digg

Facebook Connect Join Digg About

Mac OS X targeted by Trojan and backdoor tool

news.zdnet.com Two pieces of malicious software affecting Apple's Mac OS X appeared this week: a Trojan horse with the ability to download and install malicious code of an attacker's choice, and a hacker tool for creating backdoors, according to security vendors....

Who dugg this? Made popular Nov 23, 2008

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

393 Comments

show profanity settings
expand all
  • karipatila, on 11/23/2008, -10/+430FTA: The Trojan is found on porn websites posing as a codec needed to play video files, a technique used to trick the user into downloading and installing it.

    If you're dumb or desperate enough to install it you deserve what comes forth.
  • SawButter, on 11/23/2008, -2/+182The biggest threat for a computer is located between the keyboard and the chair.
  • Chirp08, on 11/23/2008, -28/+194I look forward to 90 "I told you so comments" from the people who swear OSX is only "safe" because it has a small market share. Of course these are the same people who think a Trojan = Virus.
  • petard, on 11/23/2008, -52/+191This is pretty much the only way Windows users get viruses now anyways, yet Microsoft is criticized. All trojans and malware for Windows require admin privileges, which UAC prevents in the same way as MAC OS and Linux do - it asks the user permission. Why do criticize Windows and brush it off if it is Mac or Linux?
  • inactive, on 11/23/2008, -65/+203Where is your god now?
  • inactive, on 11/23/2008, -4/+140My spidey senses tell me this thread is going to rapidly dissolve into petty squabbling, so here's my 2c:

    Mac users:
    Just be careful and you'll be fine.

    Windows users:
    Just be careful and you'll be fine.

    Everyone:
    Maybe when you're surfing for porn isn't the best time to be making important decisions anyway, ya?

  • batmanz, on 11/23/2008, -10/+124I believe their God is in California, wearing a black turtleneck and jeans.
  • RomieZ, on 11/23/2008, -14/+109I run Vista x64 with no A/V, my computer on and connected to the net at least 12 hours a day. No viruses.

    Idiotic users are pretty much the only reason for getting viruses.
  • SawButter, on 11/23/2008, -9/+81Another Lame attempt from Intego to sell their useless Antivirus Software.

    http://www.clamxav.com/

    ClamXav is a free virus checker for Mac OS X.
  • esquire360, on 11/23/2008, -6/+77ha! I'll stick with my windows, now how do I uninstall this weather bug program, grrrrrh
  • inactive, on 11/23/2008, -49/+119Big deal. One is loaded by downloading a secret porn codec and the other has to be manual installed in person on the computer. Wow, big threat. Call me when it gets to the point where your computer is attacked the moment you put it on line, like with Windows.
  • Chirp08, on 11/23/2008, -16/+78Nobody said it's Trojan free. Anything that requires the user to install it is not the fault of the operating system. The problem with Windows is that it was possible for Trojans to be installed without you knowing. On OSX you need to type in your root password to install this Trojan, then upon first running it asks you if you are sure you want to run the application you just downloaded from the web and may be unsafe.

    If you still manage to install a Trojan at that point, you ***** deserve it.
  • mysn239, on 11/23/2008, -14/+71backdoor tool :D
  • inactive, on 11/23/2008, -6/+58Dugg for "trojan" and "back door tool" in the same sentence.
  • bigsteve, on 11/23/2008, -8/+53@Chaulis: YOU are wrong. The vulnerabilities that allow the behavior you describe can exist in any operating system. The last time that a machine needed only be on the net to be infected was literally years ago with the remote holes in RPC and LSASS (Blaster and SASSER, respectively.) You needed only be behind a firewall to be safe from such vulnerabilities.

    What you describe is possible, but you're a little misinformed. What you describe doesn't necessarily exist on any platform. It's equally possible on Windows, Linux, and Mac OS.
  • Kazbaeden, on 11/23/2008, -12/+57You must be thinking about a pre-patched pre-sp1 Windows XP machine. Windows Vista is actually very secure, but it's only as secure as the user will allow it to be; if you give viruses permission to run on you're machine there's nothing the OS can do to protect you. Same goes for OSX in this instance.
  • insllvn, on 11/23/2008, -3/+38Really, cause that is why I configure iptables and only install software from trusted sources. Linux isn't magic, and it isn't invulnerable.
  • forewarned7, on 11/23/2008, -4/+39Incidentally, as someone who works in walkin computer tech support, that's where 95% of PC viruses come from too.
  • SoundScape, on 11/23/2008, -0/+31ClamXav sounds like an STD cream.
  • profboobs, on 11/23/2008, -1/+26I've got a mac, and I'm running Windows XP in VMWare. I use it to play old windows games (half life, project 64, etc). I don't have any antivirus software on my mac or my windows. Mac has been secure for a while now, and windows was fairly safe from drive-by installs since SP2.

    Trojans can be written for any operating system. They're just a program. You have to install them yourself. A trojan can be written for any operating system out there, because the user has to give permission to install it.
  • js281, on 11/23/2008, -20/+45I told you so. OSX is only safe because of its small market share.

    As the market share increases so will the amount of OSX virii like the one mentioned in this article.
  • c010rb1indusa, on 11/24/2008, -0/+24Sure that codec looked like a good idea last night, but I woke up this morning, looked over at my laptop, and I totally regretted it.
  • jasmus, on 11/23/2008, -0/+20Viruses don't destroy hardware. A format and reinstall would have had your laptop up and running again no worries. You're an idiot for selling it so cheap.

    Sincerely,
    Macbook Owner
  • l815, on 11/23/2008, -7/+27I'm tired of people complaing both on Windows & Mac about security idiocy. If the OS tries to make itself more secure, people will complain "it is annoying" (example, vista UAC), if they don't put enough people will complain "it isn't secure enough".

    Stop complaining the users are stupid, and start realizing the targets are the users of "less computer literacy". It's not their fault they live a life other than "the internets".

    Now if they complain it's not their fault, then I would argue they are being stupid. Majority of users I encounter with these problems (either Mac or Windows) always admit that it was possibly their fault, but they just want it fixed.

    That's it. Goodbye.
  • bigsteve, on 11/23/2008, -4/+24@Chaulis: You're kind of all over the place here.

    "But go ahead and put a vista box on the net with out a firewall (IE no consumer router, or software firewall) and see what happens." vs. "Microsofts use of sockets post sp2 fixed it, but before that it's pretty easy to infect a machine." Which is it?

    Microsoft's use of "sockets?" Do you know what a socket is? Putting XP SP2 without patches on the net leaves it vulnerable to the LS Shell vulnerability, as in, Sasser. Vista SP0/Gold or Windows XP SP3 (which just has a back-port of the Vista TCP/IP stack handler code) don't have any (known, widely used, in the wild) remote arbitrar-code execution vulnerabilities. My father not knowing any better put his new Vista machine directly on Comcast's cable network, where it sat turned on for 4 weeks. Powered on, on the network, not on a router, no software firewall, nothing. It was completely clean when I finally found it.

    The only remote control software native to Windows XP / Vista, "guess what," is the built-in remote desktop client, which is by default not configured, and is not by default forwarded through software firewalls or routers. It also isn't part of XP or Vista Home versions.

    Anything else?
  • Sketchcast, on 11/23/2008, -4/+23Dellmonte, would you log into a desktop linux box as root on an everyday basis? Then why are you doing the same on XP?

    Seriously, run as a limited user, and use the run-as option for installers. It's not rocket science.
  • striker1211, on 11/24/2008, -1/+19@DelMonte

    You have a point that more people run as admin on windows than on a unix based OS. Microsoft really shouldnt have setup user accounts to be admins by default, but third party programs assume they have access to system folders and things like the Program Files folder because of 9x so what choice did they have. Linux and OSX still require you to be admin to install apps but those apps are coded to be ran by limited users. Windows was not designed to be a multiuser OS (yes they had profiles in 9x but there were no real permissions or anything) and unix was. OS X killed system 7/8/9 apps for security, and it worked for them. If microsoft did that businesses would be screwed.

    @Chaulis:

    just... wow... port 80 is a trusted port, what are u talking about? If there is something i am missing, please enlighten me. Windows firewall doesnt allow INCOMING connections to port 80. You should read how TCP works. Yes users do get infected through IE and other browsers but its not because windows trusts port 80 any more than any other port. It isnt like it says "Oh, this connection uses remote port 80, i'll accept any code from that server cuz im windows"...
  • rezist, on 11/23/2008, -1/+17This isn't a virus, and there have been several trojans programmed to affect Apple operating systems.
  • ZippyV, on 11/24/2008, -1/+17OMG it found 10 tracking cookies.
  • furly37, on 11/23/2008, -23/+38Last time I checked having admin privelages and requiring you to put in your admin password are two different ball games. I have supported both platforms for a long time and to this day the only virus I have ever had to remove from a Mac is that old cheesy macro virus that infected Word files. Ironically it was a Windows virus but infected Mac Microsoft Files too. On the other hand I get calls every week for viruses on PCs. So don't preach to me about Windows being more secure nowadays.
  • PillCosby, on 11/23/2008, -6/+21@Del Monte: you are literally retarded.
  • 3mpire, on 11/23/2008, -7/+21no firewall? just goes to show that simply buying a mac can't fix stupid.
  • gcnaddict, on 11/24/2008, -2/+16@Chaulis: "Completely wrong"

    Can you show me just one worm which has compromised UAC in Vista? I've got a Server 2008 box DMZd on my hardware firewall with the Windows firewall off just to see if anything ever happens.

    Nothing.

    (Those of you digging Chaulis up... reconsidering that thumbs-up wouldn't be a bad idea. Otherwise, everyone who sees you as a friend who dugg Chaulis' comments up would assume ignorance on your part.)
  • archer75, on 11/23/2008, -3/+16And that is exactly how OSX was hacked at the hacker challenge earlier this year. A full day before the Vista and Ubuntu machines.

  • CoreyTamas, on 11/23/2008, -0/+13There are lots of Mac Fanboys and Windows Fanboys in this thread.

    Harder to find are the Common Sense Fanboys. They seem to avoid this kind of thread all together.
  • vandalhearts, on 11/23/2008, -1/+14So...you downloaded an attachment from an unknown source that "completely destroyed the computer" and then you sold a $1500 laptop for $300 on ebay? Most people would do simple things like reformat a computer before they tossed away twelve hundred bucks. I wonder why MAC users have to resort to outright lies to promote their platform of choice. Are you really so insecure that you have to justify paying $2200 for about $1000 worth of equipment by posting BS on digg?
  • DelMonte, on 11/23/2008, -8/+21At the end of the day, there's still much less chances to get malware on a Mac than on Windows (XP at least). And there's no way that in short period of time the amount of malware on the Mac (and sites hosting them) will rise to the levels of what's happening on the Windows side.

    So, no matter how you slice it, the fact is, when it comes to probabilities, the Mac is still safer than Windows.
  • Zippo, on 11/23/2008, -5/+16Apache is, by far, the most popular web server software on the market.
    There are far more exploits and attacks for ISS than Apache.

    Apple owns nearly 10% of the OS market share now. By that logic, about 1 in every 10 viruses out there should effect OS X.

    Popularity/market share does NOT equal more viruses/exploits/attacks.
  • inferno10, on 11/23/2008, -1/+12Air?
  • tk4two1, on 11/23/2008, -2/+13Move on... Nothing to see here. Still requires an Admin password.... Yawn...
    DO NOT, REPEAT, DO NOT, BUY ANTI-VIRUS SOFTWARE FOR YOUR MAC! ITS A TRAP!
  • BlackJackJester, on 11/23/2008, -1/+11A virus is just a program...so anyone can get one. The problems only arise when the OS lets things install without user permission
  • WoollyMittens, on 11/23/2008, -0/+10You could have just reinstalled windows on your "completely destroyed computer". Just saying. I have a bridge I'd like to sell you.
  • noboot, on 11/23/2008, -2/+12You my friend, should be a Mac user. I'm glad you made the switch. Apparently you cannot handle Windows.
  • bigbangbuddha, on 11/23/2008, -0/+10Installing software requires root level permissions in OS-X / Unix and Linux, if you type your password in you are agreeing that you trust the software you are installing. Anyone who trusts anything from a porn site is an idiot, in any OS. Remember this is not a virus, it's a normal program. There is nothing in any os preventing software from being written that reroutes your network, if this were the case we could not have VPN software or many other useful tools. The fact it is disguised as another software program is what makes it a trojan. In any case I will take a unix based OS any day over Win/Dos, at the very least contains said software to its local process and permissions and prevents further damage to the network.
  • random12345, on 11/23/2008, -5/+15Really? Care to explain how that happens?
  • nbluth, on 11/23/2008, -0/+10/sarcasm?
  • nbluth, on 11/23/2008, -1/+11Thank you nostraboris that comment made my day, I was thinking "maybe not all mac users can be stupid" and then you spouted out that little jewel. thank you.
  • sebastienk, on 11/23/2008, -8/+17Yeah right! Every year we get this story but at the end it always ends up being a bogus story made up by a security company to sell security tools you don't need.

    Now that MS will give away anti-virus for free we will see a lot of those bogus stories show up. You can't really blame them, they have to make a living as well.
  • poidh, on 11/23/2008, -24/+33No-one deserves having a trojan on their computer unless they knowingly download one.
  • SawButter, on 11/23/2008, -1/+10ClamXav is not made by Intego. It's a free alternative that just works.
  • Fetching more discussions...
    Show 51 - 100 of 395 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.