Malware attack specifically targets Mac users

http://technolog.msnbc.msn.com/_new...malware-attack-specifically-targets-mac-users

 

More at the Intego Blog And this must be the first Fake AV I have seen that's designed for Mac OS X.

 

First time I've seen malicious web pages specifically for Mac users.

Definitely ain't going to be the last.

 

From the blog:

I heard about one 4 years ago:

http://isc.sans.edu/diary.html?storyid=3595

There haven't been many such sites, but as you note, we'll probably see more!

regards,

-rich

 

Yes I hate to say it but this is always the Mac users defense when discussing wether or not they can get infected, it's very funny. Since there will always be those that will put in the admin pass, and there we go infected and end of discussion. And after that are they not so cocky anymore

BTW, I was at the official Apple support forum before.
And I saw 2 threads with users that had got infected with this rogue, already.

Edit: Typo...I had some rouge on my face

 

Windows UAC on LUA and Linux su(do) are the same.

Why are there so many people misspelling rogue as rouge?

 

In 2006 isc.sans.edu noted this in their Diary:

Mac OS X trojan - OSX/Leap
http://isc.sans.edu/diary.html?storyid=1128

And this evening, they cited this blog:

Crimekit for MacOSX launched
http://www.csis.dk/en/csis/blog/3195

I know only two users of the MacOS and they have never been concerned about malware.

regards,

-rich

 

Because the spellchecker doesn't flag it

 

Because the spellchecker isn't ON

 

I know several people who own MAC PC's. All of them think that they are "Invincible". If you try to discuss with them the subject of protection from Malware, they do not want to listen.

 

FYI. Here's one user that's affected https://discussions.apple.com/thread/3029554?tstart=0

 

I know what you mean. The first thing I did was install an AV on my Mac. Maybe I can use this to encourage others todo so as well. Most of them say "oh well there is nothing to steal from me! I will wipe if I get infected". So naive. It may be harder to get infected but certainly not imposible. To be as close to that you need Linux or BSD both are the most secure OS's (out of the box). With little tweaking any OS can become invincible (or close to of course).

I install linux on anyone's PC/laptop who needs a reinstall and only uses it for web browsing and a few Cross platform applications. Most of them don't notice the deference at all specially when i choose PCLinux or openSuse.

When these types of malware hit linux then I will be more concerned. Although the would be pretty crippled do to the built in security and multiple distros that would have to be compiled for.

 

Same here. Plenty to choose from Eset, Kaspersky, Dr web, Intego etc, no Reason any mac user should run OSX without some sort of Antimalware app. Sophos is Free ! and light on any modern Mac

 

Strictly speaking of linux as the bare kernel, you're right but (as has been posted here on wsf before but I can't find it immediately) for those using a desktop environment, there are certain pitfalls to be aware of also.
As described on Geekzone link.

As the writer of the article explains, his specific approach works only on some distro's.
It's all happening in user space but still, it's happening.
With all due respect, there's no use for linux users either to think we can merrily click away, as long as we're not entering a password.

 

New variat called MacSecurity

 

http://blog.iantivirus.com/2008/01/deeper-look-on-macsweeper.html
http://blog.iantivirus.com/2008/04/march-osx-news-makers.html

 

Intego discovers New variants And an updated blog post.

 

From our friends at Sophos, Mac's are no longer immune

 

Nope not this week

 

They never were immune.

 

New variant called Mac Protector

 

That was meant as an obvious joke actually

 

More info please?

 

From same source of the previous Mac Defender / Mac Security BestMacAntivirus2011.mpkg.zip

But the application is called Mac Protector

or came from another fake scan like

http://blog.intego.com/2011/05/06/macdefender-macsecurity-malware-gets-a-bit-more-sophisticated/

and download a zip file like 2c29802aceeb85556881dd2b2d4d8a3c8a98a29878de67f7.zip
a6dc5b65524f21a378bce2e19c8c8071dbff275310d5b9b5.zip
etc. (zip name change often)

and contains yesterday Mac Security, today Mac Protector

From what I've seen so far the malware change name every 2 days.

 

http://nakedsecurity.sophos.com/201...ch-terms-lead-to-mac-rogue-security-software/