Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Mac Malware Getting Worse
ZD Net, Ed Bott ^ | 05/06/2011 | Ed Bott

Posted on 05/19/2011 5:37:00 AM PDT by johncatl

Over the weekend, I got an e-mail from an AppleCare support rep, who was responding to my recent reports of Mac malware being found in the wild. At least one prominent voice in the Mac community dismisses these reports as “crying wolf.” The view from inside an Apple call center says it’s for real:

I can tell you for a fact, many, many people are falling for this attack. Our call volume here at AppleCare is 4-5x higher than normal and [the overwhelming majority] of our calls are about this Mac Defender and its aliases. Many frustrated Mac users think their Mac is impervious to viruses and think this is a real warning from Apple. I really wish I could say not many people will fall for this, but in this last week, we have had nothing but Mac Defender and similar calls.

I contacted this person and arranged an interview. I’ve edited our conversation to remove any details that might identify this individual or the call center location, but otherwise this is a verbatim transcript.

Update In the Talkback comments, some people express skepticism about these conclusions. Be sure to read my follow-up: Crying wolf? Apple support forums confirm malware explosion. It includes direct quotes from Apple customers caught up by this attack.

(Excerpt) Read more at zdnet.com ...


TOPICS: Computers/Internet; Miscellaneous
KEYWORDS: mac; malware

1 posted on 05/19/2011 5:37:05 AM PDT by johncatl
[ Post Reply | Private Reply | View Replies]

To: johncatl
How's all the MAC security working out for all you “Buy a MAC and be secure” people? LOL....security through obscurity doesn't work when you are no longer obscure....
2 posted on 05/19/2011 5:41:56 AM PDT by rightwingextremist1776
[ Post Reply | Private Reply | To 1 | View Replies]

To: johncatl

ZD net is full of Microsoft loving loonies.


3 posted on 05/19/2011 5:42:37 AM PDT by MimirsWell (Pganini, cmdjing, andyahoo, artaxerces, todd_hall - counting my Chicom scalps)
[ Post Reply | Private Reply | To 1 | View Replies]

To: johncatl

ZDnet is full of Microsoft loving loonies.


4 posted on 05/19/2011 5:42:46 AM PDT by MimirsWell (Pganini, cmdjing, andyahoo, artaxerces, todd_hall - counting my Chicom scalps)
[ Post Reply | Private Reply | To 1 | View Replies]

To: johncatl

ZDnet is full of Microsoft loving loonies.


5 posted on 05/19/2011 5:42:54 AM PDT by MimirsWell (Pganini, cmdjing, andyahoo, artaxerces, todd_hall - counting my Chicom scalps)
[ Post Reply | Private Reply | To 1 | View Replies]

To: johncatl

I’m shocked - shocked I tell you!


6 posted on 05/19/2011 5:43:12 AM PDT by reagan_fanatic (A communist is just a liberal in a hurry)
[ Post Reply | Private Reply | To 1 | View Replies]

To: johncatl

Boring. Second time this was posted; dangerous only if you are dumb enough to download and install it without checking it out first. Some PC people are so desperate for Mac users to start sharing their misery that they latch on to stories like this as if they were gospel.


7 posted on 05/19/2011 5:45:13 AM PDT by La Lydia ("California: When the parasites outnumber the hosts, it's all over.")
[ Post Reply | Private Reply | To 1 | View Replies]

To: johncatl
EB: So customers who get hit by this are installing it and giving their admin password?

AC: Yes.

EB: if they stop before that, nothing bad happens?

AC: Yes, the file will download but for it to install it requres the password. it tries to trick you into giving it by saying its required to remove the infections.

EB: Ah yes, social engineering.

AC: Indeed, looks rather real, if you ignore the fact it pops up in your browser… but for most of us that know computers that’s a giveaway there.

It's the same old "land shark... er candygram" method of attack. Once you give the admin password to install software... it is game over; sort of like inviting a stranger into your house.

8 posted on 05/19/2011 5:45:43 AM PDT by 6SJ7 (atlasShruggedInd = TRUE)
[ Post Reply | Private Reply | To 1 | View Replies]

To: rightwingextremist1776
How's all the MAC security working out for all you “Buy a MAC and be secure” people? LOL....security through obscurity doesn't work when you are no longer obscure....

Mac doesn't rely on "security through obscurity", and that principle (flawed as it is) doesn't apply in this case.

The malware in question is simply a slick trojan that poses as a piece of legitimate software to those foolish enough to grant admin privileges to a program that downloads from the internet. It's a social engineering attack, and as such, defense is independent of operating system.

