digg

Join DiggAbout

The Digg Crew wants to hear your thoughts!
Please take our short survey about Digg and potential feature ideas.

Trojan horse targets Mac OS X

macnn.com — A new trojan horse designed specifically for Mac OS X systems has been discovered on several pornography websites that can hijack Web traffic, according to security firm Intego. Affected systems are used to hijack some Web requests that lead users to other phishing sites, or simply display ads for other pornographic websites to generate ad revenue.

show profanity settings
expand all
  • streak, on 11/02/2007, -15/+216PLEASE buy our antivirus software!! Then you'll be able to visit p0rn sites safely!
    • masterm1nd, on 11/01/2007, -35/+1.
      • OblivionMage, on 11/01/2007, -4/+3Wow, you are so full of comments and enthusiasm!
      • masterm1nd, on 11/01/2007, -2/+8It's the stupid comment system.
    • topiKal, on 11/01/2007, -9/+41I'd be prepared for more of this kind of stuff coming along.

      With the huge increase in the popularity of Apple products, I wouldn't be surprised to see many more viruses and trojans focused specifically on harming Mac systems. While it's not a good thing, it is interesting to note the trend considering Windows has a reputation for being the only OS with a high risk of virus and spyware infection. Be careful, Mac users.
      • zybch, on 11/04/2007, -32/+5Sorry, but how can you possibly call a market share of still under 5% huge?
        • richardiscool, on 11/01/2007, -3/+21"Huge INCREASE"
          • norman619, on 11/04/2007, -7/+1Yes it's subjective not objective. :-)
          • GiggleStick, on 11/01/2007, -3/+6Is that like when the news says eating something triples your chance of finger cancer, and then you find out that you only had a 1 in 50,000 chance of getting that, and now you have a 3 in 50,000 chance. That's a 300% increase!
          • Tippis, on 11/01/2007, -1/+2@GiggleStick
            <anal>
            That's actually a 200% increase...
            </anal>
        • spectre_25gt, on 11/01/2007, -2/+11He said huge increase in popularity, not existing market share. There's a difference.
        • ivanvanderbyl, on 11/01/2007, -3/+16The mac market share is actually 8.1% as at October 1st.
        • DaMacGamer, on 11/01/2007, -1/+11Market share is now around 8%...
          • norman619, on 11/01/2007, -4/+9How do they get these numbers? Never realy asked that before. They monitor internet traffic? They watching sales? Just curious.
        • zybch, on 11/04/2007, -21/+10Worldwide marketshare is still well under 5%.
          Remember you stupid mactards, the world doesn't end at the US offshore limit.
          • threemagic, on 11/01/2007, -10/+15And remember you jealous POS that market share means all installed base.. which includes machines 9 years old. Right now, world wide, Macintosh is selling NEW machines at a higher rate than others.

            Stick your 3rd world pentium 100 where the sun don't shine.. well since it never shines on you.. just shove up it up your ass.
          • TheReport, on 11/01/2007, -13/+6yeah and your intelligence is well under 5% of borderline retardation. I bet you are the same bitch ass ***** that complains when your boyfriend donkey punches you to hard.
          • grieks, on 11/01/2007, -4/+2ooooh a bitch ass *****, that's new!
          • specialK16, on 11/01/2007, -4/+3***** you theemagic, you are as stupid as zybch is; "everything outside the U.S must be the 3rd world".
          • mrFREEZE, on 11/01/2007, -0/+1Only on a mac thread could the phrases "borderline retardation", "bitch ass *****" and "windows fag" come up and be normal.
        • thewfirestarter, on 11/01/2007, -7/+6zybch, the average Windowsfag: http://www.youtube.com/watch?v=UVwx9qJyM8M
          Check out his profile for other stellar comments.

          /pluck the brows plz
        • TheReport, on 11/01/2007, -3/+6"Sorry, but how can you possibly call a market share of still under 5% huge?"

          When that market makes it the 3rd best selling computer right behind Dell and HP. Any more retarded questions? or should I ready the shotgun so you can kill youself now?
        • DaffyDuck, on 11/01/2007, -5/+2"zybch, the average Windowsfag: http://www.youtube.com/watch?v=UVwx9qJyM8M
          Check out his profile for other stellar comments."

          Heh, nice pink room.
      • AfterTen, on 11/01/2007, -22/+16Windows currently is the only OS with a high risk of virus and spyware. This report is of neither a virus or a piece of spyware. Both of those things install without your knowledge or consent. This is a Trojan, it tries to trick you into giving consent.
        But I do concede my Mac is probably vulnerable in some way.
        • threemagic, on 11/05/2007, -1/+10Why dig him down, he's right. ALL OS'es.. even those NEVER on the internet can get a trojan horse. It looks like something else, you install it, GIVE IT CREDENTIALS, and it gets privileges. One things this article assumes is all users run at admin level... which is bad.
      • noahhoward, on 11/01/2007, -10/+13OS popularity has nothing to do with number of viruses and exploits. Look at the server market for proof.
        • Jimzip, on 11/01/2007, -8/+1And look at the amount of consumers that have their own servers...

          Jimzip :D
          • ungamedplayer, on 11/05/2007, -1/+4Judging from the amount of botnets out there. Plenty.
        • trylleklovn, on 11/05/2007, -1/+4Or look at OS 9 and below.. Were they used by more people than OS X? Were there less vira for these?
          • piwy, on 11/01/2007, -3/+2viruses*
          • bigsteve, on 11/01/2007, -0/+1OS9 had virus issues, back when a "virus" for the very most part was a piece of self-replicating code that destroyed data and was passed between machines by careless floppy-disk-toting users. This was back when viruses (it's only called "virii" when referring to the disease-causing kind, look it up) primarily aimed to destroy data, and not keep your computer alive in order to advertise to you or steal personal data and send it home.

            OS9 is built upon a completely different architecture than OSX, OSX being Unix (it conforms to *the* Unix standard, it's Unix). It, therefor, benefits from the inherent better security hierarchy of such a system. Your point is only valid if you're still misinformed enough to believe that the Mac platform's current lack of malware is due only to it's small market share.
        • jrbrewin, on 11/05/2007, -3/+1unfortuantely, there's a certain amount of arrogance that goes with the average mac user, assuming that they are risk free from the security / id threats online. Whilst windows machines are obviously far less secure, a lot of windows users understand this and protect themselves with the right tools (shame they tend not to protect themselves with correct user rights in the first place), whereas most, if not all, mac users do not.
        • labmouse42, on 11/01/2007, -0/+2People who run servers know better than to 'patch' their Solaris boxes with that .gzip file promising Viagra.

          Virus' and Spyware developers write code for the lowest common denominator -- ie. Windows users.
      • Jimzip, on 11/01/2007, -9/+3Yep. Been saying it for years. And the more the fanatic mac fanboys tout how amazing their OS is, the more it'll start to happen (not that I'm worried about this one btw - what a lame trojan, you basically have to choose to install it..).
        Anyway, I love my macbook & OSX, but running around telling others you're invincible is always going to make someone out there want to prove you wrong..

        Jimzip :D
      • CplSmithers, on 11/01/2007, -3/+12Sure, OS X is pretty darn secure, don't think its the most secure thing out there. Heck, Leopard ships with the firewall off. What a secure system!
        Plus, I personally think that one's computer is only as secure as the users that use it.
        • sneeka2, on 11/01/2007, -3/+2If there are no services running by default and/or there are no known exploitable bugs in the services that are running, then there's no need for a firewall. Not saying that either is necessarily the case for OS X, but it has been running fine with a disabled firewall for years now.
          • Tippis, on 11/01/2007, -1/+3Ehm... no.
            "No known exploitable bugs" is a subjective thing -- *you* may not know about them; Apple might not know about them, but someone else might, and that possibility is all justification you need to use a firewall.
            Running a firewall is, almost by definition, a preventive measure -- you do it to protect yourself against danges you don't know about. If you knew every bug and exploit, you could quite easily be in a situation where a firewall *isn't* needed, because all you have to do to protect yourself is not to run the compromised software.
        • MCDupree, on 11/01/2007, -1/+1Well put.
      • MCDupree, on 11/04/2007, -2/+1Be careful? More like be scared.
    • Scheissenegger, on 11/01/2007, -10/+2maybe the Dev team can fix this?
      • thushan, on 11/01/2007, -0/+2There's nothing to fix. It can happen to anyone in any OS. As much as I dislike Ape-ole and the whole Apple subculture you cant fix this - rather there's nothing really here to "fix".

        As WiseWeasel said below it requires user-interaction to propogate or infect and if your dumb enough to surf "PHREE PRON!!!" sites which prompt you to install something, then you have more issues to worry about...

        Like it or not because of the backend of OS X it is inherently more stringent and secure than the Windows counterpart in user-space. *HOWEVER* This just means that Apple users - like Windows users for decades - need to be cautious about what they download or get prompted to install.

        Ignorance != Bliss when it comes to your OS.
    • WiseWeasel, on 11/01/2007, -14/+901) You have to enter your admin password when prompted to install the trojan
      2) You have to manually check the "Open 'Safe' Files After Downloading" option in Safari's preferences to be vulnerable to an automated installation. Otherwise, a user would have to manually mount the DMG disk image, and then manually install the trojan.

