If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Mac Observer)   New computer trojan sidesteps user permissions. Good think I have a Mac. What? Oh crap   (macobserver.com) divider line 99
    More: Fail, FUD, user interaction, OS X, application software, computer trojan, security software  
•       •       •

5625 clicks; posted to Geek » on 25 Jul 2012 at 11:05 AM (2 years ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



99 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread

First | « | 1 | 2 | » | Last | Show all
 
2012-07-25 11:09:37 AM
bahahah as a mac hater (after owning some) i love these articles even when apple tries to hide them and deny the issues:)

P.S. i own a computer store and a customer came in with a mac tower last month.. he paid $5k for this thing like 5 years ago. i believe it was a mac pro tower 2 (i see alot of computers, bad memory) anyway.. he just wanted a simple memory upgrade, apple store told him its too old to update and he should buy a new one.. it used standard ddr2 ecc memory took 10 minutes to do and cost under $100 for 4 gb upgrade. Hell of a support system there for such expensive machines:)
 
2012-07-25 11:15:33 AM
*reads post by Icetech3*
*makes popcorn*
*waits*
 
2012-07-25 11:16:57 AM
Good think indeed.
 
2012-07-25 11:17:06 AM

Burr: *reads post by Icetech3*
*makes popcorn*
*waits*


*sits down beside Burr*
*opens the beer cooler*
*hands out some cold ones*
 
2012-07-25 11:17:26 AM
OK, so how do I get this new trojan?
Other than going to the A/V site and downloading a sample.
 
2012-07-25 11:18:20 AM

Icetech3: bahahah as a mac hater (after owning some) i love these articles even when apple tries to hide them and deny the issues:)

P.S. i own a computer store and a customer came in with a mac tower last month.. he paid $5k for this thing like 5 years ago. i believe it was a mac pro tower 2 (i see alot of computers, bad memory) anyway.. he just wanted a simple memory upgrade, apple store told him its too old to update and he should buy a new one.. it used standard ddr2 ecc memory took 10 minutes to do and cost under $100 for 4 gb upgrade. Hell of a support system there for such expensive machines:)


This is gonna get some bites.
 
2012-07-25 11:18:22 AM

Icetech3: bahahah as a mac hater (after owning some) i love these articles even when apple tries to hide them and deny the issues:)

P.S. i own a computer store and a customer came in with a mac tower last month.. he paid $5k for this thing like 5 years ago. i believe it was a mac pro tower 2 (i see alot of computers, bad memory) anyway.. he just wanted a simple memory upgrade, apple store told him its too old to update and he should buy a new one.. it used standard ddr2 ecc memory took 10 minutes to do and cost under $100 for 4 gb upgrade. Hell of a support system there for such expensive machines:)


You didn't charge extra for it being Apple hardware? At the store i worked at we use to charge a premium.
 
2012-07-25 11:23:53 AM
FTFA: "Intego says the trojan hasn't been spotted in the wild yet, although it has already updated its VirusBarrier X6 definition files to detect the potential threat."

So a trojan that hasn't been spotted in the wild and can already be detected is considered news because it affects OSX?
 
2012-07-25 11:27:29 AM
I'm wide open here, hit me with that new Trojan.

/going back to work...
 
rpm
2012-07-25 11:28:17 AM
BFD. It's trivial to write into the user directory and schedule something through launchd or editing user . files to launch. I've been saying that doing this is easy for years. Unless you have MAC (no, I don't mean Mac), there's not squat you can do about it.

You could mount home noexec as a trivial fix, but I don't know how well that would fly.
 
2012-07-25 11:29:22 AM

Carth: FTFA: "Intego says the trojan hasn't been spotted in the wild yet, although it has already updated its VirusBarrier X6 definition files to detect the potential threat."

So a trojan that hasn't been spotted in the wild and can already be detected is considered news because it affects OSX?


Worse, it is a "trojan" that doesn't require user interaction and has never been seen in the wild. I think they found it on their girlfriend's computer. You wouldn't know her, she lives in Canada.
 
2012-07-25 11:29:43 AM
I knew the move from PowerPC to Intel would weaken the Mac's vaunted resistance to malware. Hackers learn to program x86, and the rewards for learning the quite different PowerPC architecture and machine language weren't worth the learning curve. Now there's no need, since Macs use x86/x64 CPUs now, just like Windows machines.
 
2012-07-25 11:30:29 AM
I HATE MACS BECAUSE NO GAMES ONE BUTTON MOUSE
 
2012-07-25 11:31:28 AM
btw, if it is able to install itself without user intervention, doesn't that make it a virus, not a trojan?
 
2012-07-25 11:35:02 AM

FlashHarry: btw, if it is able to install itself without user intervention, doesn't that make it a virus, not a trojan?


Give them a break, they are obviously new to the world of malicious code....

/Not really but you know what I mean
//I hope it attacks their smuggnes first
 
2012-07-25 11:36:06 AM
If I see that ugly green thing emerging from my monitor, to hell with antivirus... I'm calling the farking Ghostbusters.
 
2012-07-25 11:36:33 AM

Malacon: Icetech3: bahahah as a mac hater (after owning some) i love these articles even when apple tries to hide them and deny the issues:)

P.S. i own a computer store and a customer came in with a mac tower last month.. he paid $5k for this thing like 5 years ago. i believe it was a mac pro tower 2 (i see alot of computers, bad memory) anyway.. he just wanted a simple memory upgrade, apple store told him its too old to update and he should buy a new one.. it used standard ddr2 ecc memory took 10 minutes to do and cost under $100 for 4 gb upgrade. Hell of a support system there for such expensive machines:)

This is gonna get some bites.


Surely not? It's way too obvious.
 
2012-07-25 11:37:56 AM
BUT MACS DON'T GET VIRUSES!!!!!
 
2012-07-25 11:40:34 AM

kroonermanblack: Malacon: Icetech3: bahahah as a mac hater (after owning some) i love these articles even when apple tries to hide them and deny the issues:)

P.S. i own a computer store and a customer came in with a mac tower last month.. he paid $5k for this thing like 5 years ago. i believe it was a mac pro tower 2 (i see alot of computers, bad memory) anyway.. he just wanted a simple memory upgrade, apple store told him its too old to update and he should buy a new one.. it used standard ddr2 ecc memory took 10 minutes to do and cost under $100 for 4 gb upgrade. Hell of a support system there for such expensive machines:)

This is gonna get some bites.

Surely not? It's way too obvious.


Well now it is....
 
2012-07-25 11:42:25 AM

Malacon: Icetech3: bahahah as a mac hater (after owning some) i love these articles even when apple tries to hide them and deny the issues:)

P.S. i own a computer store and a customer came in with a mac tower last month.. he paid $5k for this thing like 5 years ago. i believe it was a mac pro tower 2 (i see alot of computers, bad memory) anyway.. he just wanted a simple memory upgrade, apple store told him its too old to update and he should buy a new one.. it used standard ddr2 ecc memory took 10 minutes to do and cost under $100 for 4 gb upgrade. Hell of a support system there for such expensive machines:)

This is gonna get some bites.


Not really. It's painfully obvious he's talking out of his ass.
 
rpm
2012-07-25 11:44:36 AM

Ed Grubermann: Malacon: Icetech3: bahahah as a mac hater (after owning some) i love these articles even when apple tries to hide them and deny the issues:)

P.S. i own a computer store and a customer came in with a mac tower last month.. he paid $5k for this thing like 5 years ago. i believe it was a mac pro tower 2 (i see alot of computers, bad memory) anyway.. he just wanted a simple memory upgrade, apple store told him its too old to update and he should buy a new one.. it used standard ddr2 ecc memory took 10 minutes to do and cost under $100 for 4 gb upgrade. Hell of a support system there for such expensive machines:)

This is gonna get some bites.

Not really. It's painfully obvious he's talking out of his ass.


Not really. Updating my Powerbook to 4 GB at the Apple store - $300 (several generations back when I looked)

Buying RAM online and doing it - $30
 
2012-07-25 11:50:14 AM
Welcome to the real world.

Amazing how that works when you're in a bigger pool,
where more crazies & assholes are aware of you as a target
and have had time to figure out how to victimize you.
 
2012-07-25 11:56:22 AM

moralpanic: Icetech3: bahahah as a mac hater (after owning some) i love these articles even when apple tries to hide them and deny the issues:)

P.S. i own a computer store and a customer came in with a mac tower last month.. he paid $5k for this thing like 5 years ago. i believe it was a mac pro tower 2 (i see alot of computers, bad memory) anyway.. he just wanted a simple memory upgrade, apple store told him its too old to update and he should buy a new one.. it used standard ddr2 ecc memory took 10 minutes to do and cost under $100 for 4 gb upgrade. Hell of a support system there for such expensive machines:)

You didn't charge extra for it being Apple hardware? At the store i worked at we use to charge a premium.


