Welcome to WebmasterWorld Guest from 54.159.50.111

Forum Moderators: travelin cat

Message Too Old, No Replies

Trojan Horse May be Hitting Mac Users

     
9:06 am on Apr 18, 2009 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:22318
votes: 240


Trojan Horse May be Hitting Mac Users [pcworld.com]
Over the years, Mac users have been lucky enough that the word "zombie" only conjures up the shambling brain-craving hordes of the undead in movies like Shaun of the Dead, but Windows users have long been dealing with the menace of zombie botnets--networks of PCs corrupted by malware into vectors for malicious attacks. Now two researchers claim to have discovered the first Mac zombie botnet in existence and have published a paper in Virus Bulletin (subscription required).

The botnet stems from a Trojan horse embedded in a iWork '09 trial version that was making the rounds on file-sharing networks. The risk first came to light in January when security firm Intego warned of the potential threat hidden in the files.

Two researchers, Mario Ballano Barcena and Alfredo Pesoli, have now discovered two separate variants of the malware, each using distinct techniques to compromise users' machines.

2:18 pm on Apr 18, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member whoisgregg is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Dec 9, 2003
posts:3416
votes: 0


making the rounds on file-sharing networks

Lesson: Don't trust file-sharing networks.

2:25 pm on Apr 18, 2009 (gmt 0)

Moderator This Forum from US 

WebmasterWorld Administrator travelin_cat is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 28, 2004
posts:3115
votes: 2


Not sure why anyone would download iWork from any place but Apple, it's the same price (free) and a trusted source.
6:43 pm on Apr 18, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member swa66 is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 7, 2003
posts:4783
votes: 0


iWork 09 isn't actually free AFAIK (compared to e.g. office it's really cheap, but not free). It doesn't even come for free with a new mac (iLife 09 does).
7:23 pm on Apr 18, 2009 (gmt 0)

Moderator This Forum from US 

WebmasterWorld Administrator travelin_cat is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 28, 2004
posts:3115
votes: 2


It's not free but the trial version which is carrying the Trojan is.
7:35 pm on Apr 18, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member swa66 is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 7, 2003
posts:4783
votes: 0


Well that trial bundled with a Trojan isn't "marketed" as a trial, it's pretending to be the real thing.
12:37 am on Apr 19, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member billys is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 1, 2004
posts:3181
votes: 0


Mac attack? Better switch to Windows...
2:39 pm on Apr 20, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:July 26, 2006
posts:1619
votes: 0


It's actually quite a few programs carrying it.

A Mac OS X botnet is turning infected computers into attacker-controlled zombies designed to steal information, according to researchers. The Mac botnet, a network of infected computers controlled by an attacker usually for malicious purposes, gained traction after attackers launched malicious software attached to pirated versions of the Mac productivity suite iWork 09, and Adobe Photoshop CS4 for Mac. The Mac malware spread on BitTorrent trackers and other peer-to-peer sites that contain links to pirated software. Symantec researchers Mario Ballano Barcena and Alfredo Fesoli discovered that the two separate variants of the Mac malware have now developed into a full-fledged Mac botnet, complete with information-stealing code. - From Channel Web

full story
[crn.com...]

4:25 pm on Apr 22, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member eliteweb is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 5, 2001
posts:2723
votes: 0


One of the major reasons this was downloaded so fast is that Apple announced that iWork would not have DRM. No need for serial keys this time around and no need to perform cracks. On release date when the file hit filesharing it was complete with a trojan bundled into the installer.
1:21 am on June 12, 2009 (gmt 0)

Junior Member

5+ Year Member

joined:Mar 26, 2008
posts:127
votes: 0


First lesson is not to go to sites like that. Apple has the trial version at their own web site. Geeeeeez.

My experience with Peer to Peer has been uniformly miserable. I tried lime wire mac, and it wouldn't install. And don't talk to me about Skype.

Interesting way to get past apple security though. Get someone to give you the admin password. Apple puts in so many locks, bars, gates and even moats against this kind of thing, and these users are passing the keys to their castle to the first burglar they can find.

Makes you wonder