Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

New Mac Security spyware discovered OSXDockster-a (Uses old exploit, low risk)
ComputerWorld ^ | December 4, 2012 | Jeremy Kirk

Posted on 12/04/2012 10:08:15 AM PST by Swordmaker

" A new piece of malicious software targeted at Apple users has been found on a website dedicated to the Dalai Lama, but one security vendor is labeling it as low risk."

"The malware, nicknamed "Dockster," is a backdoor that allows an attacker to control the victim's computer, record keystrokes and export files, according to ​Intego​​, which sells security software for Macs."

"Dockster tries to infect computers by exploiting a vulnerability in Java, CVE-2012-0507. The vulnerability is the same one used by the ​Flashback malware​​, which first appeared around September 2011 and infected as many as 800,000 computers via a drive-by download. Flashback was used to fraudulently click on advertisements in order to generate illicit revenue in a type of scam known as click fraud."

(Excerpt) Read more at computerworld.com ...


TOPICS: Business/Economy; Computers/Internet
KEYWORDS:

1 posted on 12/04/2012 10:08:23 AM PST by Swordmaker
[ Post Reply | Private Reply | View Replies]

To: Swordmaker
New (OLD!) malware spy-ware discovered for Macs on Tibet government in Exile website... uses the old Java Exploit that supposedly infected 800,000 Macs, except ONLY the Russian security site that "discovered" the "exploit" and no other infected Macs have been found... and in fact the database of "infected" Mac UUIDs was found to include brand new, just off the assembly line Macs that DID NOT HAVE JAVA installed! Ergo, bogus exploit, not that it didn't work, but that it did not infect anywhere near the number claimed.—PING!


Apple Security Ping!

Please, No Flame Wars!
Discuss technical issues, software, and hardware.
Don't attack people!
Don't respond to the Anti-Apple Thread Trolls!
PLEASE IGNORE THEM!!!

If you want on or off the Mac Ping List, Freepmail me.

2 posted on 12/04/2012 10:25:57 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 1 | View Replies]

Comment #3 Removed by Moderator

Comment #4 Removed by Moderator

To: Swordmaker

Easy solution: Run Windows. It has a long history of successful multiple vendor anti-virus software.


5 posted on 12/04/2012 11:32:36 AM PST by norwaypinesavage (Galileo: In science, the authority of a thousand is not worth the humble reasoning of one individual)
[ Post Reply | Private Reply | To 1 | View Replies]

To: norwaypinesavage

need to send this to my sister, a Mac worshiper, who believes that Macs have “never” had a virus.

So I jump ship in Hong Kong and I make my way over to Tibet, and I get on as a looper at a course over in the Himalayas..and who do you think they give me? The Dalai Lama, himself.And I say, “Hey, Lama, hey, how about a little something, you know, for the effort, you know.” And he says, “Oh, uh, there won’t be any money, but when you die, on your deathbed, you will receive total consciousness.” So I got that goin’ for me, which is nice.


6 posted on 12/04/2012 2:07:21 PM PST by Docbarleypop
[ Post Reply | Private Reply | To 5 | View Replies]

To: ~Kim4VRWC's~; 1234; Abundy; Action-America; acoulterfan; AFreeBird; Airwinger; Aliska; altair; ...
New (OLD!) malware spy-ware discovered for Macs on Tibet government in Exile website... uses the old Java Exploit that supposedly infected 800,000 Macs, except ONLY the Russian security site that "discovered" the "exploit" and no other infected Macs have been found... and in fact the database of "infected" Mac UUIDs was found to include brand new, just off the assembly line Macs that DID NOT HAVE JAVA installed! Ergo, bogus exploit, not that it didn't work, but that it did not infect anywhere near the number claimed—PING!


Apple Security Ping!

Please, No Flame Wars!
Discuss technical issues, software, and hardware.
Don't attack people!
Don't respond to the Anti-Apple Thread Trolls!
PLEASE IGNORE THEM!!!

If you want on or off the Mac Ping List, Freepmail me.

7 posted on 12/05/2012 1:14:14 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 5 | View Replies]

To: ~Kim4VRWC's~; 1234; Abundy; Action-America; acoulterfan; AFreeBird; Airwinger; Aliska; altair; ...
New (OLD!) malware spy-ware discovered for Macs on Tibet government in Exile website... uses the old Java Exploit that supposedly infected 800,000 Macs, except ONLY the Russian security site that "discovered" the "exploit" and no other infected Macs have been found... and in fact the database of "infected" Mac UUIDs was found to include brand new, just off the assembly line Macs that DID NOT HAVE JAVA installed! Ergo, bogus exploit, not that it didn't work, but that it did not infect anywhere near the number claimed—PING!


Apple Security Ping!

Please, No Flame Wars!
Discuss technical issues, software, and hardware.
Don't attack people!
Don't respond to the Anti-Apple Thread Trolls!
PLEASE IGNORE THEM!!!

