lesson lol

 

[yellow]

How is an update going to prevent a trojan from being installed via social engineering tricks?

Agreed.


http://www.sophos.com/security/analyses/viruses-and-spyware/osxjahlavc.html

OSX/Jahlav-C is a Trojan created for the Mac OS X operating system. The initial malicious installer is distributed as a missing Video ActiveX Object.

As a part of the installation a malicious shell script file AdobeFlash is created in /Library/Internet Plug-Ins folder and setup to periodically run. The script contains another shell script in an encoded format which in turn contains a Perl script with the main malicious payload.

The perl script uses http to communicate with a remote website and download code supplied by the attacker.

Hard to protect people from themselves.



I have to be honest, I can't believe this was just discovered now. I've come across .DMGs from uh.. questionable.. umm... from time to.. err.. this is nothing new to me.

 

[MisterMe]

This is so much nonsense. The site attempts to install an ActiveX control. For those who understand such things, ActiveX is Windows-exclusive. I should correct myself. If you click on the "porn video," then it used to try to download a Windows .exe file. Now it just gets diverted to a malware warning from Google. A Mac user will have better luck sneaking a 50-caliber sniper rifle onto an El-Al flight than installing this thing.

Nothing to see here.

 

[benthewraith]

Is this like that pr0n4mac trojan that was floating around last year?

 

[WildCowboy]

This is so much nonsense. The site attempts to install an ActiveX control. For those who understand such things, ActiveX is Windows-exclusive. I should correct myself. If you click on the "porn video," then it used to try to download a Windows .exe file. Now it just gets diverted to a malware warning from Google. A Mac user will have better luck sneaking a 50-caliber sniper rifle onto an El-Al flight than installing this thing.

Nothing to see here.

Actually, it merely claims to be an Active X control. If it was, you'd be entirely correct, as Active X is Windows-only. But it's not Active X...it's a Mac trojan, and Mac users will be able to install it very easily, to their detriment.

Of course, knowledgeable Mac users would know that Active X is Windows-only and thus shouldn't be tricked by this, but they're the same people who would already know not to download things from unknown sources anyway.

 

[MacDawg]

Anyone else see the irony of getting "trojan" on a porn site?

Woof, Woof - Dawg

 

[weaponofgod]

Anyone else see the irony of getting "trojan" on a porn site?

Woof, Woof - Dawg

XD

 

[yellow]

Anyone else see the irony of getting "trojan" on a porn site?

No.



















kidding! you dawg!

 

[NinjaHERO]

I don't know. How long do you think it will take to make the general public more intelligent?

20 IQ points each should do it.

That's my thought exactly.

Apple releases I-intelligence, the AI computer program that does your thinking for you. No more of your computer asking you for permission, now it tells you what you should do. Hence, this problem fixed with an apple update.

 

[franchex]

Does the trojan asks for admin password?

 

[MacDawg]

Does the trojan asks for admin password?

Yes... well... not that I have visited the site and tried it, but yes, that is what a trojan does... well, the computer kind of trojan

Woof, Woof - Dawg

 

[Tallest Skil]

Yes... well... not that I have visited the site and tried it, but yes, that is what a trojan does... well, the computer kind of trojan

Woof, Woof - Dawg

Hey, I have your back...

What he meant to say was: A trojan can only ever do what it's designed to do by getting an administrator password from the user. So yes, you have to type it to have anything happen.

There. No need to put your respectability in question!

 

[nick9191]

An article from Sophos. Because Sophos really do want to warn you on the dangers of malware and are not just blowing things out of all proportion so that they can sell you their junk.

 

[Shookster]

If this article was from anyone other than an anti-virus company, I might pay attention.

They did not mention that ActiveX controls are not supported on the Mac (or, as far as I'm aware, on any browser other than IE) which would be the best way of educating people about this.

People need to THINK before they do things and not just click Yes on every dialog box. That's the best anti-virus mechanism.

 

[yellow]

People need to THINK before they do things and not just click Yes on every dialog box. That's the best anti-virus mechanism.

And the one least likely to ever be adopted.

 

[tempusfugit]

I don't know. How long do you think it will take to make the general public more intelligent?

20 IQ points each should do it.

seriously.

who installs an activeX object from a porn site for ANYTHING? if you get this virus I have to go out and say that you deserve it for being a retarded pervert.

 

[Tallest Skil]

seriously.

who installs an activeX object from a porn site for ANYTHING? if you get this virus I have to go out and say that you deserve it for being a retarded pervert.

Here's my thought on this whole codec nonsense:

If you have QuickTime/Perian and VLC and you still can't play it, it isn't worth watching.

 

[NinjaHERO]

seriously.

who installs an activeX object from a porn site for ANYTHING? if you get this virus I have to go out and say that you deserve it for being a retarded pervert.

Yeah, that doesn't seem like the smartest tech move.

 

[EmperorDarius]

It's simple, if a porn site asks you to install something, don't do it.
Come on, we're in 2009 and people still don't know which porn sites are reliable?

BTW:

And what do we find on that page? The following advice:

The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, antivirus software may offer additional protection.

"May offer additional protection?". Hmm.. Seeing as the attack mentioned above is not taking advantage of any OS vulnerabilities and just exploiting human weakness, I think Apple would be wise to change that "may" to a "will definitely".

Am I the only one who doesn't like this kind of attitude?

 

[BrokenChairs]

Ha, I just read this on one of my bookmarked technology sites and decided to visit here to see what the go was. After watching that 'pleasant' sophos video, it's quite simple...don't download the thing.

One thing I've learned from being online is if a site forces you to download something, research. It's certainly saved me from many problems on the PC side.

But I'm sure soon enough it will move from porn sites to more friendlier sites. That's when I know I'll be getting calls from my family asking what it's all about!