      The threat level from this trojan is pretty small for a majority of users. People who download and install software with admin privileges from a porn site get what they deserve. User intervention + admin password needed = pretty weak trojan...
      • natenovs, on 11/01/2007, -13/+34sorry man, thats how almost all trojans work. its called social engineering, and its wildly successful, especially in email and porn.
        • thinkdrastic, on 11/01/2007, -5/+8Besides, doesn't Safari's "Open 'Safe' Files After Downloading" default to true in versions prior to Leopard?
          • WiseWeasel, on 11/01/2007, -0/+11Nope, Tiger defaults to false (at least since one of the early point revisions)...
        • bradleyland, on 11/04/2007, -10/+6It's also called social darwinism. If the ***** can't keep their paws off of the crappy, trojan laden software, they can rot for all I care.
          • antdude, on 11/01/2007, -0/+10Nah, it means more money for geeks to clean up their mess. ;)
        • noahhoward, on 11/03/2007, -14/+10No it's not. If you download an exe it can run itself. If you download a DMG you still have to go through some steps to get going. Yes it can happen but the chances are way reduced.
          • petard, on 11/03/2007, -8/+10An exe can run itself? Really? That is very interesting.
            Seriously, for XP SP2 and later it is almost always the user running some fishy file which causes them to get infected. Then the exe puts itself into autorun, but the FIRST TIME you must WILLINGLY run the exe.
          • bigsteve, on 11/03/2007, -4/+9Your comment's positive score makes me lose even more faith in this site's regulars. petard is right, no executable just runs itself. You are prompted by every browser and version I've ever used before anything happens. There are the occasional Active X controls and other such things that are engineered to have the look and feel of a Win32 form, that you're fooled into installing which starts a chain reaction of downloads and executes, but it's still started by one "run/save/cancel" ignorant user move.
      • zweben, on 11/01/2007, -0/+25Basically, it relies on social engineering more than any specific software vulnerability. Keeping people from voluntarily installing malicious software that they think is legit is a pretty difficult problem to solve through software.

        Unfortunately, other than warning people about installing applications from sites they don't (or shouldn't) trust, releasing security updates and patches quiclky, and making sure that software cannot be installed without user approval, there's really not all that much any OS designer can do.
      • m00nmaster, on 11/01/2007, -0/+8Open Safe Files option was on by default on my MacBook Pro. So you still have to input your password. A couple of seconds to decide whether you can trust that pr0n site to install the "correct" codec or a trojan. WHAT THE HELL DO YOU THINK? jackasses all over the internet.
        • bigsteve, on 11/01/2007, -0/+6Even if "Open Safe Files" is ticked, you're still prompted to abort the DMG mount if the image contains an executable. It comes to you, clear as day, plain english, "This disk image contains an executable and it may be harmful." So if *that* fails you too, then sorry, no secure platform, no trusted computing system, no anti virus, no escalation dialog boxes will save you from dumb-ass you.
          • shark615, on 11/01/2007, -2/+11That is how the vast majority of these things work on windows yet I bet you will be the first one saying its windows fault not the users...
          • bigsteve, on 11/01/2007, -1/+1@shark...For this particular threat, yes. I'll blame the user of any OS. For all the rest of the threats, it's you're fault for *using* Windows. Closed code = no community review = a closed minded closed set of developers that don't find the buffer overflows, remote-execute, and privilege escalation bugs before the bad guys do. I'd rather use the product with thousands and thousands of eyes from different disciplines on the code at all times. But that's just me.
      • mentor972, on 11/01/2007, -0/+2I agree
    • InfiniteNothing, on 11/02/2007, -4/+75If you're stupid enough to install a program from a porn site, you deserve this virus
      • mburk, on 11/01/2007, -22/+6I can't wait until it's bundled with something else and you install it, you smug bastard.
        • bigsteve, on 11/01/2007, -3/+1The wonders of the open source world. If I'm skeptical about the program I'm about to install, I have the option to do so myself, or if I'm not capable, read up in forums and google around for people who have personally audited the code. Or perhaps enlist the efforts of someone who can. It's a tough internet out there, watch your ass, and show some personal responsibility.
      • davesawyer, on 11/04/2007, -4/+1Comment dugg twice for awesomeness.
    • ksgant, on 11/03/2007, -1/+4Please remember, a "virus" exploits flaws in the OS. A "Trojan" exploits flaws in the user of an OS. You can have the most secure, bug free OS in the history of the world and still be subjected to a Trojan horse because it will be disguised as something helpful or useful and require the user or admin to install it and give it privileges . This isn't a situation of the Mac being more secure because it's less used (security through obscurity), it's a Trojan horse....they're going to show up from time to time.

      Now, it "may" be because the Mac is getting more popular that these trojan writers are taking notice of course, but it's not because the Mac is insecure. It's exploiting the unsuspecting user and no, you don't need special software to guard your system....just be suspicious of everything you install.
  • natedouglas, on 11/01/2007, -33/+9http://www.pornotube.com/ hasn't sassed me yet.
    • mywhitenoise, on 11/01/2007, -11/+8that site sucks, and I they always have a screenshot of gay porn when I hit the front page.
      • ACrazyGerman, on 11/01/2007, -2/+22must suck blowing your load so early...
        • mywhitenoise, on 11/01/2007, -6/+3It's a site that hosts on average 30 second clips...who's exactly blowing their load early, the person who says the site sucks, or the person defending it?
    • allyant, on 11/01/2007, -3/+7Dude, 70% of porn there is gay stuff, try http://www.redtube.com/ if you want a good streaming porn site.
    • anotherjeff, on 11/01/2007, -3/+13Hi, i'm 10 years old.
      • KLowD9x, on 11/01/2007, -5/+4Get off the internet.
      • luigi1015, on 11/01/2007, -0/+13Where are your parents?
      • IllBeBack, on 11/01/2007, -0/+1Chris Hansen may not be there to have some cops taser the dude that wants to have sex with you. Better watch out.
    • natedouglas, on 11/01/2007, -2/+1:-P
  • darkalias, on 11/01/2007, -7/+76To properly configure Parental Control, I need to know those, ehm, URLs, anybody know?
  • hokkos, on 11/01/2007, -16/+48A virus which demand the administrator password ...
    but I think that the "Safari users who have checked the "Open 'Safe' Files After Downloading" option in General Preferences will find that the disk image which is downloaded to their Mac automatically mounts, and the installer application will automatically launch." IS VERY BAD (different in Leopard I think).
    And that scutil can change DNS server is also very bad.
    Please apple fix it.
    • wgerik, on 11/02/2007, -6/+101The installer application doesn't automatically launch with root privileges, so it's not really a security risk. That's why it asks for the admin password shortly afterward.. that's where the trouble starts. Any semi-competent computer user should know better than to install a questionable piece of software anyway... even with their judgement slightly impaired by a raging hard-on. :P
      • zybch, on 11/01/2007, -33/+7But thge thing is, that ANY semi-competent computer user is not going to be using a mac in the first place.
        Apple have based their whole computer division around the principle of selling products to stupid idiots.
        • spectre_25gt, on 11/01/2007, -0/+4That's a bit off. They've based their division on selling products that are easy to use. There's no reason that something has to be complicated if it's going to be used by a professional.
        • REBELinBLUE, on 11/01/2007, -2/+11I have an upper second Bachelor of Science in a computer engineering subject, pretty sure that counts as being a competent computer user. Yet I use a Mac, well 3, an iMac at work and an iMac and Macbook at home.
          • shark615, on 11/02/2007, -2/+3SOme of the dumbest programmers and "techs" I have ever had the displeasure of doing business with had a BS in Comp Engineeringg so it isn't reall a valis benchmark. Sort of like having an A+ or MCSE.
          • REBELinBLUE, on 11/01/2007, -0/+1Sadly that is true :( But that is why anyone with half a brain gets experience along side a degree, because a degree alone on your CV isn't that interesting to employers ;)

            However zybch didn't say they don't sell to competent programmers or techs, he said they don't sell to semi-competent users. I'm sure they'd still be at least a "semi-competent" user even if they aren't competent programmers or techs.
        • andyduncan, on 11/01/2007, -0/+7I purposely choose the most difficult, most infuriating option in all of my endeavors, simply to feel smarter. Instead of a button-fly on my pants, I have a mensa test! I pissed my pants twice today but I'm ***** brilliant!
        • pulsifier, on 11/01/2007, -3/+0@REBELinBLUE

          a B.S. is worth bs
          • REBELinBLUE, on 11/01/2007, -0/+1Is this because you graduated with a BSc in Chemical Engineering and 3 years later still don't have a job? I graduated and 7 weeks later I had a decent paying job. Maybe the BSc isn't the problem.....

            But I do feel for you a bit, I have some friends from University who are in a similar situation, but then it is mostly their own fault because they won't look outside their immediate area for work. If I had done that I would not have got a job either, but I didn't, so I commute 2 hours each way to London.
        • Dumbledorito, on 11/01/2007, -0/+4While meant to be an insult, he is right: The wider you make your user base, the more likely you are to have people in that base who will do things like this.

