New OSX Trojan?

Status
Not open for further replies.

sochet

macrumors regular
Original poster
Nov 1, 2006
194
4
This maybe old news, but I've just heard that a new Trojan horse has been written for osx that exploits a security problem in Quicktime. I assume Apple will release a patch for this right?

Here's the bbc news link (and yes the link is legitimate)

http://news.bbc.co.uk/1/hi/technology/7079777.stm
 

motulist

macrumors 601
Dec 2, 2003
4,079
345
the linked article said:
Click "ok" and enter your systems adminstrator's password and it will be installed on your computer with full system access... Of course this Trojan relies on social engineering to spread, and it does not mark a breakdown in Mac OS security or anything like that.
This is not a security breach. There's nothing ANY os can do to stop the user from running software he chooses to run that already requires you to enter your administrator password in order to run.
 

sochet

macrumors regular
Original poster
Nov 1, 2006
194
4
This is not a security breach. There's nothing ANY os can do to stop the user from running software he chooses to run that already requires you to enter your administrator password in order to run.
Very true but could there be a way for Quicktime to remove compatibility to the offending codec?
 

Wayfarer

macrumors 65816
Jun 15, 2007
1,175
361
Yeah this is old news.

By the way, Quicktime 7.4 was released yesterday to address security issues. :rolleyes:
 

psonice

macrumors 6502a
Jul 22, 2005
968
0
There's no security issue it's exploiting, and quicktime isn't involved. Infact, there IS no codec. What happens is:

- You go to the site. It pops up a window, saying that the porn you're trying to get without paying for needs a codec for quicktime.
- You then download an application that pretends to be a codec - it isn't, it's a trojan horse that gets something nasty onto your mac.
- Now, you've downloaded it, so you decide to install the application. You even trust it so much that you give it your admin password so it has full access to the system, and it installs.
Congratulations, you've now replaced the bit of software that connects your mac up with websites, and now when you go to ebay or your online bank, instead you go to a site that LOOKS normal, but is actually owned by some russian bloke who would very much like to borrow some money from your account.

Basically, there are no security breaches here at all, no holes in osx, quicktime or whatever else being exploited (not to say there are no holes - there are!). All that's being exploited is stupidity and trust.
 

gnasher729

macrumors P6
Nov 25, 2005
16,686
3,378
Very true but could there be a way for Quicktime to remove compatibility to the offending codec?
Oh well. Lets say a man knocks on your door. He says he is from the electricity company and needs to read your meter. You let him in, and when you don't watch, he steals everything he sees in your home.

So you are saying that the electricity company shouldn't hire this kind of crooks. Truth is, they didn't. When he said he is from the electricity company, he was lying. When this software said it was a codec for Quicktime, it was lying.
 
Status
Not open for further replies.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.