homepage Welcome to WebmasterWorld Guest from 54.235.16.159
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / WebmasterWorld / The Macintosh Webmaster
Forum Library, Charter, Moderators: travelin cat

The Macintosh Webmaster Forum

    
Trojan Horse May be Hitting Mac Users
engine




msg:3895105
 9:06 am on Apr 18, 2009 (gmt 0)

Trojan Horse May be Hitting Mac Users [pcworld.com]
Over the years, Mac users have been lucky enough that the word "zombie" only conjures up the shambling brain-craving hordes of the undead in movies like Shaun of the Dead, but Windows users have long been dealing with the menace of zombie botnets--networks of PCs corrupted by malware into vectors for malicious attacks. Now two researchers claim to have discovered the first Mac zombie botnet in existence and have published a paper in Virus Bulletin (subscription required).

The botnet stems from a Trojan horse embedded in a iWork '09 trial version that was making the rounds on file-sharing networks. The risk first came to light in January when security firm Intego warned of the potential threat hidden in the files.

Two researchers, Mario Ballano Barcena and Alfredo Pesoli, have now discovered two separate variants of the malware, each using distinct techniques to compromise users' machines.


 

whoisgregg




msg:3895170
 2:18 pm on Apr 18, 2009 (gmt 0)

making the rounds on file-sharing networks

Lesson: Don't trust file-sharing networks.

travelin cat




msg:3895174
 2:25 pm on Apr 18, 2009 (gmt 0)

Not sure why anyone would download iWork from any place but Apple, it's the same price (free) and a trusted source.

swa66




msg:3895283
 6:43 pm on Apr 18, 2009 (gmt 0)

iWork 09 isn't actually free AFAIK (compared to e.g. office it's really cheap, but not free). It doesn't even come for free with a new mac (iLife 09 does).

travelin cat




msg:3895293
 7:23 pm on Apr 18, 2009 (gmt 0)

It's not free but the trial version which is carrying the Trojan is.

swa66




msg:3895297
 7:35 pm on Apr 18, 2009 (gmt 0)

Well that trial bundled with a Trojan isn't "marketed" as a trial, it's pretending to be the real thing.

BillyS




msg:3895368
 12:37 am on Apr 19, 2009 (gmt 0)

Mac attack? Better switch to Windows...

Bewenched




msg:3896128
 2:39 pm on Apr 20, 2009 (gmt 0)

It's actually quite a few programs carrying it.

A Mac OS X botnet is turning infected computers into attacker-controlled zombies designed to steal information, according to researchers. The Mac botnet, a network of infected computers controlled by an attacker usually for malicious purposes, gained traction after attackers launched malicious software attached to pirated versions of the Mac productivity suite iWork 09, and Adobe Photoshop CS4 for Mac. The Mac malware spread on BitTorrent trackers and other peer-to-peer sites that contain links to pirated software. Symantec researchers Mario Ballano Barcena and Alfredo Fesoli discovered that the two separate variants of the Mac malware have now developed into a full-fledged Mac botnet, complete with information-stealing code. - From Channel Web

full story
[crn.com...]

EliteWeb




msg:3897851
 4:25 pm on Apr 22, 2009 (gmt 0)

One of the major reasons this was downloaded so fast is that Apple announced that iWork would not have DRM. No need for serial keys this time around and no need to perform cracks. On release date when the file hit filesharing it was complete with a trojan bundled into the installer.

Baruch Menachem




msg:3931704
 1:21 am on Jun 12, 2009 (gmt 0)

First lesson is not to go to sites like that. Apple has the trial version at their own web site. Geeeeeez.

My experience with Peer to Peer has been uniformly miserable. I tried lime wire mac, and it wouldn't install. And don't talk to me about Skype.

Interesting way to get past apple security though. Get someone to give you the admin password. Apple puts in so many locks, bars, gates and even moats against this kind of thing, and these users are passing the keys to their castle to the first burglar they can find.

Makes you wonder

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / The Macintosh Webmaster
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved