New OSX Trojan?

Discussion in 'macOS' started by sochet, Nov 6, 2007.

Thread Status:
Not open for further replies.
  1. sochet macrumors regular

    sochet

    Joined:
    Nov 1, 2006
    #1
    This maybe old news, but I've just heard that a new Trojan horse has been written for osx that exploits a security problem in Quicktime. I assume Apple will release a patch for this right?

    Here's the bbc news link (and yes the link is legitimate)

    http://news.bbc.co.uk/1/hi/technology/7079777.stm
     
  2. motulist macrumors 68040

    motulist

    Joined:
    Dec 2, 2003
    #2
    This is not a security breach. There's nothing ANY os can do to stop the user from running software he chooses to run that already requires you to enter your administrator password in order to run.
     
  3. sochet thread starter macrumors regular

    sochet

    Joined:
    Nov 1, 2006
    #3
    Very true but could there be a way for Quicktime to remove compatibility to the offending codec?
     
  4. Wayfarer macrumors 65816

    Wayfarer

    Joined:
    Jun 15, 2007
    #4
    Yeah this is old news.

    By the way, Quicktime 7.4 was released yesterday to address security issues. :rolleyes:
     
  5. psonice macrumors 6502a

    Joined:
    Jul 22, 2005
    #5
    There's no security issue it's exploiting, and quicktime isn't involved. Infact, there IS no codec. What happens is:

    - You go to the site. It pops up a window, saying that the porn you're trying to get without paying for needs a codec for quicktime.
    - You then download an application that pretends to be a codec - it isn't, it's a trojan horse that gets something nasty onto your mac.
    - Now, you've downloaded it, so you decide to install the application. You even trust it so much that you give it your admin password so it has full access to the system, and it installs.
    Congratulations, you've now replaced the bit of software that connects your mac up with websites, and now when you go to ebay or your online bank, instead you go to a site that LOOKS normal, but is actually owned by some russian bloke who would very much like to borrow some money from your account.

    Basically, there are no security breaches here at all, no holes in osx, quicktime or whatever else being exploited (not to say there are no holes - there are!). All that's being exploited is stupidity and trust.
     
  6. gnasher729 macrumors P6

    gnasher729

    Joined:
    Nov 25, 2005
    #6
    Oh well. Lets say a man knocks on your door. He says he is from the electricity company and needs to read your meter. You let him in, and when you don't watch, he steals everything he sees in your home.

    So you are saying that the electricity company shouldn't hire this kind of crooks. Truth is, they didn't. When he said he is from the electricity company, he was lying. When this software said it was a codec for Quicktime, it was lying.
     
  7. twoodcc macrumors P6

    twoodcc

    Joined:
    Feb 3, 2005
    Location:
    Right side of wrong
    #8
    yes this is very old. please close this thread
     
Thread Status:
Not open for further replies.

Share This Page