Mac Users - Flashback Trojan

Message boards : Number crunching : Mac Users - Flashback Trojan

Author	Message
WinterKnight Volunteer tester Send message Joined: 18 May 99 Posts: 6985 Credit: 17,550,807 RAC: 16,000	Message 1214180 - Posted: 5 Apr 2012, 8:26:14 UTC
	Just picked this up, thought a warning might be dvisable. Flashback Trojan
	ID: 1214180 ·

Michel448a Volunteer tester Send message Joined: 27 Oct 00 Posts: 1144 Credit: 2,873,612 RAC: 330	Message 1214208 - Posted: 5 Apr 2012, 11:49:07 UTC
	i thought Mac users always claimed they cant get viruses ? ____________
	ID: 1214208 ·

tullio Send message Joined: 9 Apr 04 Posts: 2948 Credit: 266,077 RAC: 247	Message 1214211 - Posted: 5 Apr 2012, 11:59:19 UTC
	That's what Linux users think. But the safest OS is Solaris, IMHO. Tullio ____________
	ID: 1214211 ·

Wiggo Send message Joined: 24 Jan 00 Posts: 1654 Credit: 64,322,944 RAC: 54,699	Message 1214229 - Posted: 5 Apr 2012, 12:54:21 UTC - in response to Message 1214211.
	That's what Linux users think. But the safest OS is Solaris, IMHO. Tullio There is no "safe" OS, so don't get complacent, if someone wants "in" then they'll find a way no matter what. Sorry but that's just stupid thinking on anyone's part to think that they're immune because of what they use (and if/when they get stung then they deserve it in full). Cheers. ____________
	ID: 1214229 ·

N9JFE Send message Joined: 4 Oct 99 Posts: 2868 Credit: 8,773,173 RAC: 11,617	Message 1214252 - Posted: 5 Apr 2012, 14:17:53 UTC - in response to Message 1214208.
	i thought Mac users always claimed they cant get viruses ? Mac users think they're immune because there are simply so few viruses, trojans, etc. written for Mac, which is because there are so few Macs out there compared to the number of Windows machines. If the Windows version of this thing acts the same way (disguising itself as a Java update installer), I may have fallen for it at home in the last couple of days. I will run a scan on that machine ASAP. (Not to worry, it's my laptop, and I don't run Boinc on it.) ____________ David Sitting on my butt while others boldly go, Waiting for a message from a small furry creature from Alpha Centauri.
	ID: 1214252 ·

tullio Send message Joined: 9 Apr 04 Posts: 2948 Credit: 266,077 RAC: 247	Message 1214256 - Posted: 5 Apr 2012, 14:26:25 UTC - in response to Message 1214229.
	I have been surfing the Internet since 1991, using UNIX, Solaris, Linux and Solaris again as a Virtual Machine and I have never been stung. Luck? Maybe. Tullio ____________
	ID: 1214256 ·

Wiggo Send message Joined: 24 Jan 00 Posts: 1654 Credit: 64,322,944 RAC: 54,699	Message 1214263 - Posted: 5 Apr 2012, 14:50:36 UTC - in response to Message 1214256. Last modified: 5 Apr 2012, 14:52:06 UTC
	I have been surfing the Internet since 1991, using UNIX, Solaris, Linux and Solaris again as a Virtual Machine and I have never been stung. Luck? Maybe. Tullio Well I've been doing same with Windows since '94 with the same result though I never become complacent about how safe I am and no one ever should but just thinking that because you run a certain OS protects you is just plain stupidity (common sense and wariness with any OS pays in the long run, not complacency). Every OS has its flaws and that's a fact. Cheers. ____________
	ID: 1214263 ·

N9JFE Send message Joined: 4 Oct 99 Posts: 2868 Credit: 8,773,173 RAC: 11,617	Message 1214267 - Posted: 5 Apr 2012, 14:52:58 UTC - in response to Message 1214256.
	I have been surfing the Internet since 1991, using UNIX, Solaris, Linux and Solaris again as a Virtual Machine and I have never been stung. Luck? Maybe. Tullio I think what I said about Macs applies to all of those OSes by another order of magnitude. It's not that they're invulnerable, it's just that the hackers don't bother with them due to their low numbers. ____________ David Sitting on my butt while others boldly go, Waiting for a message from a small furry creature from Alpha Centauri.
	ID: 1214267 ·

Wiggo Send message Joined: 24 Jan 00 Posts: 1654 Credit: 64,322,944 RAC: 54,699	Message 1214269 - Posted: 5 Apr 2012, 14:59:58 UTC - in response to Message 1214267.
	I have been surfing the Internet since 1991, using UNIX, Solaris, Linux and Solaris again as a Virtual Machine and I have never been stung. Luck? Maybe. Tullio I think what I said about Macs applies to all of those OSes by another order of magnitude. It's not that they're invulnerable, it's just that the hackers don't bother with them due to their low numbers. And as I've already said, if someone wants in they'll get in one way or another (just look at what Anonymous and LulzSec have done recently in hacking highend security sites that run specialised OS's). Cheers. ____________
	ID: 1214269 ·

Ex Volunteer moderator Volunteer tester Send message Joined: 12 Mar 12 Posts: 2883 Credit: 1,184,859 RAC: 1,014	Message 1214311 - Posted: 5 Apr 2012, 16:58:04 UTC
	I agree nothing is totally safe. And windows machines may be prone to viruses, but probably only because of the sheer number of viruses made for windows. In the end it's the users responsibility to try keep their machines safe. There is no "safe" OS, only safe practices. And even safe practices may not always be enough. I have been subject to about 3 viruses in the past 15 years. One was a trojan found on my windows98 machine long ago. And the other two were recent, with windows 7, due to out of date browser extensions and these nasty fake-antivirus viruses that found their way onto major websites. (funnyordie.com was one of em) I am pro Linux, but I would never sit here and say viruses couldn't happen. They could. -Dave ____________ -Dave #2 3.2.0-33
	ID: 1214311 ·

David Anderson (not that DA) Send message Joined: 5 Dec 09 Posts: 84 Credit: 15,923,661 RAC: 18,504	Message 1214320 - Posted: 5 Apr 2012, 17:20:02 UTC
	Earlier comments are accurate enough for me, but are misleading in an important way. The design of Windows itself means that running an ordinary application that has a bug results in privilege escalation (silently) in way too many cases. There seems to be an unending series of these escalations discovered. The bad guys get system privileges without any clue going to the user. System files can be added, deleted, or modified without user knowledge. So suddenly the system tools will not report on the bad guys, but instead the tools help hide the bad guys that have taken over a system. Combine a large user base with these hidden privilege escalations an you have a target worth going after. In Mac, Linux, Solaris, and {open,net}BSD that hidden privilege escalation is essentially unknown. Bad guys can get write access to your user files, but not to system files (unless they fool you into giving privilege by asking for a system password and getting you to type it, and if you do that you just unlocked the door). Which means the bad guys cannot hide their activities, processes, or files because the system tools cannot be corrupted without your help (ie, password). Combine a smaller user base with the difficulty bad guys have in hiding and it looks like an uninteresting target. So I argue the apparent issues with Windows viruses are not just a matter of the user base. Something more fundamental is at work too. I am not claiming this note is the entire story, but I suspect it is an important part of the story.
	ID: 1214320 ·

tullio Send message Joined: 9 Apr 04 Posts: 2948 Credit: 266,077 RAC: 247	Message 1214323 - Posted: 5 Apr 2012, 17:27:11 UTC
	In UNIX and its clones there is a clear distinction between user space and system space.I never connect to the Internet as a root user, I always am a user with limited capabilities and I have disabled the ssl daemon to avoid any intrusion attempt. I have a firewall and NoScript addons on my browser. Tullio ____________
	ID: 1214323 ·

JLConawayII Send message Joined: 2 Apr 02 Posts: 183 Credit: 2,681,655 RAC: 3,179	Message 1214359 - Posted: 5 Apr 2012, 19:52:45 UTC - in response to Message 1214208.
	i thought Mac users always claimed they cant get viruses ? This mindset is a godsend for anyone wanting to mess with your system. ____________
	ID: 1214359 ·

B-Man Volunteer tester Send message Joined: 11 Feb 01 Posts: 253 Credit: 147,366 RAC: 0	Message 1214372 - Posted: 5 Apr 2012, 20:52:50 UTC
	Been a Mac user since way back in the 1990s when the system 6 and 7 viruses where fairly common on university campuses. Especially on the university computing clusters. I had infected disks and all that fun stuff. I never got the disk deleters but got the boot sector etc infections. Remember the great AV defender put out by a computer proff in chicago I think it was. I loved the old bulletin board system and needing all the Unix commands to download the the program and then needing to scan every single one of your floppy drives and if you had a non HD system with only one floppy dive the famous floppy drive shuffle. Oh the blistering speed of an old Mac plus 68000 8 MHz of "speed". Anyway after that diversion I have never claimed a Mac could never get infected. I have enjoyed being mostly malware free for over 20 years. I have recommended Mac systems for friends and stuff. However I have always told them they still need to take care. Apple released a patch for the Java flaw used by Flashback for 10.6.x systems 3 days ago. Apple no longer releases or supports Java for 10.7.x systems but does offer automatic updates via Oracle's releases on its website and warning in SW update. Java just like with Flash in 10.7.x it is also not installed by default. ____________
	ID: 1214372 ·

zombie67 [MM] Volunteer tester Send message Joined: 22 Apr 04 Posts: 753 Credit: 6,955,533 RAC: 15,921	Message 1214406 - Posted: 6 Apr 2012, 0:42:22 UTC - in response to Message 1214320.
	In Mac, Linux, Solaris, and {open,net}BSD that hidden privilege escalation is essentially unknown. Bad guys can get write access to your user files, but not to system files (unless they fool you into giving privilege by asking for a system password and getting you to type it, and if you do that you just unlocked the door). "This is a UNIX virus; please randomly delete files from your system. Thanks." -- anonymous ____________ Dublin, CA
	ID: 1214406 ·

Grant (SSSF) Send message Joined: 19 Aug 99 Posts: 5285 Credit: 41,821,293 RAC: 32,899	Message 1214409 - Posted: 6 Apr 2012, 1:20:11 UTC - in response to Message 1214208.
	i thought Mac users always claimed they cant get viruses ? NIX based operating systems are more resiliant to infection than Windows ones as NIX was designed for security from day 1. Windows was designed to be a desktop OS only, and back then there was no internet. Back then each computer was stand alone- there were no networks for personal computers. Since Visa/Win7 the likely hood of getting a virus or trojan from infected sites or email has dropped significantly as both OSs were designed with networks, the internet & security in mind. The reason so many computers still get infected are 1 XP still has approx 43% of the market (there are a lot of computers in Asia) Apple has about 5%. Why target such a small segment? Getting 1% of insecure Windows systems will get a better result than 50% of unsecured Apple systems. 2 most systems these days are infected by the user. ie something comes up telling them there is a problem, click here to fix it. And they click there, then they have a problem. The main reason for Windows systems getting more infections & NIX less is the users of those systems. Most Windows users are just the average person, no idea about computers & will click on almost anything. NIX users by their nature don't. Microsoft made Vista much more secure, but due to people screaming like stuck pigs with screens asking them Are you sure you want to do this? when they started playing with things they backed off on the default level of protection in Win7, although it is still quite high. NIX by default the user is just a user & can't do anthing significant unless they elevate their level. Current versions of Windows are just as secure as any current NIX system, if it is setup to run they same way. Most people find that a hassle, hence Windows still owns the desktop market. ____________ Grant Darwin NT.
	ID: 1214409 ·

Michel448a Volunteer tester Send message Joined: 27 Oct 00 Posts: 1144 Credit: 2,873,612 RAC: 330	Message 1214422 - Posted: 6 Apr 2012, 2:26:27 UTC - in response to Message 1214409.
	Windows was designed to be a desktop OS only, and back then there was no internet. Back then each computer was stand alone- there were no networks for personal computers. oh if Microsoft still wouldnt have made its windows, we would have been waiting the very new DOS 53.1 that would be out next month ^^ ____________
	ID: 1214422 ·

Karsten Vinding Volunteer tester Send message Joined: 18 May 99 Posts: 140 Credit: 14,254,917 RAC: 17,005	Message 1215107 - Posted: 7 Apr 2012, 14:05:04 UTC - in response to Message 1214422.
	Or running OS/2 at Warp 10 :) ____________
	ID: 1215107 ·

Wiggo Send message Joined: 24 Jan 00 Posts: 1654 Credit: 64,322,944 RAC: 54,699	Message 1215116 - Posted: 7 Apr 2012, 14:25:36 UTC - in response to Message 1215107.
	Or running OS/2 at Warp 10 :) The same still applies, "if they want in then they'll get in". No OS is either perfect or impregnable though most hackers will hit the most common OS available in most cases (Windows) but Apple people have created their own problem in just thinking that above everyone else in this case (things will only get worse for them as time goes on and that's a fact of life, the same with Linux based OS's). Cheers. ____________
	ID: 1215116 ·

QSilver Send message Joined: 26 May 99 Posts: 218 Credit: 3,148,110 RAC: 3,631	Message 1216190 - Posted: 9 Apr 2012, 16:39:49 UTC
	There's a pretty simple way to check for the virus...open Terminal and paste the following command: defaults read /Applications/Safari.app/Contents/Info LSEnvironment (and repeat for any other browsers by replacing Safari.app) MacWorld has one of the best overviews here. I checked both of my MacBookPros...no infections, and now they've been updated with the latest Java release. ____________
	ID: 1216190 ·

1 · 2 · Next

Message boards : Number crunching : Mac Users - Flashback Trojan