Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Zombie Macs Launch DoS Attack

Posted by timothy on Thu Apr 16, 2009 06:50 PM
from the but-wait-you-told-me dept.
Security Businesses Apple
Cludge writes "ZDNet has a story (and several related articles) about how Symantec has discovered evidence of an all-Mac based botnet that is actively involved in a DOS attack. Apparently, security on the exploited Macs (call them iBots?) was compromised when unwary users bit-torrented pirated copies of iWork 09 and Photoshop CS4 that contained malware. From the article: 'They describe this as the "first real attempt to create a Mac botnet" and note that the zombie Macs are already being used for nefarious purposes.'"
+ -
story

Related Stories

Submission: OS X iBotnet: Zombie Macs Launch DOS Attack by Cludge (981852)
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Zombie Macs Launch DoS Attack 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Are you sure... (Score:5, Funny)

    by tacarat (696339) on Thursday April 16 2009, @06:51PM (#27605347) Journal
    ... that somebody didn't do it the old fashion way and post that the website host said bad things about Steve Jobs?

  • A matter of time (Score:5, Interesting)

    by Fwipp (1473271) on Thursday April 16 2009, @06:56PM (#27605385)
    I always wondered when those pirated copies of software would be become malware vectors. Maybe the quickest way to stop software piracy is through evil copies of legitimate software.

  • it just... (Score:5, Funny)

    by BloodyIron (939359) on Thursday April 16 2009, @06:56PM (#27605389)

    it just... BBRRRAAAIINNNNSSS

  • Hey, what a surprise (Score:5, Insightful)

    by Reality Master 201 (578873) on Thursday April 16 2009, @06:58PM (#27605419) Journal

    If a user is tricked into installing malware on a machine, the machine is infected with malware.

    It's a shame people think Macs are somehow magically protected against viruses and other nasty computer stuff, merely by virtue of the manufacturer and operating system. It's probably more of a shame that Apple has, in the past at least, marketed Macs as being (more?) immune to viruses than PCs - something which somewhat true, but only for statistical reasons.

    It's like STDs - if you're careless and go sticking your junk everywhere without taking precautions, you'll probably catch something cruel, eventually.

    • Re:Hey, what a surprise (Score:5, Insightful)

      by Anonymous Coward on Thursday April 16 2009, @07:25PM (#27605709)

      Correct me if I'm wrong, but a trojan doesn't qualify as a "security issue" on the part of the OS. If a trojan succeeds in compromising the system, it's the fault of the user, not the OS.

    • Re:Hey, what a surprise (Score:5, Funny)

      by Zen Programmer (518532) on Thursday April 16 2009, @07:28PM (#27605745)

      It's like STDs - if you're careless and go sticking your junk everywhere without taking precautions, you'll probably catch something cruel, eventually.

      That's why I run Linux. Running Linux pretty much rules out any possibility of having sex, and hence any chance of contracting an STD.

      • Re:Hey, what a surprise (Score:5, Insightful)

        by Burdell (228580) on Thursday April 16 2009, @07:40PM (#27605869)

        Also, like all linux distros, in order to do any real damage on a mac, you need to enter an admin password

        Please stop repeating this fallacy! First, on a single-user system (e.g. the vast majority of home computers), the end user has rights to all the interesting data files (songs, pictures, documents, etc.), so anything running as the user can do significant local damage. Sure, the OS and apps may be protected, but that isn't really what the end user cares about (since that's all easily replaced). However, since the goal of most viruses/worms/trojans is to control the computer for distributed and untraceable nefarious purposes (and not have the owner notice), they don't do that anymore. They cause the computer to join botnets, connect to master control servers, and wait for instructions. Sending spam, scanning other systems for vulnerabilities, hosting fast-flux phishing sites, etc. don't require elevated privilege.

  • Um (Score:5, Funny)

    by Card (30431) on Thursday April 16 2009, @06:58PM (#27605429) Homepage

    So does this mean that Macs are finally Enterprise Ready?

  • iZombies (Score:5, Funny)

    by mc1138 (718275) on Thursday April 16 2009, @07:09PM (#27605515) Homepage
    A botnet that just works.

  • Quality of posts (Score:5, Insightful)

    by Anonymous Coward on Thursday April 16 2009, @07:25PM (#27605707)

    It's a shame that the level of intelligence and knowledge of the posters to Slashdot seems to still be in decline.

    I would think that anyone who wants to use this "revelation" as some kind of troll against OSX would at least be able to differentiate between a virus and a trojan.

    There's a decent chance there will be some kind of unpatched OSX vuln that will be exploited ala what you see on a Windows machine, but until then you should just stew in silence and wait for your opportunity to post your "See OSX is no better than Windows" messages and then you wont look like such ignorant fools.

    If you can install software on a computer, you can install software that is malware as well. I doubt anyone can fault Apple for allowing end users to install software that they choose to install.

  • that a lot of "pirated" Bit Torrent software contains malware. Not just the Windows versions, but the Mac and Linux and BSD Unix versions as well.

    When you download pirated software you take a risk that it contains a trojan.

    I've even seen PDF files that had HTML exploits in it that got detected by antivirus. Read the comments on most Bit Torrent web sites the users will complain that it contains a virus. You don't have to download it to test it, the people who already downloaded it will give feedback that it contains a trojan or malware.

    When you download pirated software you are taking a big chance, it isn't worth it when a majority of things are infected. That is why I look towards Free and Open Source Software as alternatives to commercial products.

  • Here is the download for the fix (Score:5, Funny)

    by fishthegeek (943099) on Thursday April 16 2009, @08:12PM (#27606179) Journal
    Antivirus Protection [thepiratebay.org]

  • Botnet is a botnet (Score:5, Insightful)

    by Randall311 (866824) on Thursday April 16 2009, @08:44PM (#27606441) Homepage
    Guys guys guys... you're missing the point. It doesn't matter if the attack was social or security based. The fact is it is a Mac based botnet. That's it. No double standard here, just reporting that a Macintosh based botnet is up to no good. The bottom line is that security is up to the user. I could go %sudo ALL=NOPASSWD: ALL in my /etc/sudoers and security goes right out the window. It's all in control of the user. People are (as a collective) just not that smart. There can never be a secure system as long as there are users of the system.

    • Re:Sigh (Score:5, Insightful)

      by l0ungeb0y (442022) on Thursday April 16 2009, @06:57PM (#27605415) Homepage Journal

      What the hell are you talking about?

      Malware ie: trojans have been around for ages. This has nothing to do with the overall security of the OS and everything with the security threat the user is to themselves.

      • Re:Sigh (Score:5, Insightful)

        by Comatose51 (687974) on Thursday April 16 2009, @07:51PM (#27605987) Homepage
        While what you say it's true, taken in the context of Slashdot, it's a double standard. Whenever a trojan hits Windows, people are talking about how poorly designed Windows security is and how the user usually always runs as "administrator". People bring up how on Ubuntu and OS X, you have to sudo or login to do administrative things. Apparently that only works to a certain extend. I use and love my Macbook Pro but let's have some fairness here (not specifically you but Slashdot in general).

    • Re:Sigh (Score:5, Informative)

      by Tim99 (984437) on Thursday April 16 2009, @08:49PM (#27606489)
      Before we all get too hysterical, read http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-012216-4245-99 [symantec.com]

      Threat Assessment
      Wild Wild Level: Low
      Number of Infections: 0 - 49
      Number of Sites: 0 - 2
      Geographical Distribution: Low
      Threat Containment: Easy
      Removal: Easy
      Damage Damage Level: Medium
      Payload: Opens a back door on the compromised computer.
      Distribution Distribution Level: Low

      Someone seems to be trying really hard to publicise a minor Trojan threat that has been published and out there since January.

      • I've got your denial right here. (Score:5, Insightful)

        by earnest murderer (888716) on Thursday April 16 2009, @07:06PM (#27605489)

        Purposefully installing malicious software does not indicate a vulnerability. The user intentionally installed a piece of software that is doing exactly what it is designed to do.

        There isn't an operating system on the planet that can protect you (or itself) from fraudulent user activity.

        • Re:I've got your denial right here. (Score:5, Insightful)

          by bagorange (1531625) on Thursday April 16 2009, @07:19PM (#27605647)
          i have a mac and i think this is embarassing denialism...... people did not purposefully install malware. No one says, "I know! I'll install some malware to make my computer a zombie." They installed a downloaded copy of an application and it had malware hidden in it. That malware was able to run on their computer without their knowledge. This is not a very different vector from most windows malware. Telchine is right; macs are not invulnerable, they are less vulnerable than windows.

        • Re:I've got your denial right here. (Score:5, Insightful)

          by xav_jones (612754) on Thursday April 16 2009, @07:19PM (#27605655)
          Mod parent up. No OS can protect you from deliberately installing malware. Getting your software from an untrusted source and then giving that software install and admin rights on your machine is not a sign of a defective OS. Just a defective user.

          • Re:I've got your denial right here. (Score:5, Insightful)

            by earnest murderer (888716) on Thursday April 16 2009, @07:37PM (#27605827)

            They totally intentionally installed the software. You can't make a machine Malware proof without also making it software proof.

            The whole notion of "Malicious Software" is a marketing creation for the sole purpose of making money off people who would rather spend money on software to watch their back than learn (bother) to help themselves.

            Anyone who tells you different is confusing the issue. OS X has plenty of problems, this isn't one of them.

            • Re:I've got your denial right here. (Score:5, Interesting)

              by Sancho (17056) * on Thursday April 16 2009, @08:04PM (#27606103) Homepage

              That post also included:

              If the operating system was as safe as the crazy fanboys claim, it wouldnt have been able to install malware in the first place.

              Which is disingenuous.

              Furthermore, the activex part is true only if the user did, in fact, allow them. IE has had many, many vulnerabilities which allowed a malicious site to install ActiveX controls without user intervention (just like Safari has had remote execution flaws which allowed it to be compromised.)

      • Re:Sigh (Score:5, Funny)

        by Chabil Ha' (875116) on Thursday April 16 2009, @07:11PM (#27605555)

        If your intention is to create a large botnet, you are of course going to target the most popular operating system.

        Not exactly. You're going to target the lowest hanging fruit. Which (no pun intended) is steadily becoming an Apple.

      • ...uneducated Mac fanboyism... (Score:5, Insightful)

        by Savage-Rabbit (308260) on Thursday April 16 2009, @07:50PM (#27605959)

        I suspect that this botnet has been created by a geek that is sick to death of uneducated Mac fanboyism, and in a small way, I have respect for that.

        No, it wasn't. This botnet was created by a computer criminal who saw an opportunity to capitalize on people who install pirated software either because they are to clueless to know the risks or because they have deluded them selves into thinking it is riskless act. The lesson we can all learn from this is the following:

        "If you download pirated software off the internet and install it on your computer you run the risk of installing along with it carefully crafted malware that your security software or whatever other precautions you are taking may not be able to protect you against."

        Note that this basic lesson is true on all incarnations of Mac OS X, Windows, Linux or any other network enabled operating system you can download pirated software for.

        Now please crawl back under your rock and learn to write better trolls...

        • Re:Sigh (Score:5, Funny)

          by Anonymous Coward on Thursday April 16 2009, @07:05PM (#27605485)
          People who speak in generalities and think only in generalities. Problem is, that's not how the world works.

          It does work that way, in general.

        • Re:Sigh (Score:5, Insightful)

          by Ifni (545998) on Thursday April 16 2009, @07:58PM (#27606041) Homepage

          I'm just guessing, but I think when he said "Technologically Uneducated Users" he was talking about Mac users, not developers. You might have missed the last 25 years where Macs claim to be more user friendly and cater to a less technologically inclined user-base, lending significant support to his suggestion. In short, not all Mac users fit that profile, but the ones that do are contributing to the negative image that OSX and Macs in general enjoy among a significant portion of the populace. Think "AOL", except replace the service itself with something worthwhile, and decrease the percentage of "Technologically Uninclined/Uneducated" users in the user-base from >99% down to about 80% or less.

          More importantly, however, I think that he was implying that the users that claim that Macs are completely impervious to malware and that therefore Mac users need not take any precautions against infection are making the Mac community, and by extension the Mac OS, a laughing stock of the computer technology community. In short, the OS is technologically impressive in many ways, but a vocal portion of the users frequently make claims about it that are factually impossible and socially irresponsible. Not that this is exclusive to Mac, just better advertised and frequently sanctioned by the manufacturer.

          • re: Macs and claims of "no viruses" (Score:5, Interesting)

            by King_TJ (85913) on Thursday April 16 2009, @08:55PM (#27606525) Homepage Journal

            As a long-time Mac (and PC) user myself, I've been known to give someone a "simplified version" of the truth, telling them "you won't have any virus or spyware problems on a Mac".

            It's not that I'm some clueless user who doesn't know better. It's that I have a pretty good idea of what the individual does with and expects from their computer. Judging by that, and knowing they're not a very "technical" user to begin with, I know that practically speaking, they really aren't going to need to worry about infections on their Mac.

            (So far, just about all of the trojan horses and viruses people mentioned for OS X involved downloading files of unknown origins, or running something you received in an unsolicited email. When you have a user who is already scared to open any email at all from people he/she doesn't know, they're hopefully in good shape there. They're certainly not savvy enough to fire up bittorrent and start seeking out pirated software, either.)

        • Re:Sigh (Score:5, Interesting)

          by Drakino (10965) <<ten.ofniinim> <ta> <onikard>> on Thursday April 16 2009, @07:38PM (#27605839) Homepage Journal

          Why only desktops? Unix servers have sat on the internet open to the world since well before Windows even had a TCP/IP stack built in. And there are still plenty of them out there sitting on very fat pipes just ripe for bot nets. So why is it that Windows has had far more security hardships then any Unix based OS?

          It's not just market share that plays a factor. There have been plenty of exploits for IIS, MSSQL and Windows Server even though those products don't command a 50% market share.

          • Re:Sigh (Score:5, Interesting)

            by coryking (104614) * on Thursday April 16 2009, @07:49PM (#27605953) Homepage Journal

            Culture. Windows grew up on the desktop and moved into the server. Unix grew up on the server and is trying to make inroads on the desktop. "Normal users" will force unix systems to compromise some of their security to make life easier. Windows has had to compromise by removing the "everybody is an admin--free love for all" that existed all the way up to XP. By default, Vista users aren't running as root and the only way to become root is either a UAC dialog or a privilege escalation exploit.

            That doesn't account for the server-end though. And why earlier versions of said products had so many holes I will attribute to culture.

            Of course, Linux grew out of a culture that detested any kind of authority. Thus you find gems like this in early Linux documentation [freebsd.org]:

            Why GNU su does not support the wheel group (by Richard Stallman)
            Sometimes a few of the users try to hold total power over all the rest. For example, in 1984, a few users at the MIT AI lab decided to seize power by changing the operator password on the Twenex system and keep- ing it secret from everyone else. (I was able to thwart this coup and give power back to the users by patching the kernel, but I wouldn't know how to do that in Unix.)

            However, occasionally the rulers do tell someone. Under the usual su mechanism, once someone learns the root password who sympathizes with the ordinary users, he can tell the rest. The "wheel group" feature would make this impossible, and thus cement the power of the rulers.

            I'm on the side of the masses, not that of the rulers. If you are used to supporting the bosses and sysadmins in whatever they do, you might find this idea strange at first.

    • Re:unlikely (Score:5, Funny)

      by chill (34294) on Thursday April 16 2009, @07:22PM (#27605689) Homepage Journal

      What do you expect? It had to find a black turtleneck, offer some snide, unasked for criticism of your iTunes playlist, and order a double-whip, half-caf, non-fat latte before deciding which port was cool enough to grace with its packets. It may not be very effective, but it looks FABULOOOOOOOOOOOOUS!

    • Re:Linux. (Score:5, Insightful)

      by LWATCDR (28044) on Thursday April 16 2009, @07:36PM (#27605809) Homepage Journal

      Except this isn't a Virus. It is a Trojan.
      Any OS can be infected with a Trojan even Linux.
      I find it anoying that under Linux most software really expects to be installed as root.
      Maybe there needs to be a new level called app for applications but then you have to problem of libraries.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.