New Mac malware warning

Discussion in 'malware problems & news' started by Blueshoes, Jun 1, 2010.

Thread Status:
Not open for further replies.
  1. Blueshoes

    Blueshoes Registered Member

    Joined:
    Feb 13, 2010
    Posts:
    220
  2. Hmm, social engineering malware - requests root password for installation. Personally I expect to see more of that - a lot more - as *nix operating systems get more popular...
     
  3. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    How to sell products Part XXXVI

    Mac users will not fret over it...at all
     
  4. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    From the article:

    Nope. What it shows is that people shouldn't be downloading stupid little knick-knacks like screensavers from shady websites, then giving the screensaver the root password (root is totally unnecessary to use a screensaver on *nix machines). Indeed, this is how the recent Ubuntu trojan was discovered -- it was a screensaver that asked for root access. Someone got suspicious and looked at its source code and found the malicious code. The thing about the Ubuntu screensaver is that it was actually on gnome-look.org which is a trusted website for Gnome themes. I guess it goes to show that one needs to stick the the repositories (OS X doesn't have repos, so it still suffers from some of the problems Windows does in that regard).

    No one is going to argue that any platform is impervious to 100% of malware when there are a lot of stupid people out there willing to install unnecessary garbage. What we can say, however, is that AV software is not the answer to the problem; it's only a band-aid (and a not very effective band-aid at that, based on all the studies I have seen).
     
  5. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Well said, chronomatic - your post should be a "Sticky" somewhere!

    It reminds me of a sans.org diary from 2007, which I've got referenced in my notes:

    DNS changer Trojan for Mac (!) in the wild
    Published: 2007-11-01
    http://isc.sans.org/diary.html?storyid=3595

    ----
    rich
     
  6. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
  7. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
Loading...
Thread Status:
Not open for further replies.