New OSX Trojan?

Discussion in 'macOS' started by sochet, Nov 6, 2007.

Thread Status:
Not open for further replies.
  1. sochet macrumors regular


    Nov 1, 2006
    This maybe old news, but I've just heard that a new Trojan horse has been written for osx that exploits a security problem in Quicktime. I assume Apple will release a patch for this right?

    Here's the bbc news link (and yes the link is legitimate)
  2. motulist macrumors 601


    Dec 2, 2003
    This is not a security breach. There's nothing ANY os can do to stop the user from running software he chooses to run that already requires you to enter your administrator password in order to run.
  3. sochet thread starter macrumors regular


    Nov 1, 2006
    Very true but could there be a way for Quicktime to remove compatibility to the offending codec?
  4. Wayfarer macrumors 65816


    Jun 15, 2007
    Yeah this is old news.

    By the way, Quicktime 7.4 was released yesterday to address security issues. :rolleyes:
  5. psonice macrumors 6502a

    Jul 22, 2005
    There's no security issue it's exploiting, and quicktime isn't involved. Infact, there IS no codec. What happens is:

    - You go to the site. It pops up a window, saying that the porn you're trying to get without paying for needs a codec for quicktime.
    - You then download an application that pretends to be a codec - it isn't, it's a trojan horse that gets something nasty onto your mac.
    - Now, you've downloaded it, so you decide to install the application. You even trust it so much that you give it your admin password so it has full access to the system, and it installs.
    Congratulations, you've now replaced the bit of software that connects your mac up with websites, and now when you go to ebay or your online bank, instead you go to a site that LOOKS normal, but is actually owned by some russian bloke who would very much like to borrow some money from your account.

    Basically, there are no security breaches here at all, no holes in osx, quicktime or whatever else being exploited (not to say there are no holes - there are!). All that's being exploited is stupidity and trust.
  6. gnasher729 macrumors P6


    Nov 25, 2005
    Oh well. Lets say a man knocks on your door. He says he is from the electricity company and needs to read your meter. You let him in, and when you don't watch, he steals everything he sees in your home.

    So you are saying that the electricity company shouldn't hire this kind of crooks. Truth is, they didn't. When he said he is from the electricity company, he was lying. When this software said it was a codec for Quicktime, it was lying.
  7. twoodcc macrumors P6


    Feb 3, 2005
    Right side of wrong
    yes this is very old. please close this thread
Thread Status:
Not open for further replies.

Share This Page