Re: [Full-disclosure] mac trojan in-the-wild



Let's not over-hype this-- while "Apple's day" has been coming, saying
that users will be "hit hard" on something the user has to
manually download, manually execute, and explicitly grant
administrative privileges to is *way* over the top.

The future of malware is going to be largely through social engineering.
Does that mean we ignore every threat that comes out because it requires
user interaction? Seems like whistling past the graveyard to me.

Alex


-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
Sent: Thursday, November 01, 2007 8:15 PM
To: Gadi Evron; bugtraq@xxxxxxxxxxxxxxxxx;
full-disclosure@xxxxxxxxxxxxxxxxx
Subject: RE: mac trojan in-the-wild

For whoever didn't hear, there is a Macintosh trojan in-the-wild being

dropped, infecting mac users.
Yes, it is being done by a regular online gang--itw--it is not yet
another proof of concept. The same gang infects Windows machines as
well, just that now they also target macs.

http://sunbeltblog.blogspot.com/2007/10/screenshot-of-new-mac-
trojan.html
http://sunbeltblog.blogspot.com/2007/10/mackanapes-can-now-can-feel-
pain-of.html

This means one thing: Apple's day has finally come and Apple users are

going to get hit hard. All those unpatched vulnerabilities from years
past are going to bite them in the behind.

Let's not over-hype this-- while "Apple's day" has been coming, saying
that users will be "hit hard" on something the user has to manually
download, manually execute, and explicitly grant administrative
privileges to is *way* over the top.



I can sum it up in one sentence: OS X is the new Windows 98. Investing

in security ONLY as a last resort losses money, but everyone has to
learn it for themselves.

Not "the new Windows 98" by a long shot - saying that is just
irresponsible. While Apple is not used to dealing with security in the
same way that other companies are, comparing OSX to Windows 98 is not
only a huge technical inaccuracy, but you also insult MAC users out
there. OSX had "UAC-like unprivileged user controls" way before Vista
did - let's not try to start some holy-war on this like people have
tried to do with Windows vs Linux in the past.

If you want to report this, then report it-- but say what it is, a
totally lame user-must-be-drunk "exploit" that requires that all manner
of things go wrong before it works -- otherwise people will think that
you've dressed up as Steve Gibson for Halloween.

t

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • Re: WWDC, new announcements,fix QT & 16 months with Mac and back.
    ... Newsgroups: comp.sys.mac.advocacy ... time on a Mac. ... My Compaq PC has a more business-like look and feel and Windows XP, ... an error report - when sent, I was advised that I needed to click on a ...
    (comp.sys.mac.advocacy)
  • 15 reasons Macs are still better than Windows PCs
    ... With Windows 7 coming up, it's time to yet again ponder on whether ... I long ago stopped actively seeking out Mac vs PC discussions (partly ... Apple uses good quality parts. ... problem lies from those three apps. ...
    (comp.sys.mac.advocacy)
  • Re: "Net Threat Rising" says CR, zara claims otherwise
    ... >"Macs 'much safer' online than Windows, ... the report categorically states: ... >are safer than Windows PCs for some online hazards. ... Just 8 per cent of Mac ...
    (comp.sys.mac.advocacy)
  • Re: Apple Notebook
    ... die gerne mit Unix Befehlen arbeiten und sich freuen, ... mich stören weder UNIX-Befehle (neben Mac OS X benutze ich selbst z.B. u.A. auch HP-UX, UNIX ist für mich also kein Fremder) noch Leute, die mit ihrem Mac zufrieden sind. ... Mich stört auch nicht, dass Windows mit Ausnahme von Windows Server 2003 R2 keine UNIX-Befehle kann, genauer gesagt geht mir das ziemlich am Allerwertesten vorbei, einfach weil der Bedarf nicht vorhanden ist. ... Und das nicht nur deswegen, weil Apple schlichtweg keinen professionellen Support anbietet, sondern weil die Masse der wichtigen Anwendungen eben nicht unter Mac OS X läuft, sondern unter Windows oder allenfalls noch Linux. ...
    (de.comp.sys.notebooks)
  • Re: I really do like OS X but . . .
    ... I think he was pointing out that Microsoft has to ensure backwards compatibility with the older MS-DOS based versions of Windows, which introduces a number of problems. ... But, of course, Mac users have no choice but to upgrade... ... support perspective too. ... even going to try to claim the PPC port of gcc is anywhere near as good ...
    (comp.sys.mac.advocacy)