Mac-based botnet uncovered
Today's Slashdot cites this important story about the discovery of a botnet running entirely on Macs using OS X.
Turns out the culprit was hidden inside pirated copies of Photoshop CS4 and iWork 09 that were widely distributed over torrents. If you're running a Mac and have an illegitimate copy of one of these programs, you should read this article and make sure your computer is not being used to launch attacks across the Internet. Macs have a security model which is based on Unix and is in general pretty solid against remote attackers. What it can't protect against is users who install the malware themselves as occurred in this case. Remember, boys and girls, "don't copy that floppy." Seriously, if you want a good, entirely free graphics package, use the GIMP. |
Solution: don't PIRATE software... just buy legitimate copy (iWork is only $79 dollars and is cheaper than Microsoft Office and there are alternatives to Photoshop like Pixelmator, Acorn (which is a whole lot cheaper than Photoshop while being easy to use and have around the same capabilities of Photoshop)... or if you looking for open source, GIMP, Seashore and OpenOffice/NeoOffice)
Also, downloading software from unsafe sources are most likely going to attract these kinds of trojans. Also, the trojan requires the user to enter the administrator password, it's not like Windows it will execute without the user knowing it, but most people will enter the password regardless unless someone knows for sure. It's probably a good idea to get Little Snitch which is more powerful than the built in firewall Mac OS X provides and can block applications to connecting onto the internet (although it can be naggy). |
This is why firewalls are designed to block both incoming and outgoing connections.
|
Quote:
Some commercial firewalls like ZoneAlarm can be configured to ask the user to grant a program permission to connect to a remote host. I'll bet this is one of the functions that gets turned off the quickest by people after being confronted with repeated confusing security alerts. No operating system can protect users from themselves. At best, they can throw up a few roadblocks along the way, but a little persistence usually gets around those obstacles. My Linux boxes are pretty secure against most root exploits, particularly remote exploits, but they can't stop me from installing a script that would run with my (non-root) permissions and turn my computer into a spambot. In places where I've built the firewall, that approach wouldn't work because I follow your method and don't let the inside machines talk directly to remote hosts over SMTP (or most anything else). Normal consumers probably won't have that kind of firewalling in place either on their machines or their routers. Unfortunately Apple seems intent on an advertising campaign that lulls its users into a false sense of security by telling them they're so much safer than people running Windows. Quote:
|
Quote:
Of course Mac OS X and Linux don't have any known viruses and worms right now because the lack of market share... Hackers tend to target Windows because they can spread the virus/worm/trojan more effectively and to more computers other than Mac OS X or Linux which have low market share. Quote:
|
Heh most users are usually the weak link in the security chain anyway. :D
|
Quote:
Quote:
|
Quote:
Also, the number of programs such as web browsers open you up to more vulnerabilities, not just the Operating system, like Firefox due to the fact that more people are using that browser. A vulnerability doesn't become a danger to computer security until it's exploited by a piece of malware, which is important for the vendor to patch it so it doesn't get exploited. Updating your software prevents these exploits which have been patch to be used (like the current Conflicker worm which can not be infected by computers which have the OS patch installed) Quote:
So far, Mac OS X haven't really been hit with any real worms or viruses, just trojans (which the first one discovered in 2006). |
yeah Piracy Software will give you virus and it has backdoors too..
|
Well, gauntlet's down. Since Macs are now popular, Macs are not safer. Apple Fanboys, amassing a larger army can cripple you to a larger threat. Take note.
|
Sorry but am I the only one who lolled at this :heh:
Really you Apple users didn't think you would remain safe forever XD |
Quote:
But, everyone got to remember... any operating system can get malware be it Windows, Mac OS X, or Linux and people need to use proper security procedures like upgrading the OS, having a secure password and have updated security software running. Note: I use Mac OS X as a main operating system, but I also use Windows (without any virus protection) and Linux (which disproves myself being a Apple Fanboy because I don't defend Apple or worship them) and I haven't got a virus at all. Edit 2: Also, it's no laughing matter, although it's funny to make fun of apple fanboys/cultists... |
Quote:
I really cannot feel malicious joy in security matters, especially not with bot nets. I regard every bot net as dangerous no matter which platform (that makes me rather concerned actually). |
Quote:
You know, I'm sick and tired of formating my usb stick every time it gets all sorts of crap from people with the same thinking like you. And as far as rekless things go, look around, where the heck do you think you are? I reported a malware link that got though the system here not too long ago. |
Quote:
In most cases they are avoidable, except the USB stick viruses like you said, but people shouldn't really run with full administrative rights or have UAC off because it removes the layer of protection to prevent malware from installing. |
The biggest problems I've had in recent years as far as security go were related to machines on internal networks gettting turned into zombies. As far as the owners were concern they were "working fine". Unfortunetly network resources don't work on a individual level so in a lot of cases your problem is everyone's problem.
|
All times are GMT -5. The time now is 22:11. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.