Macs hit with BitTorrent-embedded malware attack

For years, Mac users have long been rightfully smug about their platform's relative immunity to virus and malware attacks, but it's inevitable that those days will eventually come to an end. (As the Mac gains in popularity, it also earns more attention from malware developers, and it's this lack of malware being actively developed, not some special, inherent security, that have really kept the Mac a "safe" platform for the time being.)

Now we're seeing one of the first moderately-sized exploits to take advantage of Mac users. The iServices.A Trojan horse is an attack being distributed via BitTorrent, where it's disguised as a bootleg copy of the new iWork 09. Once installed, the malware takes administrator access and connects to remote servers over the Internet, where it can be given additional instructions as the author commands, from installing additional malware to stealing information off the Mac in question. The malware creator can also take complete remote control of any compromised machine.

Security firm Intego said that just 20,000 machines had been infected as of January 21 but that the risk of ongoing infection was "serious, and users may face extremely serious consequences" if they are stricken with the malware.

Mac users are suggested to use common sense -- that is, don't try to download and installed pirated software -- and to update any antivirus definitions immediately. If you're a Mac user and aren't using security software, well, this might be a good time to start.

http://tech.yahoo.com/blogs/null/117188

:yoiks:

Mac has been targeted more and more lately.

why so smug?

Well my Mac was defective right from the factory and never worked despite multiple repairs.

Its pretty hard for a doorstop to get a virus isn't it?

REPLACED it, no problem.

They said the iBook extended repair program only covered logicboard replacements and if they have to replace the thing 10 times so be it and they do not provide replacement machines under any circumstances. Those were the words right from the lips of the Mac Fucktard at South Coast Plaza.

I ultimately did get it replaced, not throught the AppleStore but through Apple Corporate out of Austin Texas but the new one had the EXACT same problem.

amazingly helpful.

What Kind Of School Did You Go To Where They Taught You To Capitalize Every Word?


Oh, and there's already a big discussion about this here
http://www.democraticunderground.com/discuss/duboard.php?az=view_all&address=389x4915997

"and it's this lack of mal ware being actively developed, not some special, inherent security"

While it's true that there hasn't been as much attention to developing "malware" for Macs as for PCs, I disagree with the concept that it isn't inherently more secure.

In fact, MacOS is developed on top of FreeBSD, FreeBSD came from BSD (Berkeley Software Distribution) of Unix, specifically Unix 4.2 developed for the Vax at Berkeley (also the basis for almost all Unixes out there, including SunOS). BSD Unix came from AT&T Unix developed in the 1970s at AT&T Bell Labs. Its actually a redevelopment of another research OS, namely Multics, developed for the GE 635 (later Honeywell 6660) mainframe. Multics was designed from scratch to have levels of security or security "rings" (a revolutionary concept in 1960s). Unix maintained many of those aspects of Multics (but simplified to two basic rings, hence the play on words --- Uni instead of Multi.

In any event, Unix was designed to be fairly secure. Windows, which was derived as a re-implementation of DOS and, of all things, Vax VMS (a proprietary DEC OS) was always kind of a hodge-podge, where even the concept of running multiple users and multiple processes (and schedulers and virtual memory systems, etc) was grafted on, not designed in from the ground level.

Unix, I submit, IS more inherently secure than DOS/Windows/Windows-98/Windows-XP(with some NT)/Vista.


"via BitTorrent, where it's disguised as a bootleg copy of the new iWork 09. Once installed, the mal ware takes administrator access and connects to remote servers over the Internet"

And therein lies the problem. Someone uses BitTorrent to download some BOOTLEG copy of something they think they want or need (and don't want to pay for it), then that someone has to have "privileges" on the machine in question (meaning that they have "root" privilege for Unix) and they install the mal ware. And that's a bug? Any OS which depends on people (administrators) to install and run system utilities will ALWAYS fall prey to such a "bug". The only prevention is to NOT allow the end user of the PC to have "root" privileges (which some work places do). Anyway, the answer to this bug is simple... "don't download bootleg software (or any software that you can't verify the source)".

It's like buying stolen goods then complaining that its infected
with disease.

on how tax cuts always help the economy, I tried to do some truth telling.

As one of the many developers of "unix" (in all of it's flavors anywhere), and as one of the few people on the planet that actually USED Multics (on the aforementioned Honeywell 6660), and as someone that knew Bill Joy, Marshall McKusick, Dennis Ritchie, and Ken Thompson (not well, but I met him a few times)... etc, I figured it's worthwhile to try to correct the misinformation out there. Maybe some of it will sink in.

Yours truly,

A dedicated Apple fan since my first SE.

I have a PC and know they are not perfect, but no matter what make or model computer you have, you have to be careful!

I'm not loyal to PC's,the main reason I never bought a Mac was because the programs I needed to run would not work on a Mac, so I always bought PC’s.

Maybe I’m wrong,but 20.000 Mac owners buying boot leg copies of programs and installing them on their computer does not sound right to me?

about the same percentage as PC owners. I know a couple of younger types who go to pirate websites and download stuff constantly: movies, videos, music, applications, whatever. They think it's cool. And, of course, because they don't have much money, they feel like it's their right. Oh well.