Posted on 12/04/2012 10:08:15 AM PST by Swordmaker
" A new piece of malicious software targeted at Apple users has been found on a website dedicated to the Dalai Lama, but one security vendor is labeling it as low risk."
"The malware, nicknamed "Dockster," is a backdoor that allows an attacker to control the victim's computer, record keystrokes and export files, according to Intego, which sells security software for Macs."
"Dockster tries to infect computers by exploiting a vulnerability in Java, CVE-2012-0507. The vulnerability is the same one used by the Flashback malware, which first appeared around September 2011 and infected as many as 800,000 computers via a drive-by download. Flashback was used to fraudulently click on advertisements in order to generate illicit revenue in a type of scam known as click fraud."
(Excerpt) Read more at computerworld.com ...
If you want on or off the Mac Ping List, Freepmail me.
Easy solution: Run Windows. It has a long history of successful multiple vendor anti-virus software.
need to send this to my sister, a Mac worshiper, who believes that Macs have “never” had a virus.
So I jump ship in Hong Kong and I make my way over to Tibet, and I get on as a looper at a course over in the Himalayas..and who do you think they give me? The Dalai Lama, himself.And I say, “Hey, Lama, hey, how about a little something, you know, for the effort, you know.” And he says, “Oh, uh, there won’t be any money, but when you die, on your deathbed, you will receive total consciousness.” So I got that goin’ for me, which is nice.
If you want on or off the Mac Ping List, Freepmail me.
If you want on or off the Mac Ping List, Freepmail me.
If you want on or off the Mac Ping List, Freepmail me.
It ain't the anti-virus vendors... it's ONE Russian vendor with a product to sell: one who has claimed the exploit that no one in the wild has ever seen on a Mac. . . and who set up what he claimed was a database of known infected Mac UUIDs that reported brand new Macs, ones that were impossible to have been infected, as already infected. That tells me that all this vendor did was create a database of known UUIDs in the range assigned to Apple and claim it was a list of Macs "infected" with his bogus Java malware. . . when none of them were. That explains the high claimed numbers of infected Macs when no one was finding any in the wild.
It made loads of headlines for a month or so... but no one was reporting their computers were infected. Just that their UUIDs were on the list. But when they ran the tests for being infected, Nope, nada, nothing found.
Thank you for the ping!
She is right. They haven't. In the past dozen years that OSX has been in the wild, there have been seven attempts at building a self-replicating, self-transmitting, self-installing computer virus that would spread in Apple OSX Macs. All have failed.
There are approximately 28 known Trojan horse applications in five easily identified families that the OS will protect the user from downloading, installing, or running. At worst, this "malware" would be one of those "trojans," based on a now patched vulnerability in Java that affected OSX based Macs released before 2008. . . that had Java installed as a default. Apple stopped shipping Java installed as a default install two OSX revisions ago. . . limiting the damage it could do IF it got installed by a user. But that's not the least of it.
This "massive infection of 800,000 Macs never existed. . . there was a Java exploit, yes, but to get this thing you had to download some obscure charter definition files from a limited number of Eastern Russian role playing gaming sites. How many Mac users play that type of role playing game? Strangely, almost ALL, 95%, of the claimed infected Macs were in the US!??? But they had to connect to, and download a Trojan from an obscure Russian game site??? 800,000 of them??? Really? This was all based on a single source news story from a Russian anti-virus vendor who, TADA, had an anti-virus solution to sell to remove said malware. AND, he had intercepted these 800,000 Macs all calling home with a honeypot server that had recorded the UUIDs of the infected Macs!!!
This vendor set up a database that Mac users could submit their Mac UUIDs to and quickly learn if their Mac was infected and know if it was a member of the "massive Macbot" the malware author had built with their machine and 800,000 other infected Macs. But when the honeypot database started showing brand new Macs coming right off the assembly line, MACS WITHOUT JAVA INSTALLED, Macs which had never, ever been connected to the internet and were already listed with their Unique UUIDs as being "members of the massive 800,000 member MacBot," it became pretty obvious to us Mac userswho were looking for infected Macs and not finding them, just lots of users applying the easily applied removal tools to their Macs and NOT FINDING ANYTHING at all and reporting that negative factthat it was a hoax designed to sell anti-virus wares. Hell, MY Mac's UUID was listed... as had two brand new machines at my office that had never had Java installed! There was no way they could even RUN the malware! Ergo, fraud, my friend. That did not get reported anywhere nearly as widely as the hyperbole of the massive MacBot did.
See, good things come to those who wait. Consciousness will come to you someday, while the rest of us enjoy it now!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.