Moral, no... my store has been in business for 24 years and i have a amazing REP.. i wouldn't screw anyone and hurt that:) And to the person saying $30 for 4gb of ecc ddr2 with the proper apple heat sinks for $30? where? in the pro tower the sticks are mounted so that air flows across them with 1" heat sinks on each chip.. i didnt just give the customer some shiat OCZ and hope it worked for a week:)

And moral, naw.. i only charge $10 labor for installing the memory and blowing the dust out..
 
2012-07-25 12:10:15 PM

Icetech3: bahahah as a mac hater (after owning some) i love these articles even when apple tries to hide them and deny the issues:)

P.S. i own a computer store and a customer came in with a mac tower last month.. he paid $5k for this thing like 5 years ago. i believe it was a mac pro tower 2 (i see alot of computers, bad memory) anyway.. he just wanted a simple memory upgrade, apple store told him its too old to update and he should buy a new one.. it used standard ddr2 ecc memory took 10 minutes to do and cost under $100 for 4 gb upgrade. Hell of a support system there for such expensive machines:)


I'm guessing, knowing the Apple store, was that they didn't actually tell him that they absolutely could not upgrade is five year old computer, but rather they told him that simply upgrading the memory on his five year old computer isn't going to give it that big of a boost. Depending on how high-end it was when he bought it, it would have had an early Intel Core 2 Duo, or even just a Core Duo.

Remember, Apple is all about the experience (and paying a premium for it). They don't want to sell you stuff if you're not going to have an incredible experience with it.
 
2012-07-25 12:12:34 PM
Mac pro tower 2 2xXeon 2.8ghz paid just over 5k i believe he said.. and he was happy with the machine.. mainly needed more memory to upgrade the OS.. and they flat out told him they CANT upgrade the memory..

But anyway.. i didnt come here to argue this or that.. i just cant help myself when it comes to the cult of apple:)

Later guys:)
 
2012-07-25 12:14:32 PM
very early on I quit a job because of various, sneaky policies. One of them was charging almost double to work on a Mac, even if it was just a tune up and some clean up.

Good for you icetech, if you were in my neck of the woods I would send people to you
 
2012-07-25 12:14:41 PM
Why would a virus have a single, hard-coded IP address to phone home too? That article smells of bullshiat.
 
2012-07-25 12:17:15 PM
i49.tinypic.com
 
2012-07-25 12:17:23 PM

Icetech3:
But anyway.. i didnt come here to argue this or that..


yes you did.
 
2012-07-25 12:17:55 PM

Flappyhead: Burr: *reads post by Icetech3*
*makes popcorn*
*waits*

*sits down beside Burr*
*opens the beer cooler*
*hands out some cold ones*


*is late sitting down*
*ran out to get pizza*
*and hot wings*
 
2012-07-25 12:18:02 PM

Icetech3: in the pro tower the sticks are mounted so that air flows across them with 1" heat sinks on each chip...


Honestly? You think those machines are going to run those chips that hot? And I've use OCZ chips for a long time with no problems. I don't buy the "Value" RAM, though. Buy a decent chip from a decent manufacturer, even without the Apple-brand special RAM heatsinks, and it'll be fine.
 
2012-07-25 12:20:01 PM

moralpanic: Icetech3: bahahah as a mac hater (after owning some) i love these articles even when apple tries to hide them and deny the issues:)

P.S. i own a computer store and a customer came in with a mac tower last month.. he paid $5k for this thing like 5 years ago. i believe it was a mac pro tower 2 (i see alot of computers, bad memory) anyway.. he just wanted a simple memory upgrade, apple store told him its too old to update and he should buy a new one.. it used standard ddr2 ecc memory took 10 minutes to do and cost under $100 for 4 gb upgrade. Hell of a support system there for such expensive machines:)

You didn't charge extra for it being Apple hardware? At the store i worked at we use to charge a premium.


You should have charged him additional $50 because Steve Jobs blessed the memory chips before he expired.
 
2012-07-25 12:22:11 PM
Crisis is considered a low level threat, although it's still a good idea to avoid websites you deem untrustworthy.

You mean shiat that looks like this?

http://tmo.to/ek4s

Like, at the bottom of your article?

/i know, i know
//still, sketchy links frequently look like that
 
2012-07-25 12:23:41 PM
Say what you will about MS Windows but at least the viruses don't look like this

www.macobserver.com
 
2012-07-25 12:25:26 PM

FunkyBlue: Icetech3: in the pro tower the sticks are mounted so that air flows across them with 1" heat sinks on each chip...

Honestly? You think those machines are going to run those chips that hot? And I've use OCZ chips for a long time with no problems. I don't buy the "Value" RAM, though. Buy a decent chip from a decent manufacturer, even without the Apple-brand special RAM heatsinks, and it'll be fine.


Funky, the machine is basically a server machine used as a workstation, and i wouldn't consider giving a customer anything that might have the slightest chance of messing up.. when the right part with the right HS is only a few bucks more:)

As for OCZ.. i dont hate ocz or have anything against them.. my own personal machine has old OCZ reapers in it cause i got a deal and because i knew this batch had micron chips, there are only certain chip manufacturers we will sell... always avoid spektek and Nanya if you can help it.. we order 300-500 sticks at a time and everytime out supplier would send those 2 brands we would end up with a crazy ammount of bad ones right outa the box:)

Anyway.. sorry for hijacking this thread..

P.S. danth, naw i never charge a premium but i do try to educate, anyone that comes in talking about buying a mac i advise to use one for at least a hour before they buy.. if they like it, great good luck to you.. if they don't then they can go get a nice i7 laptop for less money :)
 
2012-07-25 12:28:19 PM

Fubini: Remember, Apple is all about the experience (and paying a premium for it). They don't want to sell you stuff if you're not going to have what Apple thinks is an incredible experience with it.


FTFY

Honestly, I've never been that impressed with ~95% of the "Apple experience". Except for the Apple displays. Got damn those things are sexy.
 
2012-07-25 12:28:23 PM

Slaxl: Say what you will about MS Windows but at least the viruses don't look like this

[www.macobserver.com image 256x292]


Windows doesn't have holographic projection? Bah, what a backwards OS.
 
2012-07-25 12:36:00 PM

Carth: FTFA: "Intego says the trojan hasn't been spotted in the wild yet, although it has already updated its VirusBarrier X6 definition files to detect the potential threat."

So a trojan that hasn't been spotted in the wild and can already be detected is considered news because it affects OSX?


Ok I'll bite on this one:

It's news because its a virus that does not explicitly require any user intervention to infect a system. For Windows, this is an everyday occurance. For Macs, this is HUGE. Keep in mind that there are quite a few viruses out there for Macs, however all of them require you to run a file or to open a word/excel/iWork document with macros enabled. It also requires you to be dumb enough to say YES when it asks if you want to execute this file, and half of the time it requires a password to be entered by the user to let the offending software run.

For this new infection to happen, none of this is needed. You simply touch the file in any way (website for example) and BAM - Yer infected.

That is why this is news.
 
2012-07-25 12:37:08 PM
LoL at the macfags in the comments blasting the security company for making shiat up. Goes straight from there to conspiracy theories regarding who actually creates malware. Awesomesauce.
 
2012-07-25 12:37:28 PM

Teufelaffe: Fubini: Remember, Apple is all about the experience (and paying a premium for it). They don't want to sell you stuff if you're not going to have what Apple thinks is an incredible experience with it.

FTFY

Honestly, I've never been that impressed with ~95% of the "Apple experience". Except for the Apple displays. Got damn those things are sexy.



If I could add the gestures from my MacBook to my PC laptop I would. It s the only thing I miss when I switch between the two.
 
2012-07-25 12:37:57 PM

Icetech3: Funky, the machine is basically a server machine used as a workstation, and i wouldn't consider giving a customer anything that might have the slightest chance of messing up.. when the right part with the right HS is only a few bucks more:)


Oh, I'm the same way when I do my builds and repairs, but generally as long as the machine is designed properly with adequate ventilation, RAM doesn't generally overheat. My Corsair in my gaming machine have a simple heat spreader and haven't ever overheated in the four years I've been using them with normal fan ventilation of a standard case.

Most server machines are built to channel the air over critical components to cool them, if needed, so it surprises me that the internals weren't designed to do that in lieu of having large heatsinks (which, to me, just blocks more airflow through the case.)

/my threadjack over, too.
 
2012-07-25 12:40:37 PM
CURSE YOU FAT FINGERS FOR PRESSING THE ENTER BUTTON!

To continue, even though this is not in the wild (prototype virus, lets say) the implications are staggering - Someone has found a way around the Great Wall of Apple. Unless this is a one-off security hole that can easily be patched (entirely possible, given the scant information on Integro's site), that means that this technique will soon be adopted by the rest of the black hat world.

In short, if the path to infection cannot be closed quickly this will be the end of the "Mac's are immune to viruses". Mac Haters will pounce on this like a birth certificate from Kenya

/LULZ at Kenya
//Too Soon?
 
2012-07-25 12:42:09 PM
Good think?

Did you accidentally the whole thing?
 
2012-07-25 12:45:35 PM
FTA: "...the trojan hasn't been spotted in the wild yet,..."

What does this mean? Could one of you clarify this for me?

/weak article, more of a twit
 
2012-07-25 12:48:25 PM
Apple, like most other vendors, overcharge for their memory if you purchase it directly from the vendor.

Third party memory is always cheaper.

/always buy 3rd party for my computers
//no problems yet
 
2012-07-25 12:49:09 PM

FlashHarry: btw, if it is able to install itself without user intervention, doesn't that make it a virus, not a trojan?


Considering this hasn't been seen in the wild (the company themselves state this), I'm pretty sure everything else bar the bit that can be translated as "buy our software plox" is bullshiat.

If this hasn't been seen in the wild... where did they get their example of it from? Beyond compiling it in Xcode themselves I mean.

But yes, theoretically if it's a drive by infection that doesn't require the user to do anything and is capable of self replication to other systems then yes, technically it's a virus not a trojan.
 
2012-07-25 12:51:16 PM

Professor_Falken: this will be the end of the "Mac's are immune to viruses"


That's been over for a long time. Apple doesn't tout that particular line on their advertising any more, and in fact suggest running some third party security software.

You're still safer running a mac than a pc for general web browsing, fwiw. The amount of malware and targeting comparing mac users and windows users is pretty much not even in the same universe, let alone ballpark.
 
2012-07-25 12:56:00 PM

Odd Bird: FTA: "...the trojan hasn't been spotted in the wild yet,..."

What does this mean? Could one of you clarify this for me?

/weak article, more of a twit


Short answer: "We made this, be scared and buy our software."

Long answer: The code for this exists however it's primary infection vector has not been seen to be used. It could theoretically be out there somewhere but no security firm, vendor (in this case Apple) or end user has ever actually been infected by it or indeed seen a compromised web server sending it out; the command & control system (the IP address it is hammering) is likely to be inactive/unavailable or otherwise dealt with in a way that renders that portion of it inert. Blocking that IP address would also render any information harvesting capabilities the malicious program has moot, indeed your firewall screaming that your trying to connect to that IP would be an exceptionally good indication you are infected with it... which you won't be because it's not in the wild.
 
2012-07-25 01:01:06 PM

Professor_Falken: Carth: FTFA: "Intego says the trojan hasn't been spotted in the wild yet, although it has already updated its VirusBarrier X6 definition files to detect the potential threat."

So a trojan that hasn't been spotted in the wild and can already be detected is considered news because it affects OSX?

Ok I'll bite on this one:

It's news because its a virus that does not explicitly require any user intervention to infect a system. For Windows, this is an everyday occurance. For Macs, this is HUGE. Keep in mind that there are quite a few viruses out there for Macs, however all of them require you to run a file or to open a word/excel/iWork document with macros enabled. It also requires you to be dumb enough to say YES when it asks if you want to execute this file, and half of the time it requires a password to be entered by the user to let the offending software run.

For this new infection to happen, none of this is needed. You simply touch the file in any way (website for example) and BAM - Yer infected.

That is why this is news.



though if it's not out in the wild, where the hell did they find it?
 
2012-07-25 01:03:53 PM

Professor_Falken: Someone has found a way around the Great Wall of Apple


Um... it's not exactly hard to get a trojan onto an OSX machine.

At a guess, this probably exploits something in QuickTime to get arbitrary code execution. It wouldn't be the first time somebody's done that.
 
Displayed 50 of 99 comments

First | « | 1 | 2 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »






Report