9 posted on 05/19/2011 5:46:45 AM PDT by kevkrom ("Winning The Future" = WTF = What The F*** / "Kinetic Military Action" = KMA = Kiss My A**)
[ Post Reply | Private Reply | To 2 | View Replies]

To: rightwingextremist1776

Why do you keep referring to MAC (Media Access Control)?


10 posted on 05/19/2011 5:47:18 AM PDT by 6SJ7 (atlasShruggedInd = TRUE)
[ Post Reply | Private Reply | To 2 | View Replies]

To: kevkrom
Written for a MAC.....LOL...you people crack me up.....enjoy the popularity of MACs....the ride is just beginning.
11 posted on 05/19/2011 5:48:48 AM PDT by rightwingextremist1776
[ Post Reply | Private Reply | To 9 | View Replies]

To: rightwingextremist1776
Did you even read the article? (See post #8 for the relevant bit that's "buried" on page 2.)

This particular piece of malware is written for OS X (which is probably a more precise term to use than Mac; and note that it's Mac, not MAC), but it does not exploit a weakness in OS X -- rather, it tricks the user into installing it. That's not an operating system attack, and no OS in the world is safe if a user with admin privileges intentionally installs malware, even if that user isn't aware that it is malware.

The same technique would work on Windows, Linux, Solaris, OS/2, NeXT, or any other platform you can name. The security level of the OS is irrelevant if the user allows the malware to bypass the OS security.

12 posted on 05/19/2011 5:53:53 AM PDT by kevkrom ("Winning The Future" = WTF = What The F*** / "Kinetic Military Action" = KMA = Kiss My A**)
[ Post Reply | Private Reply | To 11 | View Replies]

To: kevkrom

Like I said...enjoy the ride...no operating system is without security holes....only fools and Mac (better?) owners would believe otherwise.


13 posted on 05/19/2011 5:58:20 AM PDT by rightwingextremist1776
[ Post Reply | Private Reply | To 12 | View Replies]

To: MimirsWell
ZD net is full of Microsoft loving loonies.

Yeah! Attack the messenger and forget about using your brain!

14 posted on 05/19/2011 6:01:38 AM PDT by Erik Latranyi (Too many conservatives urge retreat when the war of politics doesn't go their way.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: MimirsWell
ZD net is full of Microsoft loving loonies.

Yeah! Attack the messenger and forget about using your brain!

15 posted on 05/19/2011 6:01:45 AM PDT by Erik Latranyi (Too many conservatives urge retreat when the war of politics doesn't go their way.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: MimirsWell

Triple post from a Mac, I presume?

;-)


16 posted on 05/19/2011 6:02:36 AM PDT by Hulka
[ Post Reply | Private Reply | To 5 | View Replies]

To: rightwingextremist1776
Like I said...enjoy the ride...no operating system is without security holes....only fools and Mac (better?) owners would believe otherwise.

And yet this article has nothing to do with OS security holes.

17 posted on 05/19/2011 6:08:30 AM PDT by kevkrom ("Winning The Future" = WTF = What The F*** / "Kinetic Military Action" = KMA = Kiss My A**)
[ Post Reply | Private Reply | To 13 | View Replies]

To: rightwingextremist1776

“enjoy the popularity of MACs....the ride is just beginning.”

Well, this part I agree with. Mac sales are far outpacing the general PC market. I certainly do look forward to more native Mac software. :-)

Apple stock has a long upward ride ahead of it as well. Amazing how the Apple market cap has so completely eclipsed that of Microsoft these days...


18 posted on 05/19/2011 6:26:28 AM PDT by PreciousLiberty
[ Post Reply | Private Reply | To 11 | View Replies]

To: johncatl; rightwingextremist1776; Swordmaker; PA Engineer
Social engineering attacks have nothing to do with which operating system the user is on, they're an attack on the USER.

Anyone capable of making stupid snarky remarks ought to know that, rwe1776.

Trojans aren't viruses. Geez, some people...

Besides, this news was already posted and discussed in detail: http://www.freerepublic.com/focus/f-news/2721644/posts

19 posted on 05/19/2011 6:35:55 AM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: La Lydia
Boring. Second time this was posted; dangerous only if you are dumb enough to download and install it without checking it out first. Some PC people are so desperate for Mac users to start sharing their misery that they latch on to stories like this as if they were gospel.

I didn't see the first post but it looks like there are plenty of "dumb" Mac users just like the "dumb" PC Users. Social Engineering works no matter what the platform.

Ed has posted three stories on this, and between the Forums and the other information, this is real enough for those affected.

Posting this doesn't mean that I am anti-Mac. You do what you want and think what you will.

20 posted on 05/19/2011 6:43:59 AM PDT by johncatl (...governs least, governs best.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: kevkrom; Swordmaker
> And yet this article has nothing to do with OS security holes.

Correct. It serves mainly as an excuse for Mac haters to gather and make stupid snarky remarks, to display their ignorance of actual facts.

So much fun to watch them take ZDNet's bait.

21 posted on 05/19/2011 6:48:46 AM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 17 | View Replies]

To: johncatl
> Posting this doesn't mean that I am anti-Mac. You do what you want and think what you will.

Mac users aren't a lot different from Windows users. Most of them are entirely capable of allowing Trojans on their system via social engineering attacks.

The reason this article and your post are unnecessary is that this subject is well known and hashed over in boring detail already.

The only reason ZDNet publishes articles like this is to get page hits with a headline containing "Mac" and "Malware" in the same line.

And you fell for it.

And then in your haste to post something nasty about Apple, you didn't even search FR first -- the prior post title contained the identical string "Mac Malware". Really now...

22 posted on 05/19/2011 6:56:01 AM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 20 | View Replies]

To: johncatl

Uh huh.
http://www.freerepublic.com/focus/f-news/2721644/posts

The difference being: PC users can get stuff like this passively, MAC users can’t. Also: consider the motives of your sources.


23 posted on 05/19/2011 6:56:17 AM PDT by La Lydia ("California: When the parasites outnumber the hosts, it's all over.")
[ Post Reply | Private Reply | To 20 | View Replies]

To: kevkrom
Macs have a completely different OS structure than PCs. Isn't that what has saved them from all the viruses that have been written for and have plagued Microsoft users for all these years? i.e., copy this or that file to windows/system folder. This malware would appear to know Macs. I agree with some previous posters. I always thought that either there weren't enough Macs for the evil little 16 year olds that sit in their bedrooms and write viruses to be interested in or that they were maliciously written by Apple-snobs out of envy.
24 posted on 05/19/2011 6:57:41 AM PDT by traintown57
[ Post Reply | Private Reply | To 17 | View Replies]

To: traintown57
This malware would appear to know Macs.

The malware is written for OS X, but still requires a user to intentionally install it.

I mean, I could write a program in about 5 minutes that starts deleting files anywhere on a machine, for pretty much any OS you can name. The trick would be in getting someone to install it and let it run.

25 posted on 05/19/2011 7:00:10 AM PDT by kevkrom ("Winning The Future" = WTF = What The F*** / "Kinetic Military Action" = KMA = Kiss My A**)
[ Post Reply | Private Reply | To 24 | View Replies]

To: traintown57
> Macs have a completely different OS structure than PCs.

There are three main lines of attack on any computer:

  1. The Operating System
  2. The Applications (apps have software bugs more than OSes because they change more and faster)
  3. The User (i.e. social engineering attack)
The operating system under Mac OS-X is Unix. It's the most secure OS in common use, period, having been around for about three decades and well-debugged. It's the standard for OS security, this side of proprietary DOD embedded OSes.

Application attacks are easier, but apps are a moving target.

Most attacks, and so far, ALL Mac related attacks, go after the User, who is the weakest link.

No surprises there.

26 posted on 05/19/2011 7:06:42 AM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 24 | View Replies]

To: kevkrom

Any OS has a certain percentage of users that are fool enough to install viruses that most of us would not. My point was that, now that Macs are more common and their market share is growing, there may be more viruses on the horizon that will affect OS X in the future. That would really shake the confidence of all those users that bought macs because they thought they couldn’t get viruses.
Yes, I’m a PC user and always have been. I was a desktop tech in a previous life and I worked on Macs when we got a call ticket. I was the only one who would because all the other techs didn’t like dealing with the condescending and impatient users that had them.


27 posted on 05/19/2011 7:12:11 AM PDT by traintown57
[ Post Reply | Private Reply | To 25 | View Replies]

To: traintown57; kevkrom; Swordmaker
> ...users that are fool enough to install viruses that most of us would not... all those users that bought macs because they thought they couldn’t get viruses.

Please take the time to learn the difference between a "virus" and a "trojan". You sound very foolish, conflating the two.

Granted that most users (of any flavor of computer) don't know the difference, but you are claiming greater knowledge than them.

Trojans require some amount of assistance from the user. Viruses do not.

And while there are a small number of Trojans in the wild for Macs, there are ZERO true viruses for Macs in the wild, at the present time.

28 posted on 05/19/2011 7:22:01 AM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 27 | View Replies]

To: dayglored

You seem to be an example of the condescending Mac user that I spoke of. I claim no great knowledge, but yes, more than the common user. Back in my day, they were called trojan viruses. Perhaps you could google it.


29 posted on 05/19/2011 7:31:54 AM PDT by traintown57
[ Post Reply | Private Reply | To 28 | View Replies]

To: traintown57

Trojans and viruses (or virii) are both malware, but are defined differently, and the difference is critical.

Both definitions hearken back to their namesakes — Trojans, named after the Trojan Horse story from mythology, are legitimate-looking programs that entice the target to install them, while containing a hidden “payload” of benefit to the attacker. They are purely social engineering attacks.

Viruses (named after the microscopic organisms), “infect” systems and spread to other systems. These typically exploit operating system or application vulnerabilities to infect and propagate.


30 posted on 05/19/2011 7:38:00 AM PDT by kevkrom ("Winning The Future" = WTF = What The F*** / "Kinetic Military Action" = KMA = Kiss My A**)
[ Post Reply | Private Reply | To 29 | View Replies]

To: dayglored
> Posting this doesn't mean that I am anti-Mac. You do what you want and think what you will.

Mac users aren't a lot different from Windows users. Most of them are entirely capable of allowing Trojans on their system via social engineering attacks.

The reason this article and your post are unnecessary is that this subject is well known and hashed over in boring detail already.

The only reason ZDNet publishes articles like this is to get page hits with a headline containing "Mac" and "Malware" in the same line.

And you fell for it.

And then in your haste to post something nasty about Apple, you didn't even search FR first -- the prior post title contained the identical string "Mac Malware". Really now...

Yup, everything the computing world loves about Mac users.

31 posted on 05/19/2011 7:43:13 AM PDT by johncatl (...governs least, governs best.)
[ Post Reply | Private Reply | To 22 | View Replies]

To: traintown57
> You seem to be an example of the condescending Mac user that I spoke of. I claim no great knowledge, but yes, more than the common user. Back in my day, they were called trojan viruses. Perhaps you could google it.

No, actually I'm an example of a condescending Unix user. :) I've been designing and using small computers for 35 years, and use ALL of them; I have no particular loyalty to Macs or any other brand. You could find this out on my FreeRepublic profile page if you wish.

Pray tell, when was "your day"? I've not heard the term "trojan viruses" used by anyone knowledgeable, to describe any variant of malware. I'll take your word for it that it's been used -- I'm just sayin', it's a dumb conflation of two different things. It's like saying that there's a term "car trucks" to describe some sort of vehicle.

Nothing personal. Just trying to sort out some of the misinformation.

32 posted on 05/19/2011 7:43:22 AM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 29 | View Replies]

To: johncatl
> Yup, everything the computing world loves about Mac users.

May I ask, what's that supposed to mean, or imply?

33 posted on 05/19/2011 7:46:02 AM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 31 | View Replies]

To: kevkrom
I mean, I could write a program in about 5 minutes that starts deleting files anywhere on a machine, for pretty much any OS you can name.

So true. This ZDnet article is just the usual link-bait to grab eyeballs. One could almost imagine, without too much exaggeration, having Ed Bott gin up an article about OS X containing a built-in "Self destruct" capability. After all, the boot disk contains the Disk Utility app, and with a few clicks a user can (cue dramatic music) erase the entire hard drive!

34 posted on 05/19/2011 7:47:30 AM PDT by 6SJ7 (atlasShruggedInd = TRUE)
[ Post Reply | Private Reply | To 25 | View Replies]

To: kevkrom

Back to my oroginal point. Viruses, trojans and worms need to know names of folders and your OS structure to be effective. I don’t wish anybody to have them. Just sayin’, your aren’t impervious to attack if someone chooses to attack you like they did(and do)PCs.


35 posted on 05/19/2011 7:50:36 AM PDT by traintown57
[ Post Reply | Private Reply | To 30 | View Replies]

To: 6SJ7
HI! You've just received the AMISH VIRUS!

We in the Amish community don't have any actual computers or other technology, so this virus works on the Honor System.

Please send this message to all your friends and family members.

Then please log in as Administrator, and delete all your files.