          When it REALLY gets bad is when installing this stuff uses the trust placed in the infected user (i.e. "Hey, Bob installed me and he loves it! Click 'yes' and you'll be as cool as Bob!") and it spreads even more easily. Basically, you're looking at what that "allow" nag in Vista was supposed to stop. MS did the only thing they could when they were complained to, which is to make a default setting that required the user to confrim an action. However, as Apple will discover, there is no cure for stupid, so one's defense against this sort of thing is only as strong as your most clueless customer.
        • blackinthmiddle, on 11/02/2007, -0/+2This coming from a person that doesn't know how to spell "the"!
        • msgyrd, on 11/01/2007, -2/+3You're such an obvious flamebaiting Apple troll. Blocked.
        • msgyrd, on 11/01/2007, -3/+2You're such an obvious flamebaiting Apple troll. Blocked.
      • spectre_25gt, on 11/01/2007, -2/+12I would have to disagree here. This is a case of social engineering. People know that codecs are needed to view certain files on the net. If they want to see those files, they're likely to install the codec. They also know that they're purposely downloading the software, so it makes sense that a password prompt would come up.
        • noahhoward, on 11/01/2007, -2/+2Oh well.
        • chsbrgr, on 11/01/2007, -0/+7Is Hot_Blondes_Jello_Fight_Part3.mpg worth my admin password? Damn right - that's why I bought this computer!
      • Lou3000, on 11/01/2007, -1/+2Are you kidding me? PCs make up roughly 92% of computer users. I'm pretty sure the percentage of incompetent computer users is far higher on the PC side.


      • arjie, on 11/01/2007, -0/+1Yeah, there's nothing Apple can do if people are going to be putting in passwords all the time. PEBKAC.
    • Angostura, on 11/01/2007, -0/+31I don't think the installer automatically launches - just mounts.

      The problem with this is the risk is inherently of a OS-agnostic type. 1. Guy downloads software that says it will do X, 2. guy is asked for admin password 3. software installs 4. Software does Y instead.

      I'm not really sure what there is for Apple to fix here, unless Leopard's sandboxing could help in some way (which I doubt)
      • AmazingSyco, on 11/01/2007, -0/+6Apple's sandboxing technology in Leopard looks to be pretty sophisticated, as it appears to handle blocking access to files and network access. There are also metadata presets for "untrusted" files (which is, in fact, where the dialog box that says "you downloaded this from a web site and it may be bad" comes from). So yeah, Leopard's sandboxing technology could definitely help.
        • natenovs, on 11/01/2007, -1/+10it will be as effective as vista's sandbox and metadata prompt. that is, the trojan will still be ran, because the greatest vulnerability sits between the chair and the monitor.
      • Dumbledorito, on 11/01/2007, -15/+8You just downloaded a program to your Mac. Cancel or Allow?

        You have just made a sad realization and owe several Vista users an apology. Cancel or Allow?
        • jackyyll, on 11/01/2007, -6/+13It only asks for your root password when a program needs root privileges, and this is very rarely with normal programs....

          You have just made an ill-informed comment. Cancel or Allow?
          • fkr3, on 11/01/2007, -2/+3So you have to type your password every time, while we just click Allow?
          • terath, on 11/01/2007, -1/+0Yes. Except "every time" happens very very rarely. How often do you really install new software? And even then, usually you are not asked. If you are, then you should be suspicious as the program is asking for complete access to your system. Something like Tetris, for example, does not need this sort of access.
        • samdu, on 11/01/2007, -0/+5The requests for confirmation in OS X are significantly less annoying than in Vista. It seemed like Vista wanted confirmation on either EVERYthing or nothing. OS X has seemingly found a good balance. It still won't stop morons from installing software they have no clue about, but for those of use that do know what the deal is, it's not annoying.
          • Tippis, on 11/01/2007, -0/+1Vista asks for confirmation whenever a program wants to do something on a system level, rather than on user level, just like OS X. The difference is that OSX developers learned quite some time ago how to work within the user level sandbox, whereas Windows developers are used to having full access to everything, and have yet to learn to do things using less intrusive techniques.

            In short, it's a problem with the developers, not the OS.
    • WiseWeasel, on 11/01/2007, -4/+8"Open 'Safe' Files After Downloading" is disabled by default...
    • furly37, on 11/01/2007, -1/+10The only fix is to offer to take the machine from any moron user who is dumb enough to put in their admin password for an application they didn't ask to have installed.
      • zybch, on 11/02/2007, -10/+2That would mean 80% of mac users would have their computers taken away!
    • PathDaemon, on 11/01/2007, -3/+15While "Open 'Safe' Files After Downloading" is enabled by default, its criteria for, erm, opening safe files is very reasonable.
      The system will only automatically open installers that load into the built-in Installer.app, which carefully controls what they can do.

      These installer packages can do NOTHING to your system, not even display a "lawlz owned" popup, without user confirmation. If you have downloaded such a package from a website you've never heard of, you shouldn't ***** click the install button.

      Once you enter your admin password, all bets are off. That's confirmation that you trust the installer to have full reign over the system, installing and changing whatever it wants.

      This "Trojan" exploits no security holes whatsoever, except the usual PBKAC, and would be all but impossible for the OS to combat.

      Your suggestion that letting Safari open safe files isn't safe is silly — it would add an extra step to every software install and add no security — as is your recommendation that system configuration should only be changeable through the GUI. scutil is great, and removing it would piss advanced users off and, do nothing for this Trojan. Remember, with root privs it doesn't MATTER commands exist to change stuff, it can go in and edit configuration files manually.
    • InfiniteNothing, on 11/01/2007, -0/+3I'm imagining an OS that tests its user. If fail the test, it becomes militant and doesn't let you install anything until you can later pass the test
      • eviltuxking, on 11/01/2007, -0/+5It's called Linux minus a package manager. Only the people who are able to compile software can install it.
    • runeasgar, on 11/01/2007, -6/+3The "open safe files after downloading" option is the worst thing Apple has ever put in Mac OS X. Idiotic microsoft-esque hole.
    • mrurc, on 11/01/2007, -0/+1Oh, well then, I guess it isn't a vulnerability.

      /sarcasm
  • Pheter, on 11/04/2007, -66/+85Well we all knew this was going to happen. Even if you just didn't want to admit it..
    • ThatsUnpossible, on 11/02/2007, -11/+43Something tells me you don't actually understand what this is...
      • ZachSka87, on 11/04/2007, -14/+6It appears to be a Mac virus. That about right Pheter? Silly ThatsUnpossible is in denial.
        • flightvector, on 11/02/2007, -1/+11No, this a virus acting like a useful program from a porn site (anyone who actually believes that there is such a thing in the first place is a douche, mind you) that not only asks you to download it And requires you to click "download," but Also requires admin password to be entered just to install it.

          Now if you think that is the same as getting your stupid registry (which OS X happily does without) trashed simply by viewing an image on a website you visited by accident, or inserting a Sony music CD and hearing your hard drive crank for a second as it silently installs a rootkit, then I'd be wasting my time. How is that a security breach when you stupidly trust a website that you shouldn't and install something just because they say so, this isn't a random pop-up or an uncommanded installation.
          • shark615, on 11/12/2007, -7/+1umm you do know that the Sony CD thing caused Macs to ***** up to right? And that with a PC I could just force the cd out but with a Mac you have to get it serviced. You knew that right?

            Finaly since when does viewing an image hose your registry? Finally most security breaches on windows are exactly like this yet when it is a windows thingits the OS fault but with a Mac its the users fault...
          • Macskeeball, on 11/02/2007, -0/+2@Shark615: If you boot a Mac while holding down the mouse button or trackpad button, the optical media will eject if physically possible.
      • c5kirk, on 11/02/2007, -1/+11Actually it's a trojan which is very different than a virus.
    • FutureGuy, on 11/01/2007, -17/+3I am still waiting for someone to give an explanation on why such a thing would never happen on a Mac since its inherently "secure" and such a system change would need "root" access blah blah blah
      • Bamborzled, on 11/01/2007, -3/+10Macs are very secure, and so are all *nix systems. This is a simple case of social engineering. No OS can ever defend against an idiotic end user.
      • andnever, on 11/01/2007, -0/+8the virus demands you to enter your password....if youre dumb enough to do that noone can help you. just like back in the day people would im you claiming to be AOL asking for your account info.

        guess you need to shut the ***** up...thats what i would do if i didnt know what i was talking about
        • FutureGuy, on 11/01/2007, -4/+4looks like something tickled your nerves a bit. for a virus to "demand" password it has to first start up as a process, no? To do that it need to have certain permissions, no?
          Also it helps if you read the article
          "Safari users who have checked the "Open 'Safe' Files After Downloading" option in General Preferences will find that the disk image which is downloaded to their Mac automatically mounts, and the installer application will **automatically** launch. "
          Now if you were running Vista, not that you would ever do something that crazy, you would prompted specifically asking you if you want to run the installation, and if the app tries to edit the host file Vista would warn specifically that the app is trying to modify the host file, one can click continue but then at least the OS did its job of making sure that the "trojan" is not a "trojan" anymore, you would know what its doing.
          I would recommend you read up a bit before going around calling people dumb.
          • andnever, on 12/12/2007, -0/+1actually in leopard the first time you download an app from the internet it will ask you if youre sure you want to launch it. second that doesnt change the fact that nothing is installed untill you grant the super users permission to do so

            you sir are just plain ignorant
        • sneeka2, on 11/01/2007, -0/+3@FutureGuy:
          I'd recommend you to read up a bit on the OS X Installer.app. The only thing that is downloaded as part of the trojan is an installer PACKAGE, which is not an executable file, but actually just a directory with a special extension containing files and a bit of metadata. You can walk through the contents of the package in Finder to see what it'll do on installation. Now, the installer that's launching is the Installer.app that's included in OS X, it's the system's own "Install software" dialog if you will. That Installer.app is reading in the metadata from the downloaded package and displays at least one page of information before anything happens at all. No piece of the downloaded package has been executed at this point.

          The user needs to click Next at least once, then click Install and enter his password before any part of the downloaded content is actually executed. That's why Safari is "safely opening" the content, because there's no security hole here. Move along.
      • Haecceity, on 11/01/2007, -1/+7andnever's rather rude, but he's right that this trojan has to ask you to install it and you have to type in a password to allow it to do so. A PC can simply be hijacked. There's no security system in the word that can prevent you from installing a trojan is that's what you *want* to do.
      • samdu, on 11/01/2007, -0/+3Because the moron installing the trojan implicitly gave it root access.
    • MacSuxWindozSux, on 11/01/2007, -13/+4At least windows users are using anti virus.
      • tao52nyc, on 11/01/2007, -0/+6Actually, a significant number of windows users either do not use anti-virus, or don't keep it up.
      • zybch, on 11/01/2007, -5/+1I don't bother with an AV. I run a bi-monthly on-line scan and thats it! I've not had an infection for years.
        Its only when you start visiting suspect sites and opening up attachments blindly that most computers are compromised, and no OS is going to be secure enough to prevent stupid users from engaging in dangerous behaviour!
      • TeatimeGrommit, on 11/01/2007, -1/+2My windows machine has been infected twice by viruses, and the anti-virus software I had never once actually prevented so much as a single virus from getting onto the computer. My firewall was better for that. Plus, unlike the firewall, the anti-virus hogged all kinds of system resources.
      • Arramol, on 11/01/2007, -0/+2As a support technician on a college campus, I can safely say that most Windows users are completely clueless about security. We actually had to add a policy allowing us to delete useless virus scanners (read: NORTON, especially when their update subscription expired last year) and install something more useful when they check their machines into our repair center.
      • MacSuxWindozSux, on 11/02/2007, -1/+1Well guys. First, my windows box last had a virus since 2001. And that's the only time I've ever gotten a virus. After that, I decided to use an AV, but it's never picked anything up and I've had no problems since.

        I agree about the firewall I find them more useful more often.
        Expired Norton? Yeah that's useless.

        "most WIndows users are clueless about security" and Mac people aren't?

        I think it boils down to what the user does. Does the user do risky things like download screensavers? Or does the user stay away from suspect files. I think that's the single biggest factor when determining viruses or no viruses. Lots maybe even most Windows users don't actually get viruses, despite the risk being present. But a good AV is something everyone should have.
        • Arramol, on 11/01/2007, -0/+1""most WIndows users are clueless about security" and Mac people aren't?"
          Oh I have little doubt that they are. I'm not a trolling Apple fanboy, I use XP and Ubuntu myself. But I can't say that Windows users are better off in terms of keeping their machines secure. I just helped out a user who hadn't even installed Service Pack 2 on her XP laptop. I don't think I can even begin to count the number of computers I've seen with nothing but a broken Norton or McAfee install for protection.
    • mrurc, on 11/01/2007, -1/+4Things like this have been around for ages. They are less popular because the OS is less popular and more secure. But NO OS is secure. Lying to yourself about how secure your OS is only serves to increase your risk.
      • wyrdness, on 11/01/2007, -0/+1True, but this one depends on the user entering the administrator password. No OS that I know of is safe once the admin password has been given to a malicious application.
  • tupperbacharach, on 11/02/2007, -83/+13Better get this to the front page, ASAP.

    I predict a lot of mactards are going to have their bank accounts emptied and their credit cards hijacked.
    • karipatila, on 11/01/2007, -8/+4dumdumdumdumdum.
    • iFungus, on 11/01/2007, -0/+7Yeah, thats exactly what every single trojan does. They also blow up computers, like in Die Hard 4.
      Shut up.
  • ivankraszl, on 11/02/2007, -45/+13This is such BS! Here is my opinion in a longer version: http://creativebits.org/mac_os_x_viruses_and_troja ...
    • kweeky, on 11/01/2007, -5/+19Most viruses and trojans on Windows are spread that way too. You have to remember that due to Windows having the biggest market share, it is also the biggest market share of people who don't know that downloading "lol.jpg.exe" from an e-mail is generally a bad idea.

      Common sense is the best anti-virus. Saying that, I still have NOD32 in case I'm blind drunk or something.
      • natenovs, on 11/01/2007, -1/+2and its gets real bad when "report.pdf" is an unsafe file too.
    • 1337pino, on 11/01/2007, -2/+2How smug can you get, ivankraszl? Are you assuming that every freakin' mac owner is so enlightened about everything that is out there that involves their computer that they wouldn't download such codecs and other seemingly needed things?

      Well, if ALL mac owners are such people, then I guess the little old lady down the street and her mac are good enough to be working tech support somewhere.
  • masterm1nd, on 11/02/2007, -95/+48There is officially zero reasons to use a mac now.
    • kweeky, on 11/01/2007, -22/+8Propping up wonky tables?
      • Cymrubeats, on 11/01/2007, -13/+2it's great for backing up your softwares.
    • awhiteflame, on 11/01/2007, -3/+39Except this is a total non-issue and requires root password to install. Why not just make malicious scripts that require root password as well?
      • zybch, on 11/01/2007, -11/+3But mosty idiot mac users will give it one without thinking. Thats the price you pay for having such a small market share that nobody bothered to attack the system in the first place, so that now when there are enough users to warrant attacking the mac, the users themselves are so complacement that they WILL just blindly click 'yes' on any damn permission field.
      • Ramble, on 11/01/2007, -6/+9Viruses in Vista require UAC elevation too.
        • luchid, on 11/01/2007, -5/+3wow it took windows, what, 20 years to require permission elevation?
          • petard, on 11/01/2007, -1/+7Does that matter? They are at the same level now, except windows users know there is viruses and mac users believe this is none.
    • airencracken, on 11/07/2007, -12/+22Oooh I think you meant there ARE officially zero reasons to use a mac now. Thanks for playing the grammar game. Fail.
      • masterm1nd, on 11/01/2007, -9/+4I know, it's because I decided to go with zero reasons rather than no reason in mid sentence... who cares. Oooh isn't a word and you forgot a comma after it, and fail does not qualify as a sentence.
        • Ag3ntOrang3, on 11/01/2007, -2/+1Sure it does. The "you" is understood.
        • masterm1nd, on 11/01/2007, -2/+1Not in proper English, which is the standard he was holding my comment to... "who cares"
      • over90000, on 11/01/2007, -7/+7This is a typical reply of those who can't argue the content. They attack the spelling/grammar instead. These people tend to be mac users.
        • masterm1nd, on 11/01/2007, -4/+1The old attack the grammar rather than the JOKE fallacy.
        • windmillninja, on 11/01/2007, -0/+1This is a typical reply of those who blatantly hate macs. Blindly lump any human error into the "mac user" category to make yourself feel good about your alienware.
      • kponto, on 11/01/2007, -2/+4You're right, there is zero reasons. Oops... wait, System level grammar checks, it's back up to one.
        http://www.apple.com/macosx/features/300.html#syst ...
        • over90000, on 11/01/2007, -6/+3Lol that list is so full of padding.
          >Improved Full-Screen Interface : oh wait, Windows had it for a long time
          >Image Bar: this too
          >Time Slider: This too
          >Time Skip: lol what
          >Icon Preview: windows had it first
          >Path Bar: windows had it
          >New Fonts: omg new feature
          >New Message Views: THIS IS ESSENTIAL!!!
          >More Smileys: IT's a revolution!


          i can keep going forever
    • spitsnaugle, on 11/01/2007, -9/+21then windows (mainly vista) must be in the negatives.
      • masterm1nd, on 11/01/2007, -10/+4Windows (especially vista) does blow, but it sure as hell beats using an insanely dumbed down os with a one button mouse.
        • drjones78, on 11/01/2007, -4/+4Yea... So UNIX is dumbed down? Display your ignorance more please.. its entertaining.
        • mbadolato, on 11/01/2007, -3/+1Who said you have to use a one-button mouse? Just because it comes with it doesn't mean you have to use it. I'm using a regular 3-button with scroll wheel on both of my Macs...
          • masterm1nd, on 11/01/2007, -3/+1I am joking and have been since my original parent comment.
        • blackinthmiddle, on 11/01/2007, -1/+2masterm1nd, you truly are a dumb-ass. So which commercial operating system out there is more complicated than linux, which mac is based off of? Do you REALLY think that Windows is designed for the *intelligent* users? You're either suffering from mental constipation or written diarrhea. Either way, step away from the internet NOW!!!
          • masterm1nd, on 11/01/2007, -4/+1The comically over priced hardware is what makes me think it is not designed for intelligent users. The one button mouse thing doesn't help.
          • zybch, on 11/01/2007, -4/+2Or what about the mighty mouse., The ONLY 2 button mouse with only 1 button!

            Hows that for a company treating its users like mentally retarded lemmings!!
          • eviltuxking, on 11/01/2007, -0/+2Um, Mac OS X is based off of BSD, not Linux. It's core is called Darwin, and it runs a Mach kernel. Get your facts right before you flame people. That being said, I do prefer OS X to Windows. Of course, Linux is much better than either.
      • over90000, on 11/01/2007, -11/+3Vista is much better than OSX will ever be.
    • over90000, on 11/01/2007, -19/+4Paperweights.
    • badjoke, on 11/01/2007, -7/+24Except for the whole better user experience thing.
      • over90000, on 11/01/2007, -12/+8A typical mac user just browse a web, write simple emails and chat using IM. All things that can be done on a PC for cheaper. The user experience is just a myth. And yes, I've used a mac.
        • thinkdrastic, on 11/01/2007, -1/+3"A typical mac user" eh? So does the typical Windows user play solitaire all the time they're not up to their armpits in pivot tables? No doubt the the typical Linux user enjoys spending their life tinkering with the kernel trying to get their USB mouse to work in KDE? Or are the stereotypes actually a load of bolleaux?
        • over90000, on 11/01/2007, -5/+2@thinkdrastic: a typical windows user does the same thing as the typical mac user. that's why i said this user experience ***** is just a myth
          • badjoke, on 11/01/2007, -0/+3"User experience" isn't what they're doing. It's how the computer necessitates what they're doing. I spend most of my time on my PC but find my Macbook much simpler to accomplish the same things.
          • over90000, on 11/01/2007, -0/+1like what?
        • theprez, on 11/01/2007, -0/+2You, know, I usually ignore comments like these, but I think you're pretty wrong about the "typical" Mac user. I'm not saying there's a typical Windows user either but the vast majority of everyone I know that uses Windows only browses the web and uses the Office apps (for work or school). And every Mac user I know uses their Mac for video and graphics or they work in photography. But this doen't make me generalize either user. Just check out all the Final Cut Pro user groups and what they have to say about user experience and I think you'll realize how wrong you are.
        • over90000, on 11/01/2007, -2/+2@theprez: except for the fact that FCP is only available for macs right?
      • badjoke, on 11/01/2007, -0/+3You've "used a mac." Probably just for a few hours to a few weeks in a classroom. So essentially you knew nothing about how to work a mac and spent a few weeks confused and frustrated. My girlfriend is the same way.

        Once you get used to the OS you realize that it's much simpler.
        • windmillninja, on 11/01/2007, -0/+2By "used a mac" I assume he hopped into an Apple Store on his way to FYE.
        • over90000, on 11/01/2007, -0/+1no, i'ved used a mac because my brother was given one from work.
  • over90000, on 11/02/2007, -56/+17Lol, so much for Macs being secure. In before all the apple apologists.
    • joshuaer, on 11/01/2007, -6/+3they are still secure we just now have dumb horny people using them!
  • cglisson, on 11/02/2007, -20/+133Scare tactic by Intego... they have done this before. Nothing in the wild, nothing to see here folks, nothing to see here...
    • TeatimeGrommit, on 11/01/2007, -3/+9Should have been posted as a reply to Henry Appleseed. Hah! Guess I don't have precision mouse skilz.

      Um. I'm not going to type my administrator password to help your virus install itself. Oh look, my DNS is fine because I didn't type my root password. Now, walk over to the Windows machine. Virus installs *itself*. Hmmm... Bit of a difference there, I think.
      • ilgaz, on 11/01/2007, -1/+2Do you think Windows trojans install all by themselves?
      • codmate, on 11/01/2007, -0/+1Please tell me how executables run with zero user intervention on a Windows box.
        I've been using Windows for years and I'd love to know!
    • mrurc, on 11/01/2007, -1/+2I found it on the Symantec site, which confirmed it today after the information posted yesterday. Some vulnerability postings are about potential threats but this one is a threat listed as in the wild. Sticking your fingers in your ears is not going to make it not a threat.
    • ilgaz, on 11/03/2007, -0/+2As an Apple user who even does his professional job on Apple environment, people like you makes me wish a very evil Trojan/Worm hybrid ships and people who didn't take basic security measures because "Mac is safe" becomes horrible victims.
      Your type of ignorants is the most evil security risk on any Operating System ever shipped.
    • overbyte, on 11/01/2007, -0/+1As an apple user who even does his professional job on Apple environment, anti malware products on the mac are invariably worse that the problems they profess to cure and are a complete liability. Get off your soapbox.
      if you must install something (as a benevolent gesture to the windows users on your network for instance), use clamAV http://clamxav.com/ - it's the least intrusive / destructive
  • nexah3, on 11/01/2007, -29/+12Someone check the SMUG index now..
    • sp1keNARF, on 11/01/2007, -1/+4oh, it's still pretty high, considering there are millions of these for windows.
    • zybch, on 11/01/2007, -5/+3It just dropped 7 points!
  • zeejay, on 11/02/2007, -14/+150Q. How big of an idiot to you have to be to install software from a porn site?
    A. The same kind of idiot that would buy anti-malware software for a Mac. (Unless you're running a Windows partition, of course...)
    • natenovs, on 11/01/2007, -0/+16the same kind of idiot who runs this stuff in windows too.
    • FutureGuy, on 11/02/2007, -13/+8What kind of idot? well someone like you. On a patched Windows system one only needs an antivirus as much as they need it for a patched Mac. In fact its lot more difficult to constuct a hack like this on Vista since even if one downloads and runs a trojan UAC would warn the user what "exactly" the program is trying to do like changing the host file/registry etc so it much difficult to be a "trojan" and slip something in.
      • flightvector, on 11/02/2007, -6/+2Well something is flawed here... I actually don't need my OS X antivirus as much as you do in Windows because I don't even need OR have an antivirus Period. I hope I'm smart enough not to need someone to warn me against installing software from porn sites.
    • nate886, on 11/01/2007, -2/+11At least I wouldn't have to tell my Mac that it was ok to install Symantec 5 times. (Yes Vista, I'm talking about you.)

      I just unleashed my inner Mac fanboy, sorry.
      • Kanidia, on 11/01/2007, -0/+4Just for apologizing, you get a nice digg for your halloween treat.
      • darkciti2, on 11/01/2007, -2/+1Let it go... Let your fanboy out. You'll be at peace once you've come to terms with it.
    • antdude, on 11/01/2007, -0/+2There are MANY computer illiterates. :(
    • c0d3z3r0, on 11/01/2007, -2/+4I haven't had a virus in over 5 years, and I was using windows, i just switched to a mac this year and i wouldn't be surprised if the mac got more virus since of it's popularity increase.
      You dont need an antivirus software, you just have to be careful on what you do, if you see a pop up from the system, and you did not issue it, DON'T TYPE IN YOUR PASSWORD!
  • FunkyWitDaSysTm, on 11/02/2007, -5/+151this isn't a virus, it's just a trojan horse that tricks you into providing your administrator password. at that point it's not your mac that has a vulnerability, it's your poor judgement.

    if you make it a habit of going to porn sites, you should know that installing any type of software from them is a very stupid thing to do. if they can't stream their video through the browser without installing a codec, then something's fishy.

    play it safe, and just don't install suspicious software. or else this could happen to you.
    • streak, on 11/01/2007, -1/+13Vista has the same "social engineering" bug in its UAC.
    • leodavinci, on 11/01/2007, -3/+5Not saying this is a big deal, but you better get ready for more of this kind of news. As the market share grows you better bet more malware will be written for macs.
    • XXXXXXXXXXXXXX, on 11/01/2007, -6/+2And virus and a trojan are not worlds apart. A virus is a trojan. They're all terms that really mean the same thing.
      • ungamedplayer, on 11/01/2007, -0/+3No, clearly not true.

        A trojan is something that hides its pay load while attempting to look legit, its payload _may_ be a virus, a key logger or perhaps an army.

        A virus doesn't care about pretending to look legit, it just hides itself, but often 'piggybacks' something in some form of infection. A virus may also have a payload. I understand how it may look confusing to the layman.
      • prammy, on 11/01/2007, -0/+1To extend on what ungamedplayer said:

        A Virus - Think smallpox.
        A trojan Horse - Think 'The trojan horse' from The Iliad.

        Now the soldiers may have had smallpox and infected the populace of Troy, or they could have gone and killed almost everyone (which they did) or just stay hidden as spies and report back to the Greek army.

        There you go, one payload a virus, one payload bring destructive, and the last being a keylogger/spyware.
    • ilgaz, on 11/03/2007, -0/+1So what? Intego calls it Trojan from first day. This is true definition of trojan: Malware masking as good software.

  • ramsinks.com, on 11/01/2007, -11/+67It's sad how many are so un-tech savvy to believe what they see on digg.
    FUD.
    • Cymrubeats, on 11/01/2007, -9/+2Dugg for 'un-tech', but also buried for being a confused *****, so i didn't click either button.
  • jeffgtr, on 11/02/2007, -9/+34To get infected enough you first have to stupid enough to download something from a porn site, then put in your admin password to authorize.
    But then maybe I should scurry on over to Walmart and pickup a pc with Vista, I'm sure that would be safer (sarcasm)
    • nesman89, on 11/01/2007, -5/+1no you got it all wrong.