If you want on or off the Mac Ping List, Freepmail me.

8 posted on 12/05/2012 1:15:21 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 5 | View Replies]

To: ~Kim4VRWC's~; 1234; Abundy; Action-America; acoulterfan; AFreeBird; Airwinger; Aliska; altair; ...
New (OLD!) malware spy-ware discovered for Macs on Tibet government in Exile website... uses the old Java Exploit that supposedly infected 800,000 Macs, except ONLY the Russian security site that "discovered" the "exploit" and no other infected Macs have been found... and in fact the database of "infected" Mac UUIDs was found to include brand new, just off the assembly line Macs that DID NOT HAVE JAVA installed! Ergo, bogus exploit, not that it didn't work, but that it did not infect anywhere near the number claimed—PING!


Apple Security Ping!

Please, No Flame Wars!
Discuss technical issues, software, and hardware.
Don't attack people!
Don't respond to the Anti-Apple Thread Trolls!
PLEASE IGNORE THEM!!!

If you want on or off the Mac Ping List, Freepmail me.

9 posted on 12/05/2012 1:16:12 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 5 | View Replies]

To: norwaypinesavage
Easy solution: Run Windows. It has a long history of successful multiple vendor anti-virus software.

It ain't the anti-virus vendors... it's ONE Russian vendor with a product to sell: one who has claimed the exploit that no one in the wild has ever seen on a Mac. . . and who set up what he claimed was a database of known infected Mac UUIDs that reported brand new Macs, ones that were impossible to have been infected, as already infected. That tells me that all this vendor did was create a database of known UUIDs in the range assigned to Apple and claim it was a list of Macs "infected" with his bogus Java malware. . . when none of them were. That explains the high claimed numbers of infected Macs when no one was finding any in the wild.

It made loads of headlines for a month or so... but no one was reporting their computers were infected. Just that their UUIDs were on the list. But when they ran the tests for being infected, Nope, nada, nothing found.

10 posted on 12/05/2012 1:23:38 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Swordmaker

Thank you for the ping!


11 posted on 12/05/2012 1:24:13 AM PST by johngrace (I am a 1 John 4! Christian- declared at every Sunday Mass , Divine Mercy and Rosary prayers!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Docbarleypop
need to send this to my sister, a Mac worshiper, who believes that Macs have “never” had a virus.

She is right. They haven't. In the past dozen years that OSX has been in the wild, there have been seven attempts at building a self-replicating, self-transmitting, self-installing computer virus that would spread in Apple OSX Macs. All have failed.

There are approximately 28 known Trojan horse applications in five easily identified families that the OS will protect the user from downloading, installing, or running. At worst, this "malware" would be one of those "trojans," based on a now patched vulnerability in Java that affected OSX based Macs released before 2008. . . that had Java installed as a default. Apple stopped shipping Java installed as a default install two OSX revisions ago. . . limiting the damage it could do IF it got installed by a user. But that's not the least of it.

This "massive infection of 800,000 Macs never existed. . . there was a Java exploit, yes, but to get this thing you had to download some obscure charter definition files from a limited number of Eastern Russian role playing gaming sites. How many Mac users play that type of role playing game? Strangely, almost ALL, 95%, of the claimed infected Macs were in the US!??? But they had to connect to, and download a Trojan from an obscure Russian game site??? 800,000 of them??? Really? This was all based on a single source news story from a Russian anti-virus vendor who, TADA, had an anti-virus solution to sell to remove said malware. AND, he had intercepted these 800,000 Macs all calling home with a honeypot server that had recorded the UUIDs of the infected Macs!!!

This vendor set up a database that Mac users could submit their Mac UUIDs to and quickly learn if their Mac was infected and know if it was a member of the "massive Macbot" the malware author had built with their machine and 800,000 other infected Macs. But when the honeypot database started showing brand new Macs coming right off the assembly line, MACS WITHOUT JAVA INSTALLED, Macs which had never, ever been connected to the internet and were already listed with their Unique UUIDs as being "members of the massive 800,000 member MacBot," it became pretty obvious to us Mac users—who were looking for infected Macs and not finding them, just lots of users applying the easily applied removal tools to their Macs and NOT FINDING ANYTHING at all and reporting that negative fact—that it was a hoax designed to sell anti-virus wares. Hell, MY Mac's UUID was listed... as had two brand new machines at my office that had never had Java installed! There was no way they could even RUN the malware! Ergo, fraud, my friend. That did not get reported anywhere nearly as widely as the hyperbole of the massive MacBot did.

12 posted on 12/05/2012 1:49:09 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Docbarleypop
And he says, “Oh, uh, there won’t be any money, but when you die, on your deathbed, you will receive total consciousness.” So I got that goin’ for me, which is nice.

See, good things come to those who wait. Consciousness will come to you someday, while the rest of us enjoy it now!

13 posted on 12/05/2012 7:28:16 PM PST by roadcat
[ Post Reply | Private Reply | To 6 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson