Anti-Spyware Forums


Reply
Thread Tools Display Modes

Half a million Mac computers infected with malware

 
 
Virus Guy
Guest
Posts: n/a

 
      06-04-2012, 02:06 PM
http://www.bbc.co.uk/news/science-environment-17623422

5 April 2012

Half a million Mac computers 'infected with malware'

Apple laptop computer Dr Web says most infected computers are in the US

More than half a million Apple computers have been infected with the
Flashback Trojan, according to a Russian anti-virus firm.

Its report claims that about 600,000 Macs have installed the malware -
potentially allowing them to be hijacked and used as a "botnet".

The firm, Dr Web, says that more than half that number are based in the
US.

Apple has released a security update, but users who have not installed
the patch remain exposed.

Flashback was first detected last September when anti-virus researchers
flagged up software masquerading itself as a Flash Player update. Once
downloaded it deactivated some of the computer's security software.

Later versions of the malware exploited weaknesses in the Java
programming language to allow the code to be installed from bogus sites
without the user's permission.
Remote control

Dr Web said that once the Trojan was installed it sent a message to the
intruder's control server with a unique ID to identify the infected
machine.

"By introducing the code criminals are potentially able to control the
machine," the firm's chief executive Boris Sharov told the BBC.

"We stress the word potential as we have never seen any malicious
activity since we hijacked the botnet to take it out of criminals'
hands. However, we know people create viruses to get money.

"The largest amounts of bots - based on the IP addresses we identified -
are in the US, Canada, UK and Australia, so it appears to have targeted
English-speaking people."

Dr Web also notes that 274 of the infected computers it detected
appeared to be located in Cupertino, California - home to Apple's
headquarters.

Update wait

Java's developer, Oracle, issued a fix to the vulnerability on 14
February, but this did not work on Macintoshes as Apple manages Java
updates to its computers.

Apple released its own "security update" on Wednesday - more than eight
weeks later. It can be triggered by clicking on the software update icon
in the computer's system preferences panel.

The security firm F-Secure has also posted detailed instructions about
how to confirm if a machine is infected and how to remove the Trojan.

Although Apple's system software limits the actions its computers can
take without requesting their users' permission, some security analysts
suggest this latest incident highlights the fact that the machines are
not invulnerable.

"People used to say that Apple computers, unlike Windows PCs, can't ever
be infected - but it's a myth," said Timur Tsoriev, an analyst at
Kaspersky Lab.

Apple could not provide a statement at this time.
 
Reply With Quote
 
 
 
 
FromTheRafters
Guest
Posts: n/a

 
      06-04-2012, 03:58 PM
Virus Guy wrote:

[...]

> "We stress the word potential as we have never seen any malicious
> activity since we hijacked the botnet to take it out of criminals'
> hands. However, we know people create viruses to get money.


Not a virus!

[...]


 
Reply With Quote
 
 
 
 
Dustin
Guest
Posts: n/a

 
      06-04-2012, 05:10 PM
Virus Guy <(E-Mail Removed)> wrote in news:(E-Mail Removed):

> "People used to say that Apple computers, unlike Windows PCs, can't ever
> be infected - but it's a myth," said Timur Tsoriev, an analyst at
> Kaspersky Lab.


Some people used to preach that myth. Some of us always knew better.

> Apple could not provide a statement at this time.


HEHEHE.

Here's something for you, win9x isn't immune to it.
http://www.f-secure.com/weblog/archives/00002341.html





--
Character is doing the right thing when nobody's looking. There are too
many people who think that the only thing that's right is to get by, and
the only thing that's wrong is to get caught. - J.C. Watts
 
Reply With Quote
 
s|b
Guest
Posts: n/a

 
      06-04-2012, 06:35 PM
On Fri, 06 Apr 2012 10:06:21 -0400, Virus Guy wrote:

> http://www.bbc.co.uk/news/science-environment-17623422
>
> 5 April 2012
>
> Half a million Mac computers 'infected with malware'


<https://www.youtube.com/watch?v=aIrhVo1WA78>

:-)

--
s|b
 
Reply With Quote
 
FromTheRafters
Guest
Posts: n/a

 
      06-04-2012, 08:05 PM
Dustin wrote:
> Virus Guy<(E-Mail Removed)> wrote in news:(E-Mail Removed):
>
>> "People used to say that Apple computers, unlike Windows PCs, can't ever
>> be infected - but it's a myth," said Timur Tsoriev, an analyst at
>> Kaspersky Lab.

>
> Some people used to preach that myth. Some of us always knew better.
>
>> Apple could not provide a statement at this time.

>
> HEHEHE.
>
> Here's something for you, win9x isn't immune to it.
> http://www.f-secure.com/weblog/archives/00002341.html
>

I don't think he will understand that comment, he still doesn't
differentiate between the exploit and the payload.

 
Reply With Quote
 
Virus Guy
Guest
Posts: n/a

 
      06-04-2012, 10:32 PM
FromTheRafters wrote:

> > Here's something for you, win9x isn't immune to it.
> > http://www.f-secure.com/weblog/archives/00002341.html


I've kill-filed Pustin, so the only way I see his screed is when someone
else quotes it.

In this case, he's posted a link to a description of the java
vulnerability that pertains to the current issue with Macs (not sure why
he did that). The content of the link contains no information specific
to whether or not Win-98 is vulnerable.

In any case, since Oriface patched the JRE a couple months ago, and
since JRE version 6 does run under win-98 with kernelEx (and hence any
patch to version 6 is therefore applicable to win-98) why would someone
make a claim that win-98 is vulnerable?

Any windoze OS is vulnerable if the patch isin't applied.
 
Reply With Quote
 
FromTheRafters
Guest
Posts: n/a

 
      06-04-2012, 10:46 PM
Virus Guy wrote:
> FromTheRafters wrote:
>
>>> Here's something for you, win9x isn't immune to it.
>>> http://www.f-secure.com/weblog/archives/00002341.html

>
> I've kill-filed Pustin, so the only way I see his screed is when someone
> else quotes it.
>
> In this case, he's posted a link to a description of the java
> vulnerability that pertains to the current issue with Macs (not sure why
> he did that). The content of the link contains no information specific
> to whether or not Win-98 is vulnerable.
>
> In any case, since Oriface patched the JRE a couple months ago, and
> since JRE version 6 does run under win-98 with kernelEx (and hence any
> patch to version 6 is therefore applicable to win-98) why would someone
> make a claim that win-98 is vulnerable?
>
> Any windoze OS is vulnerable if the patch isin't applied.


He probably wrote that because you often declare w9x to be immune from
modern malware. If this at one time was a zero day exploit, it debunks
that view.
 
Reply With Quote
 
Dustin
Guest
Posts: n/a

 
      06-04-2012, 10:47 PM
Virus Guy <(E-Mail Removed)> wrote in news:(E-Mail Removed):

> FromTheRafters wrote:
>
>> > Here's something for you, win9x isn't immune to it.
>> > http://www.f-secure.com/weblog/archives/00002341.html

>
> I've kill-filed Pustin, so the only way I see his screed is when
> someone else quotes it.


That's mature. Not that I really expect any civil discourse with you.
You likely killfiled me after the sound education you got regarding DNS
servers. I don't mind being killfiled for spanking you. The fact you
think misspelling my name is in some fashion, professional or mature is
funny. You're a spoiled little punkass who can't hold his own in any
technical discussion.

> In this case, he's posted a link to a description of the java
> vulnerability that pertains to the current issue with Macs (not sure
> why he did that). The content of the link contains no information
> specific to whether or not Win-98 is vulnerable.


FTR was right then. You don't see the differences...

> Any windoze OS is vulnerable if the patch isin't applied.


You used to preach how much safer win9x is over NT. It isn't. Never
could be. win9x doesn't handle file permissions based on user accounts.
It's inherently, insecure.




--
Character is doing the right thing when nobody's looking. There are too
many people who think that the only thing that's right is to get by,
and the only thing that's wrong is to get caught. - J.C. Watts
 
Reply With Quote
 
Dustin
Guest
Posts: n/a

 
      06-04-2012, 10:47 PM
FromTheRafters <(E-Mail Removed)> wrote in
news:jlniap$nu9$(E-Mail Removed):

> Dustin wrote:
>> Virus Guy<(E-Mail Removed)> wrote in news:(E-Mail Removed):
>>
>>> "People used to say that Apple computers, unlike Windows PCs, can't
>>> ever be infected - but it's a myth," said Timur Tsoriev, an analyst
>>> at Kaspersky Lab.

>>
>> Some people used to preach that myth. Some of us always knew better.
>>
>>> Apple could not provide a statement at this time.

>>
>> HEHEHE.
>>
>> Here's something for you, win9x isn't immune to it.
>> http://www.f-secure.com/weblog/archives/00002341.html
>>

> I don't think he will understand that comment, he still doesn't
> differentiate between the exploit and the payload.


Seems you were right.


--
Character is doing the right thing when nobody's looking. There are too
many people who think that the only thing that's right is to get by, and
the only thing that's wrong is to get caught. - J.C. Watts
 
Reply With Quote
 
Dustin
Guest
Posts: n/a

 
      06-04-2012, 10:53 PM
Virus Guy <(E-Mail Removed)> wrote in news:(E-Mail Removed):

> In any case, since Oriface patched the JRE a couple months ago, and
> since JRE version 6 does run under win-98 with kernelEx (and hence any
> patch to version 6 is therefore applicable to win-98) why would someone
> make a claim that win-98 is vulnerable?


That reminds me. KernelEX gives you some NT like extensions right?

So here it is. RC5 released. Fixes most of reported problems and further
enhances compatibility with NT-only applications. Enjoy!

Yes it does... This is another potential weakness in your win9x machine
then. It is capable of executing some NT specific malware thanks to your
3rd party support. That means, it can run an NT based worm without the
benefit of non admin level security.

> Any windoze OS is vulnerable if the patch isin't applied.


Your win9x box is vulnerable to some NT code bases as it will try to run
them thanks to you installing an app to provide what it doesn't have. That
goes for some forms of NT based malware too.




--
Character is doing the right thing when nobody's looking. There are too
many people who think that the only thing that's right is to get by, and
the only thing that's wrong is to get caught. - J.C. Watts
 
Reply With Quote
 
 
 
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Network of 1.9 Million Malware-Infected Computers Controlled by Cybercriminals ~BD~ Security Software 10 27-04-2009 06:48 PM
up to 150 million computers are part of botnets simple_language@yahoo.com Anti-Virus 18 03-02-2007 07:12 PM
Just wasted a day an a half getting rid of spyware/adware (I'm hoping it's gone) Mark Spyware 3 16-08-2004 06:20 PM
half solution for swen Lionel Dominjon Anti-Virus 2 21-09-2003 03:35 PM
half solution for swen Lionel Dominjon Anti-Virus 0 20-09-2003 03:44 PM


All times are GMT. The time now is 06:47 PM.