Malware attack specifically targets Mac users

Discussion in 'malware problems & news' started by Thankful, May 2, 2011.

Thread Status:
Not open for further replies.
  1. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    3,731
    Location:
    New York City
  2. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    More at the Intego Blog And this must be the first Fake AV I have seen that's designed for Mac OS X.
     
  3. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    First time I've seen malicious web pages specifically for Mac users.

    Definitely ain't going to be the last.
     
  4. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    From the blog:

    I heard about one 4 years ago:

    http://isc.sans.edu/diary.html?storyid=3595
    There haven't been many such sites, but as you note, we'll probably see more!

    regards,

    -rich
     
  5. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Yes I hate to say it but this is always the Mac users defense when discussing wether or not they can get infected, it's very funny. Since there will always be those that will put in the admin pass, and there we go infected and end of discussion. :D And after that are they not so cocky anymore ;)

    BTW, I was at the official Apple support forum before.
    And I saw 2 threads with users that had got infected with this rogue, already. :)

    Edit: Typo...I had some rouge on my face :p
     
    Last edited: May 3, 2011
  6. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Windows UAC on LUA and Linux su(do) are the same.

    Why are there so many people misspelling rogue as rouge?
     
  7. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    In 2006 isc.sans.edu noted this in their Diary:

    Mac OS X trojan - OSX/Leap
    http://isc.sans.edu/diary.html?storyid=1128
    And this evening, they cited this blog:

    Crimekit for MacOSX launched
    http://www.csis.dk/en/csis/blog/3195
    I know only two users of the MacOS and they have never been concerned about malware.

    regards,

    -rich
     
  8. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    Because the spellchecker doesn't flag it :)
     
  9. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Because the spellchecker isn't ON :D
     
  10. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    I know several people who own MAC PC's. All of them think that they are "Invincible". If you try to discuss with them the subject of protection from Malware, they do not want to listen.
     
  11. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
  12. x942

    x942 Guest

    I know what you mean. The first thing I did was install an AV on my Mac. Maybe I can use this to encourage others todo so as well. Most of them say "oh well there is nothing to steal from me! I will wipe if I get infected". So naive. It may be harder to get infected but certainly not imposible. To be as close to that you need Linux or BSD both are the most secure OS's (out of the box). With little tweaking any OS can become invincible (or close to of course).

    I install linux on anyone's PC/laptop who needs a reinstall and only uses it for web browsing and a few Cross platform applications. Most of them don't notice the deference at all specially when i choose PCLinux or openSuse.

    When these types of malware hit linux then I will be more concerned. Although the would be pretty crippled do to the built in security and multiple distros that would have to be compiled for.
     
  13. tonyf1971

    tonyf1971 Registered Member

    Joined:
    Nov 20, 2007
    Posts:
    58
    Same here. Plenty to choose from Eset, Kaspersky, Dr web, Intego etc, no Reason any mac user should run OSX without some sort of Antimalware app. Sophos is Free ! and light on any modern Mac
     
  14. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    Strictly speaking of linux as the bare kernel, you're right but (as has been posted here on wsf before but I can't find it immediately) for those using a desktop environment, there are certain pitfalls to be aware of also.
    As described on Geekzone link.

    As the writer of the article explains, his specific approach works only on some distro's.
    It's all happening in user space but still, it's happening.
    With all due respect, there's no use for linux users either to think we can merrily click away, as long as we're not entering a password.
     
  15. GmG

    GmG Registered Member

    Joined:
    Oct 13, 2006
    Posts:
    48
    Location:
    Italy
    New variat called MacSecurity
     
  16. GmG

    GmG Registered Member

    Joined:
    Oct 13, 2006
    Posts:
    48
    Location:
    Italy
  17. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
  18. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  19. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Nope not this week :D
     
  20. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    They never were immune.
     
  21. GmG

    GmG Registered Member

    Joined:
    Oct 13, 2006
    Posts:
    48
    Location:
    Italy
    New variant called Mac Protector
     
  22. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    That was meant as an obvious joke actually :)
     
  23. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    More info please?
     
    Last edited: May 7, 2011
  24. GmG

    GmG Registered Member

    Joined:
    Oct 13, 2006
    Posts:
    48
    Location:
    Italy

    From same source of the previous Mac Defender / Mac Security BestMacAntivirus2011.mpkg.zip

    But the application is called Mac Protector

    or came from another fake scan like

    http://blog.intego.com/2011/05/06/macdefender-macsecurity-malware-gets-a-bit-more-sophisticated/

    and download a zip file like 2c29802aceeb85556881dd2b2d4d8a3c8a98a29878de67f7.zip
    a6dc5b65524f21a378bce2e19c8c8071dbff275310d5b9b5.zip
    etc. (zip name change often)

    and contains yesterday Mac Security, today Mac Protector

    From what I've seen so far the malware change name every 2 days.
     
  25. GmG

    GmG Registered Member

    Joined:
    Oct 13, 2006
    Posts:
    48
    Location:
    Italy
Loading...
Thread Status:
Not open for further replies.