Thank You! - The Amish Virus Team

36 posted on 05/19/2011 7:55:45 AM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 34 | View Replies]

To: dayglored; 6SJ7

Also please note that the so-called “Amish Virus” is actually, in fact, a (parody) Trojan, since it requires user action to work.


37 posted on 05/19/2011 7:58:57 AM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 36 | View Replies]

To: dayglored
Accckkk, oop. Forgot to add "social engineering" to "Trojan".

Time to get some coffee.

38 posted on 05/19/2011 8:00:22 AM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 37 | View Replies]

To: dayglored

LOL! Low tech malware.


39 posted on 05/19/2011 9:21:18 AM PDT by 6SJ7 (atlasShruggedInd = TRUE)
[ Post Reply | Private Reply | To 36 | View Replies]

To: 6SJ7
> LOL! Low tech malware.

And only slightly less subtle than some of the successful, real malware dialogs.

Honest, I can't believe some of the stuff users click on. And those people vote, too. (shudder)

40 posted on 05/19/2011 9:38:20 AM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 39 | View Replies]

To: traintown57
You seem to be an example of the condescending Mac user that I spoke of. I claim no great knowledge, but yes, more than the common user. Back in my day, they were called trojan viruses. Perhaps you could google it.

Sorry, no. Never. They are called Trojan Horse programs or application on the grounds they are merely a computer application like any other that will run on a computer that does something malicious other than or in addition to what it is advertised to do. A virus is a specific type of malware that acts like a living creature, capable of self-propagation, self-vectoring, and most importantly, self-installation.

41 posted on 05/19/2011 11:53:26 AM PDT by Swordmaker (This tag line is a Microsoft product "insult" free zone.)
[ Post Reply | Private Reply | To 29 | View Replies]

To: johncatl; ~Kim4VRWC's~; 1234; Abundy; Action-America; acoulterfan; AFreeBird; Airwinger; Aliska; ...
Repost of the Apple call center employee interview article on MacDefender from a couple of days ago—PING!

Please, No Flame Wars, Discuss technical issues, software, and hardware.
Don't attack people!

Don't respond to the Anti-Apple Thread Trolls!
 PLEASE IGNORE THEM!!!

 


Apple Mac Security Ping!

If you want on or off the Mac Ping List, Freepmail me.

42 posted on 05/19/2011 12:15:32 PM PDT by Swordmaker (This tag line is a Microsoft product "insult" free zone.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: rightwingextremist1776

Let me understand this, if a Mac user gets a virus, it some how makes your computer run better? Or do just enjoy watching other people suffer? either way, it make you look like extremelysickindividual.


43 posted on 05/19/2011 4:05:38 PM PDT by itsahoot (We make jokes, they make progress. Dimmitude, get used to it.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: traintown57

I call Pot kettle on that remark, the M$ bigots are plentiful. Just read a few of the posts here.

A thread is posted to inform Mac users of a potential threat, and all the hand clappers who have been beleagured with malware and virus detection software, which in itself could be considered a virus, show up here to gloat as tho they had accomplished something.


44 posted on 05/19/2011 4:19:18 PM PDT by itsahoot (We make jokes, they make progress. Dimmitude, get used to it.)
[ Post Reply | Private Reply | To 27 | View Replies]

To: itsahoot

Really, that’s what I don’t get. ALL computer users should hate ALL virus/trojan/malware makers regardless, and yet, it seems that instead we seem to get an us/them mentality between people who should be allies in the war against the real bad guys. Seems a little like Republicans.


45 posted on 05/20/2011 5:22:37 AM PDT by brytlea (If you don't know what APOD is you'd better find out!)
[ Post Reply | Private Reply | To 44 | View Replies]

To: kevkrom; traintown57
The malware is written for OS X, but still requires a user to intentionally install it.

Exactly. This software pretends to be beneficial. It requires the user of the computer to be careless enough to enter the administrator password when prompted. Anyone that careless deserves what they get. It's like a total stranger showing up at the front door and dressed up as a policeman. He says that he has a report that someone has broken into your home. "Please let me in so I can check all of your room." Anyone home owner careless enough to let this fake policemen into the house deserves to be robbed.

I mean, I could write a program in about 5 minutes that starts deleting files anywhere on a machine, for pretty much any OS you can name. The trick would be in getting someone to install it and let it run.

True. In fact it would take about 10 seconds to write a one-line shell script that would erase all the files on any hard drive on a Unix-based system. All you need is a computer user careless enough to enter the administrator password.

46 posted on 05/20/2011 9:52:50 AM PDT by stripes1776
[ Post Reply | Private Reply | To 25 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson