Zombie Macs Launch DoS Attack 757
Cludge writes "ZDNet has a story (and several related articles) about how Symantec has discovered evidence of an all-Mac based botnet that is actively involved in a DOS attack. Apparently, security on the exploited Macs (call them iBots?) was compromised when unwary users bit-torrented pirated copies of iWork 09 and Photoshop CS4 that contained malware. From the article: 'They describe this as the "first real attempt to create a Mac botnet" and note that the zombie Macs are already being used for nefarious purposes.'"
Sigh (Score:4, Informative)
Re:A matter of time (Score:5, Informative)
Re:May I be the first to laugh (Score:3, Informative)
Man, I run Vista and I don't have any of that (built-ins are disabled). I only have virus scanning done on a weekly basis, and somehow despite not having forty pieces of software dedicated to second-guessing me I still don't have any viruses or malware.
Simplest thing anyone can do is train the thing between the chair and the keyboard.
Re:Sigh (Score:2, Informative)
the end of innocence for Apple users.
Young whippersnappers don't know their history. Back in the day (1980s/early 1990s), macs were FAR more vulnerable to viruses than PCs.
Why? The primary mode of transmission was infected floppy disks. On a PC, you could open the floppy drive and take out the floppy whenever YOU want - just push the (physical) eject button. On macs, the eject function was under software control, and you would get your floppy whenever your mac was willing to give it to you. Mac viruses would delay the eject until they had fully infected the floppy.
Re:Are you sure... (Score:5, Informative)
Re:I've got your denial right here. (Score:4, Informative)
Unless you consider TPM to be an operating system implemented in hardware...
But...
"anyone who trades X for security deserves neither, and shall lose both".
Education is the only way to resolve this, really. But find me a user who is patient enough not to veto such an education with his wallet.
The company that caters to the user's whims the best wins, and to hell with wisdom with a slow but steady ROI.
Re:Hey, what a surprise (Score:3, Informative)
I'd tend to agree that mac's are protected against viruses, provided they don't download pirated software that contains viruses.
Also, like all linux distros, in order to do any real damage on a mac, you need to enter an admin password.. simply opening a virus infected app wont do it.
Re:May I be the first to laugh (Score:3, Informative)
May I be the first to laugh...
Not if you're a Linux user.
... and laugh and laugh... Oh, we're Mac users - we don't need stuff like virus and malware checkers! Now, let the explanations begin about how this is a wonderful intuitive "feature" and not a flaw.
Mac users aren't the only ones living in glass houses, here. There's something to be learned for everybody here. If Mac user humility here is your highest concern with this article then you are turning into what you despise.
Re:I've got your denial right here. (Score:2, Informative)
Re:Sigh (Score:2, Informative)
Ever heard of Disinfectant?
It should be noted (Score:5, Informative)
that a lot of "pirated" Bit Torrent software contains malware. Not just the Windows versions, but the Mac and Linux and BSD Unix versions as well.
When you download pirated software you take a risk that it contains a trojan.
I've even seen PDF files that had HTML exploits in it that got detected by antivirus. Read the comments on most Bit Torrent web sites the users will complain that it contains a virus. You don't have to download it to test it, the people who already downloaded it will give feedback that it contains a trojan or malware.
When you download pirated software you are taking a big chance, it isn't worth it when a majority of things are infected. That is why I look towards Free and Open Source Software as alternatives to commercial products.
Common Criteria (Score:1, Informative)
There isn't an operating system on the planet that can protect you (or itself) from fraudulent user activity.
The NSA and DoD would disagree. The whole Common Criteria system is designed to mitigate fraudulent user activity.
Of course it's silly to think that just because something got an EAL 37++ rating means it's "secure", but the whole point in going for a rating is thinking about how things can be broken.
Re:Instant Karma... (Score:5, Informative)
I believe you are wrong in this case though, it's not a Mac that caught a virus, it may or may not be a virus, but it was installed onto the computer by the participating user on purpose. Except the user got a bit more functionality than he 'paid' for.
Re:Instant Karma... (Score:5, Informative)
vs something that floats around the internet for any 'innocent' networked Mac to catch.
Re:Instant Karma... (Score:5, Informative)
Fine so it's a Trojan.
Comment removed (Score:5, Informative)
Re:Sigh (Score:2, Informative)
I'm just guessing, but I think when he said "Technologically Uneducated Users" he was talking about Mac users, not developers. You might have missed the last 25 years where Macs claim to be more user friendly and cater to a less technologically inclined user-base...
When has Apple ever claimed Macs cater to a less technologically inclined user base? They certainly claim to be more user friendly, but all the ads I've seen on the subject (which are rare) claim to be more useful for the technologically savvy than Windows systems are.
In short, not all Mac users fit that profile, but the ones that do are contributing to the negative image that OSX and Macs in general enjoy among a significant portion of the populace. Think "AOL"...
There's a flaw in your analogy. AOL catered to the technologically incompetent, but was pretty much shunned by the competent because it offered them nothing but higher prices. Macs cater to both groups. To make your analogy apt you'd have to have a goodly chunk of security experts on the opposite end of the technological scale, using AOL... because that's the situation with Macs and anyone who's been to Defcon or Blackhat in the last five years can attest.
More importantly, however, I think that he was implying that the users that claim that Macs are completely impervious to malware and that therefore Mac users need not take any precautions against infection are making the Mac community, and by extension the Mac OS, a laughing stock of the computer technology community.
To date, Mac users have been at greater risk from installing antivirus software which has malfunctioned than from malware in the wild. The message presented by many is an oversimplification. Obviously Macs are not immune to security problems, but at the same time, diluting said message does a lot to prevent non-technological users from making a better decision. Technology savvy users should know better anyway and understand the more nuanced message.
In short, the OS is technologically impressive in many ways, but a vocal portion of the users frequently make claims about it that are factually impossible and socially irresponsible.
Actually, I don't think their claims are any more irresponsible than the claims of the fans of any OS. It' just fodder for people who get all emotional about defending their favorite OS, whether that is to claim OS X was written by the Buddha or FavoriteOS is better because OS X was written by Satan. In truth, even overstated claims about the security of using OS X, is probably of more benefit than harm to the average user.
Re:Instant Karma... (Score:5, Informative)
Any time you want to install software
DO:
log out of your restricted account
log into the admin account
install the software
then go back to your restricted account.
There's no need to log out. You can use the "runas" command to run the installer with the proper credentials from your restricted account.
Re:Instant Karma... (Score:5, Informative)
Tips for Running non-Admin (Score:1, Informative)
Please, that is not the proper way to run a Windows box. Since XP, it has been possible to use "Run as" to get over this constant login in and login out hurdle. It's not harder to use than typing "sudo." Power Users are also able to do quite a lot while not being able to completely f*ck the OS Of course, setting proper rights on folders is something you should do and have learned from other OS's.
Re:Sigh (Score:2, Informative)
Yup. In fact, I was sure I had seen this before, right here on slashdot. I was right [slashdot.org].
Re:Instant Karma... (Score:4, Informative)
The solution? Log in as admin and fix it.
Nope.
runas /user:administrator cmd
cacls <filename> /E /G Everyone:W
Re:Instant Karma... (Score:3, Informative)
Re:Instant Karma... (Score:5, Informative)
On pre-Vista Windows boxes, most people ran their default account with godlike administrator privileges. It's either that or:
Run a restricted account
Any time you want to install software
DO:
log out of your restricted account
log into the admin account
install the software
then go back to your restricted account.
REPEAT
You forgot the other option.
Any time you want to install software
DO:
right-click
select RUN AS administrator
install the software
Not really much harder than typing 'sudo' before installing things.
Re:Instant Karma... (Score:2, Informative)
You haven't tried hard enough. I've been running XP Pro for years using a Limited User account and rarely logging into Admin.
The trick is to do torough testing after installing applications. If something goes wrong, give RW access on the folder of the application. Fixes 98% of all applications. If that isn't enough, give it RW to its registry subtree. That fixes 1% of the other applications. You could really be unlucky and fall into one of the remaining 1% of applications, but up until now I only found one and it was a computer game. It does, however, work with RunAs.
Re:Instant Karma... (Score:5, Informative)
Re:I've got your denial right here. (Score:3, Informative)
the moderators are so out for lunch on the parent post... The software that was installed by the users on Macs here didn't even have a 'virus'. Virus is something that will propagate itself from file to file, will inject itself into memory, into executable files, what we have here is a one off modification to the downloaded software, which did 2 things: broke the user protection to prevent get full features out of demo versions of the software AND it was changed to become part of the DoS attack. So in this case the only way to make sure that the software is not affected is not an 'antivirus' program, because if an antivirus simply compared the original hash or even the entire byte signature of the installed software to the official release, it would have marked the file as corrupt (possibly infected). But this is the point - the file is corrupt and the user knows it. The file is corrupt to brake usage protection of the demo.
Antivirus would be of no use to these particular Mac users, they already know they have something illegitimate on their machines, they just didn't know it had a few more 'features'.
Re:Instant Karma... (Score:4, Informative)
Not according to the guy who won the Pwn2own contest.
Why Safari? Why didn't you go after IE or Safari?
It's really simple. Safari on the Mac is easier to exploit. The things that Windows do to make it harder (for an exploit to work), Macs don't do. Hacking into Macs is so much easier. You don't have to jump through hoops and deal with all the anti-exploit mitigations you'd find in Windows.
It's more about the operating system than the (target) program. Firefox on Mac is pretty easy too. The underlying OS doesn't have anti-exploit stuff built into it.
Re:Instant Karma... (Score:5, Informative)
I loved that article. My entire family is made up fo mac minions, and keep tellign me this kind of thing, despite the fact that I have never had a virus, never had to reformat except when I rebuilt the whole computer, get way more performance and paid one third as much as they did.
Here's the article, btw.
http://blogs.zdnet.com/security/?p=2941 [zdnet.com]
Re:Instant Karma... (Score:2, Informative)
When I say Macs are better I am talking about the overall experience, and I would say that is what most users (technical and non-technical) mean when they say that. I am a technical user, but I had to waste time when I used Windows machines on administering the machine (anti-virus subscriptions or install, anti-spyware, clogged registry over time, etc.). I don't spend time on that any more. I just use the machine to do work, play, create movies, etc. and it's so well thought out, integrated, and easy to use that you just have to focus on the vision of your work, not on figuring out how to make it happen. That's a bit of an oversimplification, but that's the gist of it.
I guess my experience has been that most Mac detractors that focus simply on price or technical specs, etc. are not "getting it". I used to be that way when I used Windows for 15 years. Then, on good advice from some knowledgeable relatives, I got a Mac in '04 for a video production company I was starting, and within 2 weeks I was hooked. If someone has never used a Mac as their main machine for any time then I don't expect them to "get it" because I'm not sure I can even describe in measurable detail what is better. All I know is I enjoy my Mac more than any Windows machine I've ever bought, built, etc. and it has turned me into a blathering pro-Mac advocate (as you can obviously see). I can't remember the last time I bought any product I was so pleased with, and THAT is why Mac users are so vocal, happy about their purchase, and claim they are better.