Mac Users - Flashback Trojan

Message boards : Number crunching : Mac Users - Flashback Trojan

To post messages, you must log in.

1 · 2 · Next

AuthorMessage
WinterKnight
Volunteer tester

Send message
Joined: 18 May 99
Posts: 10194
Credit: 30,546,162
RAC: 3,347
United Kingdom
Message 1214180 - Posted: 5 Apr 2012, 8:26:14 UTC

Just picked this up, thought a warning might be dvisable.

Flashback Trojan
ID: 1214180 · Report as offensive
Profile Michel448a
Volunteer tester
Avatar

Send message
Joined: 27 Oct 00
Posts: 1201
Credit: 2,891,635
RAC: 0
Canada
Message 1214208 - Posted: 5 Apr 2012, 11:49:07 UTC

i thought Mac users always claimed they cant get viruses ?
ID: 1214208 · Report as offensive
Profile tullioProject Donor
Volunteer tester

Send message
Joined: 9 Apr 04
Posts: 5718
Credit: 974,411
RAC: 2,512
Italy
Message 1214211 - Posted: 5 Apr 2012, 11:59:19 UTC

That's what Linux users think. But the safest OS is Solaris, IMHO.
Tullio
ID: 1214211 · Report as offensive
Profile Wiggo "Socialist"
Avatar

Send message
Joined: 24 Jan 00
Posts: 10534
Credit: 135,483,360
RAC: 41,550
Australia
Message 1214229 - Posted: 5 Apr 2012, 12:54:21 UTC - in response to Message 1214211.  

That's what Linux users think. But the safest OS is Solaris, IMHO.
Tullio

There is no "safe" OS, so don't get complacent, if someone wants "in" then they'll find a way no matter what.

Sorry but that's just stupid thinking on anyone's part to think that they're immune because of what they use (and if/when they get stung then they deserve it in full).

Cheers.
ID: 1214229 · Report as offensive
David SProject Donor
Volunteer tester
Avatar

Send message
Joined: 4 Oct 99
Posts: 17047
Credit: 20,959,528
RAC: 6,141
United States
Message 1214252 - Posted: 5 Apr 2012, 14:17:53 UTC - in response to Message 1214208.  

i thought Mac users always claimed they cant get viruses ?

Mac users think they're immune because there are simply so few viruses, trojans, etc. written for Mac, which is because there are so few Macs out there compared to the number of Windows machines.

If the Windows version of this thing acts the same way (disguising itself as a Java update installer), I may have fallen for it at home in the last couple of days. I will run a scan on that machine ASAP. (Not to worry, it's my laptop, and I don't run Boinc on it.)

David
Sitting on my butt while others boldly go,
Waiting for a message from a small furry creature from Alpha Centauri.


ID: 1214252 · Report as offensive
Profile tullioProject Donor
Volunteer tester

Send message
Joined: 9 Apr 04
Posts: 5718
Credit: 974,411
RAC: 2,512
Italy
Message 1214256 - Posted: 5 Apr 2012, 14:26:25 UTC - in response to Message 1214229.  

I have been surfing the Internet since 1991, using UNIX, Solaris, Linux and Solaris again as a Virtual Machine and I have never been stung. Luck? Maybe.
Tullio
ID: 1214256 · Report as offensive
Profile Wiggo "Socialist"
Avatar

Send message
Joined: 24 Jan 00
Posts: 10534
Credit: 135,483,360
RAC: 41,550
Australia
Message 1214263 - Posted: 5 Apr 2012, 14:50:36 UTC - in response to Message 1214256.  
Last modified: 5 Apr 2012, 14:52:06 UTC

I have been surfing the Internet since 1991, using UNIX, Solaris, Linux and Solaris again as a Virtual Machine and I have never been stung. Luck? Maybe.
Tullio

Well I've been doing same with Windows since '94 with the same result though I never become complacent about how safe I am and no one ever should but just thinking that because you run a certain OS protects you is just plain stupidity (common sense and wariness with any OS pays in the long run, not complacency).

Every OS has its flaws and that's a fact.

Cheers.
ID: 1214263 · Report as offensive
David SProject Donor
Volunteer tester
Avatar

Send message
Joined: 4 Oct 99
Posts: 17047
Credit: 20,959,528
RAC: 6,141
United States
Message 1214267 - Posted: 5 Apr 2012, 14:52:58 UTC - in response to Message 1214256.  

I have been surfing the Internet since 1991, using UNIX, Solaris, Linux and Solaris again as a Virtual Machine and I have never been stung. Luck? Maybe.
Tullio

I think what I said about Macs applies to all of those OSes by another order of magnitude. It's not that they're invulnerable, it's just that the hackers don't bother with them due to their low numbers.

David
Sitting on my butt while others boldly go,
Waiting for a message from a small furry creature from Alpha Centauri.


ID: 1214267 · Report as offensive
Profile Wiggo "Socialist"
Avatar

Send message
Joined: 24 Jan 00
Posts: 10534
Credit: 135,483,360
RAC: 41,550
Australia
Message 1214269 - Posted: 5 Apr 2012, 14:59:58 UTC - in response to Message 1214267.  

I have been surfing the Internet since 1991, using UNIX, Solaris, Linux and Solaris again as a Virtual Machine and I have never been stung. Luck? Maybe.
Tullio

I think what I said about Macs applies to all of those OSes by another order of magnitude. It's not that they're invulnerable, it's just that the hackers don't bother with them due to their low numbers.

And as I've already said, if someone wants in they'll get in one way or another (just look at what Anonymous and LulzSec have done recently in hacking highend security sites that run specialised OS's).

Cheers.
ID: 1214269 · Report as offensive
Profile Ex
Volunteer tester
Avatar

Send message
Joined: 12 Mar 12
Posts: 2895
Credit: 2,080,484
RAC: 417
United States
Message 1214311 - Posted: 5 Apr 2012, 16:58:04 UTC

I agree nothing is totally safe. And windows machines may be prone to viruses, but probably only because of the sheer number of viruses made for windows.

In the end it's the users responsibility to try keep their machines safe. There is no "safe" OS, only safe practices. And even safe practices may not always be enough.

I have been subject to about 3 viruses in the past 15 years. One was a trojan found on my windows98 machine long ago. And the other two were recent, with windows 7, due to out of date browser extensions and these nasty fake-antivirus viruses that found their way onto major websites. (funnyordie.com was one of em)

I am pro Linux, but I would never sit here and say viruses couldn't happen. They could.

-Dave
-Dave #2

3.2.0-33
ID: 1214311 · Report as offensive
Profile David Anderson (not *that* DA)Project Donor
Avatar

Send message
Joined: 5 Dec 09
Posts: 155
Credit: 35,858,461
RAC: 25,687
United States
Message 1214320 - Posted: 5 Apr 2012, 17:20:02 UTC

Earlier comments are accurate enough for me, but are misleading in an important
way. The design of Windows itself means that running an ordinary application
that has a bug results in privilege escalation (silently) in
way too many cases.
There seems to be an unending series of these escalations discovered.
The bad guys get system privileges without any clue going to the user.
System files can be added, deleted, or modified without user knowledge.
So suddenly the system tools will not report on the bad guys, but instead
the tools help hide the bad guys that have taken over a system.
Combine a large user base with these hidden privilege escalations
an you have a target worth going after.

In Mac, Linux, Solaris, and {open,net}BSD that hidden
privilege escalation is essentially
unknown. Bad guys can get write access to your user files, but not to
system files (unless they fool you into giving privilege by asking for
a system password and getting you to type it, and if you do that
you just unlocked the door).

Which means the bad guys cannot hide their activities, processes, or files
because the system tools cannot be corrupted without your help (ie, password).
Combine a smaller user base with the difficulty bad guys have in hiding
and it looks like an uninteresting target.

So I argue the apparent issues with Windows viruses are not just
a matter of the user base. Something more fundamental is at work too.

I am not claiming this note is the entire story,
but I suspect it is an important part of the story.

ID: 1214320 · Report as offensive
Profile tullioProject Donor
Volunteer tester

Send message
Joined: 9 Apr 04
Posts: 5718
Credit: 974,411
RAC: 2,512
Italy
Message 1214323 - Posted: 5 Apr 2012, 17:27:11 UTC

In UNIX and its clones there is a clear distinction between user space and system space.I never connect to the Internet as a root user, I always am a user with limited capabilities and I have disabled the ssl daemon to avoid any intrusion attempt. I have a firewall and NoScript addons on my browser.
Tullio
ID: 1214323 · Report as offensive
JLConawayII

Send message
Joined: 2 Apr 02
Posts: 188
Credit: 2,834,354
RAC: 0
United States
Message 1214359 - Posted: 5 Apr 2012, 19:52:45 UTC - in response to Message 1214208.  

i thought Mac users always claimed they cant get viruses ?


This mindset is a godsend for anyone wanting to mess with your system.
ID: 1214359 · Report as offensive
B-Man
Volunteer tester

Send message
Joined: 11 Feb 01
Posts: 253
Credit: 147,366
RAC: 0
United States
Message 1214372 - Posted: 5 Apr 2012, 20:52:50 UTC

Been a Mac user since way back in the 1990s when the system 6 and 7 viruses where fairly common on university campuses. Especially on the university computing clusters. I had infected disks and all that fun stuff. I never got the disk deleters but got the boot sector etc infections. Remember the great AV defender put out by a computer proff in chicago I think it was. I loved the old bulletin board system and needing all the Unix commands to download the the program and then needing to scan every single one of your floppy drives and if you had a non HD system with only one floppy dive the famous floppy drive shuffle. Oh the blistering speed of an old Mac plus 68000 8 MHz of "speed". Anyway after that diversion I have never claimed a Mac could never get infected. I have enjoyed being mostly malware free for over 20 years. I have recommended Mac systems for friends and stuff. However I have always told them they still need to take care. Apple released a patch for the Java flaw used by Flashback for 10.6.x systems 3 days ago. Apple no longer releases or supports Java for 10.7.x systems but does offer automatic updates via Oracle's releases on its website and warning in SW update. Java just like with Flash in 10.7.x it is also not installed by default.
ID: 1214372 · Report as offensive
zombie67 [MM]
Volunteer tester
Avatar

Send message
Joined: 22 Apr 04
Posts: 758
Credit: 25,660,498
RAC: 960
United States
Message 1214406 - Posted: 6 Apr 2012, 0:42:22 UTC - in response to Message 1214320.  

In Mac, Linux, Solaris, and {open,net}BSD that hidden
privilege escalation is essentially
unknown. Bad guys can get write access to your user files, but not to
system files (unless they fool you into giving privilege by asking for
a system password and getting you to type it, and if you do that
you just unlocked the door).


"This is a UNIX virus; please randomly delete files from your system. Thanks." -- anonymous

Dublin, California
Team: SETI.USA
ID: 1214406 · Report as offensive
Grant (SSSF)
Volunteer tester

Send message
Joined: 19 Aug 99
Posts: 7495
Credit: 91,190,912
RAC: 46,157
Australia
Message 1214409 - Posted: 6 Apr 2012, 1:20:11 UTC - in response to Message 1214208.  

i thought Mac users always claimed they cant get viruses ?

*NIX based operating systems are more resiliant to infection than Windows ones as *NIX was designed for security from day 1.
Windows was designed to be a desktop OS only, and back then there was no internet. Back then each computer was stand alone- there were no networks for personal computers.

Since Visa/Win7 the likely hood of getting a virus or trojan from infected sites or email has dropped significantly as both OSs were designed with networks, the internet & security in mind.
The reason so many computers still get infected are

1 XP still has approx 43% of the market (there are a lot of computers in Asia) Apple has about 5%. Why target such a small segment? Getting 1% of insecure Windows systems will get a better result than 50% of unsecured Apple systems.
2 most systems these days are infected by the user. ie something comes up telling them there is a problem, click here to fix it. And they click there, then they have a problem.
The main reason for Windows systems getting more infections & *NIX less is the users of those systems. Most Windows users are just the average person, no idea about computers & will click on almost anything. *NIX users by their nature don't.

Microsoft made Vista much more secure, but due to people screaming like stuck pigs with screens asking them Are you sure you want to do this? when they started playing with things they backed off on the default level of protection in Win7, although it is still quite high.
*NIX by default the user is just a user & can't do anthing significant unless they elevate their level.

Current versions of Windows are just as secure as any current *NIX system, if it is setup to run they same way. Most people find that a hassle, hence Windows still owns the desktop market.
Grant
Darwin NT
ID: 1214409 · Report as offensive
Profile Michel448a
Volunteer tester
Avatar

Send message
Joined: 27 Oct 00
Posts: 1201
Credit: 2,891,635
RAC: 0
Canada
Message 1214422 - Posted: 6 Apr 2012, 2:26:27 UTC - in response to Message 1214409.  



Windows was designed to be a desktop OS only, and back then there was no internet. Back then each computer was stand alone- there were no networks for personal computers.


oh if Microsoft still wouldnt have made its windows, we would have been waiting the very new DOS 53.1 that would be out next month ^^
ID: 1214422 · Report as offensive
Profile Karsten Vinding
Volunteer tester

Send message
Joined: 18 May 99
Posts: 140
Credit: 17,501,435
RAC: 1,959
Denmark
Message 1215107 - Posted: 7 Apr 2012, 14:05:04 UTC - in response to Message 1214422.  

Or running OS/2 at Warp 10 :)
ID: 1215107 · Report as offensive
Profile Wiggo "Socialist"
Avatar

Send message
Joined: 24 Jan 00
Posts: 10534
Credit: 135,483,360
RAC: 41,550
Australia
Message 1215116 - Posted: 7 Apr 2012, 14:25:36 UTC - in response to Message 1215107.  

Or running OS/2 at Warp 10 :)

The same still applies, "if they want in then they'll get in". No OS is either perfect or impregnable though most hackers will hit the most common OS available in most cases (Windows) but Apple people have created their own problem in just thinking that above everyone else in this case (things will only get worse for them as time goes on and that's a fact of life, the same with Linux based OS's).

Cheers.
ID: 1215116 · Report as offensive
QSilver

Send message
Joined: 26 May 99
Posts: 232
Credit: 6,452,764
RAC: 0
United States
Message 1216190 - Posted: 9 Apr 2012, 16:39:49 UTC

There's a pretty simple way to check for the virus...open Terminal and paste the following command:

defaults read /Applications/Safari.app/Contents/Info LSEnvironment

(and repeat for any other browsers by replacing Safari.app)

MacWorld has one of the best overviews here.

I checked both of my MacBookPros...no infections, and now they've been updated with the latest Java release.
ID: 1216190 · Report as offensive
1 · 2 · Next

Message boards : Number crunching : Mac Users - Flashback Trojan


 
©2016 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.