      /Sarcasm
    • lacronicus, on 11/01/2007, -8/+3You have to be stupid to get a virus on your mac? well what a surprise, its the same way on the PC!
    • penguinshome, on 11/01/2007, -3/+4I've never gotten a virus on vista in a year of having it and I turned off UAC the first day I got it. Vista isn't as ridiculously horrible as people make it out to be. I've worked on macs before and have never for the life of me figured out how a system like that could please a sophisticated computer user. Basically Windows gives the user a bit more control of what they can do with their system. With this control handed over to the user there is an expectance that the user won't be a ***** and screw the system up.
      • srg13, on 11/01/2007, -1/+2"...and have never for the life of me figured out how a system like that could please a sophisticated computer user"

        Applications -> Utilities -> Terminal...

        That, and Final Cut Studio
        • codmate, on 11/01/2007, -1/+1Yeah - the terminal is far preferable than attempting to use the horrible GUI...
          Especially 'Finder'...
  • Felix57, on 11/01/2007, -36/+2in away I'm overjoyed by removing a bit of apple fan-boys smugness but I'm also empathetic that there is no safe haven anymore
    • platypibri, on 11/01/2007, -2/+6I think you'll find us still quite smug. That count is now 1 Mac Trojan to how many windows trojans? And since I'm not much of a pr0n surfer, I think I'll keep my AV dollars in my wallet for now.
    • Acglaphotis, on 11/01/2007, -1/+3linux ftw
      • bigsteve, on 11/01/2007, -1/+1acglaphotis FTL. Google PEBKAC. It can happen to your 1337 ubuntu rig too.
      • hajamieli, on 11/01/2007, -0/+1There are actual VIRII (viruses) in the wild targeting linux distros ftw.
    • bigsteve, on 11/01/2007, -0/+1omg guys i just made a mac trojan!

      touch runtoseebigboobsLOL.sh && echo "rm -rf ~/*" >> runtoseebigboobsLOL.sh && chmod +x runtoseebigboobsLOL.sh

      Now there's two trojans for Mac OS X.
  • Rudiger81, on 11/01/2007, -7/+20OMG Quick buy antivirus and go back to windows cause it has the cancel and allow security!!! come on if your that stupid to be surfing porn and say ok to installing a program AND put in your admin password then you deserve to get a virus and also get a lobotomy.
  • Ag3ntOrang3, on 11/01/2007, -5/+55Has no one realized that you have to input your password for the so called "Trojan" to be effective. You can't stop stupid users from doing stupid things. If you are dumb enough to download a "video codec" to watch pr0n then you deserve to get hit. As a Mac user I can go home tonight and safely use either Safari or Firefox to surf any website I wish without the fear of a buffer overflow exploit on ActiveX and a silent install of nasty malware.
    • natenovs, on 11/01/2007, -1/+16ok. were going to stop talking about computers for a second. do you remember the original "trojan horse" ?? those idiots had to open the locked gate and wheel the horse in for that so called "trojan" to be effective.

      thats what the ***** metaphor means! it means you lower your level of security because you think the program will do A, and then it does B and your screwed. and its awfully effective. jesus h christ!
    • BadseedJR, on 11/01/2007, -1/+8You have to do the exact same thing on Vista to have a program run too. I'm no windows fan, but I'm no mac fan either. I'm tired of each side saying one is better... they each have their niche, and both are vulnerable.
      • flightvector, on 11/01/2007, -0/+5I am a sensible mac user and I thought I'd just give my affirmation to a comment well said.
      • srg13, on 11/01/2007, -1/+1"You have to do the exact same thing on Vista to have a program run too."

        For trojans you do, but generally spyware, worms and viruses come in by themselves...
        • codmate, on 11/01/2007, -0/+1Please explain how.
          • BadseedJR, on 11/01/2007, -0/+0User account conrtol. Any executable code triggers it. I'm not saying it's fool proof, but it's there.... asks for the admin password just like a mac.
  • over90000, on 11/01/2007, -16/+4Here is another example of a Mac OSX Virus.
    www.macrumors.com/2006/02/16/the-first-mac-os-x-virus-a-new-os-x-trojan/
  • cakerun, on 11/01/2007, -7/+22Um, ok. So basically you will get a trojan horse if you are
    a] watching porn
    and b] being a general ***** retard.
    "Hmm, this here porno site wants me to download an additional codec so it can let me watch more pr0nz. The porn popups are so distracting, I'm just gonna click yes and manually click through to install the ***** thing."

    I should just light my computer on fire now. Goodbye Tiger, Hello VISTA!!!
    • Ramble, on 11/01/2007, -2/+14It's the same in Windows you know. It's just we have a higher proportion of morons.
      • cakerun, on 11/01/2007, -0/+5Touche. Sounds good.
      • bigsteve, on 11/01/2007, -0/+3Yea really. Love me my Macbook, but my Windows XP desktop has had the same build for nearly 4 years now, no antivirus, no antispyware, no problems. Just common sense surfing and a good (OpenBSD-based) firewall.
    • fef560, on 11/01/2007, -0/+1To be fair most guys don't think straight when they're in porn mode.
  • thurows, on 11/01/2007, -12/+3Welcome to hell.
  • drjones78, on 11/01/2007, -0/+37Every operating system out there is susceptible to trojans because they rely on user stupidity or lapse of judgement. There's plenty of trojans out there for linux and unix as well. If you install an application from an untrusted source, using administrator/root privileges you put your self at risk. The most secure OS in the world cant even protect you from yourself.

    Hell, there are quite a number of trojans out there for linux, and since OSX is unix, I bet many of them might work there as well.

    The biggest problem with Trojans and Windows has traditionally been that there's so many ways to install them *without* user input, through activex controls or outlook macros. The situation may be much better in Vista though, I don't know.
    • HerrEisenheim, on 11/01/2007, -3/+4It's better in Vista if you have UAC enabled. The problem is that since UAC asks you to make ANY CHANCE it becomes habit to just it "Allow". You start doing it without thinking. It's the same with how it's become habit for me to use the option to Reset Camino to clear my history after every browsing session. Sometimes I don't even want to do it, but do it by accident because it's habit. That's the problem with UAC in Vista. It's a very all or nothing system. Granted, it's better than any Windows before it, but it's still not what I'd call a "great" solution.
      • bigsteve, on 11/01/2007, -1/+2I'm not sure why you're getting dug down, as you are pretty close to the root of the problem. There need to be some more outside-the-box ideas regarding keeping the user safe from him/herself (as much as I'd love to just say "can't save you from you, you're SOL.") One thing you may or may not have seen is in OS X Leopard, the first time you run an executable, it remembers where you downloaded it from and asks you if you'd like to return to the website in question to research the executable before you run it. Not perfect, but something. Something different at least.
  • ipaiba, on 11/01/2007, -22/+2So no more of those snarky "we don't get viruses" Mac ads then?
    • totorototoro, on 11/01/2007, -2/+7No, just lots more snarky "But I thought Macs didn't GET viruses hahahah" comments :p
    • platypibri, on 11/01/2007, -1/+4I still don't get viruses.
    • soopafly, on 11/01/2007, -1/+6Oh there will be more, cause a trojan isn't the same as a virus
    • bigsteve, on 11/01/2007, -1/+2Wake me when there's something that's self-replicating using a remote execution exploit and privilege escalation. Or at least something that's capable of thread-hijacking or something that replaces/patches, say, the "Activity Monitor" binary to avoid detection. Man, all it takes is for some loser to drop "rm -rf ~/*" in a script and distribute it as a video codec for "more pr0nz" and you haters get a woody and start jumping up and down giggling "I THOUGHT MACZ DIDN'T GET VIRUSES LOLZ"

      You are embarrassing.
      • specialK16, on 11/01/2007, -2/+2And you go that far to defend your precious Mac? Get a life, the more you love it, the more popular you want it to get, the more susceptible it will be. Get off your high horse please, and enjoy it while you can....

        (I'm a Linux user, so please ***** off).
        • themoors, on 11/01/2007, -1/+3"I'm a Linux user, so please ***** off"

          You should wear this on a t-shirt while out in public, tell the world about your advanced social skills.
        • bigsteve, on 11/01/2007, -0/+2I'm not defending my precious Mac. I'm defending common sense. I'm expressing how tired I am of the digg headlines BREAKING OMG MAC VIRUS when it's just another trick-you-into-running-something-you-should-know-not-to. I'd be just as interested (if not more, since the code is open and has been under constant scrutiny by the open source community) to learn of a real vulnerability with exploit in the wild under Linux or *BSD.

          (I'm a Unix *admin*, so please ***** *yourself.*)
  • ramsinks.com, on 11/01/2007, -9/+94Any AV company will tell you that it is needed to have an AV for OSX/Linux. They are in sales.
    However, technically and the reality of the situation it is pointless with one given exclusion.

    #1
    There are no malware for OSX/Linux in the wild. There has been a worm made for OSX within this year, however
    this was done on purpose in a lab to see if it could be done. It was done. However to get infected it takes 6 full steps
    to force an infection on OSX.
    -First, you have to download the worm manually.
    -Second, you have to double-click the DMG installer
    -Third, you have to agree to install
    -forth, you have to give it your root password
    -fifth, you have to agree again (via OSX)
    -sixth, OSX warns you and you have to say "yes" to replace important OSX files


    That is a lot of work to become infected. Thus is why there is no "spread".


    #2
    The other point people like to make is "Mac has too small of market".
    Well, this has been said for 10 years now. Now, OSX is 10% WORLDWIDE.
    Thats millions of computers to "attack". It still has not been done (see point #1)

    #3
    Last year a group offered $10,000 to anybody to make a trojan for OSX that could be spread - this was sanctioned by large AV companies
    for a true test. Nobody has stepped up to date to claim the $10K.

    The main reason this has not been done, is because it cannot be done. Unless (see #1).
    This can be explained due to darwin BSD code and the way it authenticates user activity and protects itself.


    The ONLY reason to have an AV product on LINUX is if you had a linux file server that monitors windows shared files.
    Not to protect Linux itself, but to protect other windows machines on the network. At this point, there is wonderful opensource
    AV clients for this that are better than any "Paid" AV products out there.


    I hope this clears up some things.
    • over90000, on 11/01/2007, -11/+4OSX is not 10%, even Vista has a higher market share than OSX right now.
      • Chirp08, on 11/01/2007, -4/+3yes, but Apple is one company, with their OS coming preinstalled on only their stuff. Than you have EVERY OTHER manufacturer in the world that pre-installs the latest version of windows. No ***** it has more market, it's unavoidable. Vista is the Internet Explorer of the operating system world haha.
        • screwattackthis, on 11/01/2007, -5/+0Internet Explorer's market share dwarfs Vista's in comparison.
      • screwattackthis, on 11/01/2007, -5/+1OS X is not at 10%, but it does have a higher share than Vista. Vista is barely over 2%, Mac OS is at 4%.

        http://blogs.business2.com/apple/2007/04/os_market ...
        • DiggLive, on 11/06/2007, -3/+1That's from April, a few months after Vistas release. It's now November and Vista will be over 8%, with Intel Macs at 3% in about 2 years of selling.
        • screwattackthis, on 11/01/2007, -1/+1You're right. My bad.

          I'm not an anti-windows, pro-mac guy. I think they cater to different markets, and there is no win to the "which OS is best" debate. I was just trying to be objective. Thanks to my oblivious awareness to dates, I ended up sounding stupid.
      • flightvector, on 11/01/2007, -1/+1Well mac notebooks were quoted to have a 17.6% market share, so it is safe to assume the installed OS X base for notebooks (which outsell desktops) is at least significant compared to Vista.
        http://www.macworld.com/news/2007/08/21/appleshare ...
    • Rudiger81, on 10/31/2007, -1/+1Interesting but can you cite this stuff? I have heard of the $10k offer but I thought someone did it.
      • turpenine, on 11/01/2007, -0/+6somebody did it when the rules where changed to having a person get on safari and click a link to download a file etc... see #1
    • RodrigoKenobi, on 11/01/2007, -6/+110% worldwide, are you sure? Where did that piece of data came from?
    • ramsinks.com, on 11/01/2007, -3/+7You can argue anything 8-10%, Point is, it is millions of machines. Worthy of making money for a sole hacker that wants it.. .. if he could.
      • over90000, on 11/01/2007, -6/+2why waste your effort on 8-10% when you could put the same effort and reap more reward by putting it towards the 90%. gb2/econ101/
      • InfiniteNothing, on 11/01/2007, -0/+4Untapped potential. Fame. $1 is better than $0
      • javaroast, on 11/01/2007, -2/+3You can argue 8-10% but you'd be wrong. Worldwide less than 4.4%. That figure comes from the same source as the much touted 8.1% US market share.
        • ramsinks.com, on 11/07/2007, -1/+1Ok, great. Lets just say it's 4% (for your benefit). Now, you can calculate what 4% of the population is = that's what an untapped malware market is. Yeah.. It would be worth it.
    • killtherebel, on 11/01/2007, -0/+3Do people get these percentages by the number of versions sold? Because we all know that all of Russia and Asia are running pirated versions of Windows. Are they figured in?
    • spiritamx79, on 11/01/2007, -2/+5Your answer is a perfect example of the phrase 'hitting the nail on the head'.
    • OblivionMage, on 11/01/2007, -7/+1It is not 10% market share
      • ramsinks.com, on 11/01/2007, -1/+1k, it's 5%. That's only 450million machines No one has touched.


    • colonelxc, on 11/01/2007, -0/+2Technically speaking, worms are self propagating. Something the user has to download and install/execute would be a virus.
    • specialK16, on 11/01/2007, -0/+2I agree, but it is not impossible. Just give a couple of years, I'm sure someone must be working on it right now.
  • caliky, on 11/01/2007, -2/+45As a Mac user I'm scared sh*tless that there is a Trojan horse out there that can ruin my day AFTER I VOLUNTARILY turn over my password.
    • platypibri, on 11/02/2007, -0/+21Hey, I just realized if someone stole my Mac, I could lose everything!!!!! That's like a total analog vulnerability!!!!!! I better get a windoze machine so no one will steal it.
    • prammy, on 11/01/2007, -0/+2But if the OS was windows, you would be harping on how insecure windows is even though with a trojan you have to do the same thing in Windows as well i.e run it under a privileged account.

      This is not the first trojan for OSX. There was one a few years back disguised as the installer for MS Office which was going around gnutella. People ran it and had their home directory contents deleted. This did not ask for any password, systems file were fine, but if you had anything in ~ that was toast.
      A trojan is supposed to make you 'open the gates' to it. Thats the whole point.
      From reading many of the comments on this article, its looks like a decent percentage of the Mac population here will more than likely get infected by a trojan because 1. They don't know what a trojan is and 2. They all believe OS X is invulnerable.
  • teamtom, on 11/01/2007, -0/+26You'd have to be a moron to fall for that "Trojan Horse", now I'm off to email my bank account numbers to that nice man from Liberia...
    • OblivionMage, on 11/01/2007, -0/+4I would have to say, what the ***** is with those people from such countries (Or spambots claiming to be) that ask you for your bank account info. Is there anyone stupid enough to respond :/
    • m00nmaster, on 11/01/2007, -0/+4Is he related to the man from Nigeria? I know a guy...
    • Macskeeball, on 11/01/2007, -0/+1My bank account number is 1234.
      • IllBeBack, on 11/01/2007, -0/+1Thank you. I now have all of your cash.
      • grumpyrain, on 11/01/2007, -0/+1That's amazing! I have the same combination on my luggage.
  • Raider007, on 11/01/2007, -0/+20Oh I get it...
    I have to download something first
    then install it
    then go to a website to activate it...

    yeah...guess i can just "catch" that one huh...
    • specialK16, on 11/03/2007, -0/+3Why I fail to see is how this is different from a any Windows Virus.
      • darienphoenix, on 11/03/2007, -2/+1The difference is that Windows Virus'/Trojans can install as root without needing user input, or even needing the user to click 'ok'.
        • grumpyrain, on 11/01/2007, -0/+2Simply not true.

          I presume you are talking about UAC, so take a stock standard Vista install with IE. It runs in protected mode, so the process does not have any file system rights beyond its temporary files. If a vulnerability in IE7 is found (and I do not doubt they exist), the compromised process can not put the downloaded file anywhere significant, much less actually execute it. If the Virus/Trojan tries to install anywhere significant, UAC will pop up and ask you to either enter your password or click OK depending on your credentials and your configuration.

          But Vista is just as vulnerable to such attacks as Leopard, because the attack vector is the user's lack of common sense. An OS can only go so far in protecting you.
        • codmate, on 11/01/2007, -0/+1Christ. Judging by this thread, MAC users are total computer novices.
  • joshuaer, on 11/01/2007, -2/+3you know you get what you pay for when it comes to any, thing free porn is almost always spyware,Spam or a scam! but hey it is free.

    • ismith, on 11/01/2007, -1/+2not really... or maybe I just have a really good spam filter... I'm not sure.
      • joshuaer, on 11/01/2007, -0/+1well if you found non-spam free porn start sharing!!
  • over90000, on 11/01/2007, -27/+7I thought macs users were too busy being "productive" to watch porn. The Smugness is sickening. It's like all those people buying cars like Prius.
    • turpenine, on 11/01/2007, -1/+12you are an idiot.
    • natedouglas, on 11/01/2007, -0/+8I'm being very productive when I'm watching porn.
      • bigsteve, on 11/01/2007, -0/+2"With Intel's Core2Duo technology, ..."
    • soopafly, on 11/01/2007, -3/+7Aren't you suppose to be playing video games or something? That's what Windows users do right? Play video games?
    • ramsinks.com, on 11/01/2007, -1/+1It's evident you only get that type of response when the child cannot afford a computer to begin with. "smug",,, "fanboi".
      Pfft.. ya, if you could afford to.
      • specialK16, on 11/01/2007, -1/+1The old "you can't afford it" card. See, the thing is this: if you are smart enough you can buy a computer with much better specs with the money for a Mac computer. Put a Linux distro, learn how to use it, and you are good to go, and you will be better than using either Windows or Mac.
        • joshuaer, on 11/01/2007, -0/+1ya but for about the same price you can buy a mac and run all 3 or in my case just Linux and Mac!
        • themoors, on 11/01/2007, -0/+1That would be a great, for the unemployed. They have all the time in the world to learn Linux.

          BTW, I see you are using the "smart enough" and "better than" cards
          • specialK16, on 11/04/2007, -0/+1Well, I work 40 hours a week and I still got time to learn Linux so please try again.
    • Billions, on 11/01/2007, -0/+1You again? Three comments? You hate Macs so much that you eagerly anticipate your daily troll (and looking at your post/digg history, we see it is daily, isn't it, 90000?), and when you get to do it, you can't help yourself but to post three 'smug' misses of your own? You, sir, are obsessed. Just go make out with a Mac in the closet.
  • ZenMojo, on 11/01/2007, -25/+11How's it going OSX? Yeah, remember when I told you that no one made viruses for you because why bother when no one owned a Mac? Remember how you cheered about your growing market share? How's that taste?
    • ZenMojo, on 11/01/2007, -3/+7Nevermind, guess 8% still isn't enough to get people to make an actual MacVirus.
    • drjones78, on 11/01/2007, -1/+8Trojans are not virus's
    • freudianslipper, on 11/01/2007, -1/+4WTF is this West Side Story? Talk about smug.
    • 2Deluxe, on 11/01/2007, -1/+4With slight power, comes slight responsibility!
    • oyster, on 11/01/2007, -0/+2Well, I'm not OS X, although I am a close friend, so I think I can speak on its behalf.

      A trojan that requires you to type your password and click AGREE and Continue a couple of times just to get it installed...and it can't spread itself...I think OS X feels fine.

      Stupid jackass.
    • platypibri, on 11/01/2007, -0/+4It tastes better than your bitterness about the Mac platform. *looks up* Sun is still shining in Mac land.
    • Christbait, on 11/01/2007, -2/+1Smug mac kids are gonna get some nasty viruses in the near future, I see a whole lot of red faces for Apple.
      • bigsteve, on 11/01/2007, -0/+2Yea! Any minute now....

        Any minute. You'll see. ... yea.
  • Shaman760, on 11/01/2007, -0/+4I wish that my trashcan would stop filling up with EWSMac.framework files.
    Esellerate needs to get their ***** together because I'm starting to think that their product is MalWare.
    http://discussions.apple.com/message.jspa?messageI ...
    • turpenine, on 10/31/2007, -0/+1esellerate sucks.
    • acitcratnA, on 11/01/2007, -0/+2I think you mean recycle bin. I think it's clear who is more green here.
      • joshuaer, on 11/01/2007, -1/+1Macs are Honest they say trash windows recycles How? what do they turn your old files into.? I was confused i put 6 photos and 3 word docs in the recycle bin thinking it would make a pdf with all 6 photos in it but it just got removed from the system. At least when i am on a mac i know what is happening! /end sarcasm
  • AmazingSyco, on 11/03/2007, -5/+34Hey, guys, I have an idea.

    RTFA. Seriously. You first have to download something. Then mount the disk image. Then open the installer. Then, and here's the fun part, you have to ENTER YOUR ADMIN PASSWORD. Once you do that, and only IF you do that, it installs the malware.

    Come on. By this rationale, and regardless of platform, the NIC in your computer is a security vulnerability. That and PEBKAC. I could write the code necessary to do everything in this trojan and more in, oh, an hour for OS X.

    Buried, and burying troll comments.
  • dagamer34, on 11/01/2007, -0/+10Actually though, most people get viruses now from trying to install cracked software. They THINK they are getting away scott-free but they've just installed some spyware to go with that fancy new "stripper" wallpaper they would like to get rid of. I doubt any OS can really get around this problem.
  • gheide, on 11/01/2007, -10/+9macs are so insecure... NOT!!
  • jbird123, on 11/15/2007, -5/+10Answer: Get a girlfriend and stop looking at porn :s
    • Chirp08, on 11/01/2007, -2/+4who the hell is looking at porn on such sketchy sites anyway, come on people its 2007 you should know better.
    • platypibri, on 11/01/2007, -2/+3But my wife probably won't let me call her Anti Virus.
    • Christbait, on 11/01/2007, -1/+6Sadly, most people who have girlfriends still use porn...
    • thickdrummer, on 11/01/2007, -0/+3What if it's your girlfriend thats downloading the porn?
    • codmate, on 11/01/2007, -0/+1You've never had a girlfriend for more than a month have you?
  • willgonz, on 11/01/2007, -6/+4Not worried. Just stay away from porn sites and you'll be fine. Wow Macs have one Trojan, big deal. How about a Windows virus that runs around collecting Windows/Office/Visual Studio Volume License Keys? And now with Time Machine I would just restore my machine back from days before.
    • Christbait, on 11/01/2007, -7/+2Can a mactard use Time Machine so they can go back in time to the day when a mactards didn't own their mac and get something much better with their £1300?

      ..What's that? No? That sucks.
      • Billions, on 11/01/2007, -0/+1Where's the famous English 'wry sense of humor?'

        Work on that one... and then post it for yet a third time. Also, the "exchange rate/accent/driving on the other side of the road" is messing with your "plurals."
    • codmate, on 11/01/2007, -0/+1Start:Programs:Accesories:System Tools:Backup
      Been there for seven years.
  • Goobernutz, on 11/01/2007, -2/+2I must have that infection on my system because I constantly find myself at websites who display ads simply to generate ad revenue. I hope I don't accidentally download strange software from pornographic websites then accidentally type in my administrator password on disk images that I accidentally mount. I also hope I don't accidentally pick the nose of my friendly neighborhood crack addict and wonder why I accidentally got hep B.
  • bethlagarrison, on 11/01/2007, -2/+24THIS ISN'T A VIRUS.

    You have to DOWNLOAD it, then sit idly by and WATCH as it runs the installer, then give it your PASSWORD.

    Anyone stupid enough to go through that entire process deserves to have their computer messed up.
  • SuperSneaks, on 11/01/2007, -2/+11Why is this getting digged up? As many people have already stated you have to be just about brain dead to get this Trojan.
    • pxlpshr, on 09/04/2008, -1/+2welcome to the masses that plague digg. internet ignorance ftw.
    • Macskeeball, on 11/01/2007, -0/+2"Dugg," not "digged."
    • ilgaz, on 11/01/2007, -0/+1I am digging it up because:
      1) Porn industry is a huge attack vector on Internet
      2) Mac fanboys dissing every security threat shooting the messenger should be neutralized before causing more harm to security of OS X.

      Oh BTW- I use Macs for everything.
  • matterk, on 11/01/2007, -2/+5dah dah dah
  • starlord1, on 11/01/2007, -1/+13I love virus stories that feature the sentence... "Proceeding with the installation installs the trojan horse, and requires users to enter their administrator password which grants the malicious software full root privileges." Not only are you seedy enough to need some free only video preview, but daft enough to be unable to find ones that don't require a codec and then even more desperate to hand over your password people - Seriously, is this even a story. I can write a script that when presented with your password can do... well actually pretty much anything on your computer. Gimme a break, well at least this won't be difficult to bat away tomorrow at work when the mac haters beat a path to my door.
  • Rudiger81, on 11/01/2007, -0/+15So OS X comes out with parental controls in Leopard and no one buys anti-virus and mail has a good junk email box. Now the company who now has no worth while products for mac has found a "Critical" trojan that needs the system to choose to install it and type in their password. Coincidence?
  • secretmode, on 11/01/2007, -3/+2I'd rather to visit the Ads than reading the article
  • TremorX, on 11/01/2007, -0/+18Trojans are NOT 'viruses'. Just sayin'. Trojans sort of rely on the user being an idiot.
    • ilgaz, on 11/01/2007, -0/+1Are there any real viruses left? DOS viruses had more technology and complexity than Windows viruses.
      People digging down this story as they believe the Macs are NSA Terminal secure are the ones who will get infected by this trojan, not the people having common sense of security.

      • codmate, on 11/03/2007, -0/+2I miss the good old floppy boot sector viruses =(
        • ilgaz, on 11/03/2007, -0/+1Remember they were some piece of evil art that people were collecting them. F-Prot had special "virus collector" mode just for those people.
  • 9w43, on 11/01/2007, -9/+3Now that mac users are vulnerable due to the firewall being off by default, viruses are on the way
    • iplayyouandme, on 11/01/2007, -0/+6It's always been off by default. I guess you just learned that. And no Firewall can block a Trojan, dummy. Also, Trojans are not viruses!
  • thinsoldier, on 11/01/2007, -14/+4It has begun.
  • McBoogie, on 11/01/2007, -4/+7The major point to take out of this isn't that people should be worried about this virus (it's a pretty weak one) but that people are starting to make real attempts at targeting macs. Safety through obscurity won't cut it anymore, it's only a matter of time until something stronger comes out that poses a real threat to mac users.
  • BlueStarr, on 11/01/2007, -1/+15It asks for your password...ASKS....so unless you're an idiot.
    • pyrates, on 11/01/2007, -11/+2Yep, just like Vista ASKS for your admin password. But if OS X starts getting attacked nearly as much as wi