Mac trojan in the wild

Discuss

34 Responses to “Mac trojan in the wild”

  1. Giovanni says:

    I agree with Joelanders, what’s worse, that they infected your machine or that they don’t cough up the goods after screwing you. (no pun intended)

  2. braschlosan says:

    I think most of you could sense the sarcasm in my first post.

    I want to remind everyone of the Leopard blue screen issues that were recently in the news. For a long time the general consensus has been that the Apple OS isn’t plagued by the same issues as MS Windows because of low popularity. Now that OS X is becoming more popular we are starting to see the same issues that the Windows folks deal with.

    How many of you have tried running OS X on a non Apple machine? I have it running on quite a few including a 4 year old Dell laptop. It’s far harder to get working than any Windows/Linux system I have ever used. My point is that driver support from Apple is crap to say the least. Having a proprietary or closed system is what Apple relies on for everything to “just work”

    I’ve sold my Titanium G4 and Mac Mini (overclocked from 1.25ghz to 1.5) and instead built “clone” desktop with supported hardware to run OS X 10.4.9 and Leopard because its cheaper yet just as fast as a real Mac Pro. Besides that I can run down to the local computer store for replacement parts :)

  3. Anonymous says:

    Phony codecs are certainly nothing new. I would be amazed if Mac users routinely clicked on links in spam messages, and downloaded any random piece of software. Hello? Free porn sites are not the place to pick up the latest media plugin. People who put porn up are not altruistic, they are there to make money any which way. At least 10% of those sites will try to install some sort of malicious program. Porn is a mask for activities that probably include all sorts of criminal and espionage utilities.

  4. Teresa Nielsen Hayden / Moderator says:

    Are we doing Mac vs. PC vs. Linux? Might as well let everyone who wants to have that fight blow off some steam.

    John D., how do I register to comment on your site? I can’t find a link to registration, and your log-in page’s only failure mode is an offer to help me replace a forgotten password.

  5. Powers says:

    @Elvis Gump

    Seconded, I haven’t been able to watch Quicktime videos on the internet for months now. Why is it taking so long for a fix?

  6. braschlosan says:

    Impossible! Preposterious! Blasphemy! Everyone knows you run OS X on your machine because there is no Malware affecting it.

  7. luvtosurf says:

    Am I glad I saw this! I have a mac osx v.10.3.9. And I just happened to go to an ‘adult’ site recommended by someone at technorati. Now… I was curious and clicked to view a ‘free’ video clip and a message popped up about needing to download new player. I immediately left and cleared my cookies. It it does not use my updated version of quicktime I don’t view whatever the video happens to be. Since I’m a woman I was curious, that’s all. We all know, women don’t look at porn…

  8. joe says:

    @ Cowicide
    Woah there fella’, sit for a spell and relax. I’d hate to see the Boing become a place for you “fanboy” flamewars.

    @ braschlosan
    They got a point. Apple drivers on non-Apple hardware does scream problems.

    I think we all need to take Sanity’s advice from above: “Be smart. There’s no excuse for not knowing the fundamentals and safe practices of the thing you’re using. Cars, computers, ICBMs or your penis; if you don’t know ask.

  9. publius says:

    Lesson learned: “don’t randomly give your administrator password and click ‘accept’ on any application downloaded to your computer from a website you visit.”

    With the administrator block, it’s basically a phishing technique, though I suppose in the millions of people out there, there is probably someone guillable enough to actually fall for it.

  10. woid says:

    Wait a minute… are you saying it’s okay for your computer to have sex without a trojan?

  11. Anonymous says:

    @ braschlosan, hehe!

  12. el_beardo says:

    My Mac is more of a Ramses kind of guy…

  13. Anonymous says:

    cowicide has too much time on their hands

  14. RunawayJim says:

    @Micheal Kelly:
    Just because you are forced to enter the admin password to execute the code in OSX doesn’t mean that Mac users are smart enough to think that it might do something bad. Even IE gives a warning when it’s about to install an ActiveX control, but people don’t think about it and just do it. You seem to be trying to say that people who use Apple computers are of a higher intelligence than those who use Windows.

    @Braschlosan:
    Good point on the closed system. That is really the only reason OSX works as well as it does, and it should be said that it’s no more stable than Linux, which runs on far more hardware configurations than OSX (at least using it out of the box).

  15. Micheal Kelly says:

    braschlosan:

    Notice all the steps you have to take in order to install this (including entering your admin password – something you should never do with software from an unfamiliar source)

    Any computer – Windows, Mac, Linux, Commodore 64s, and even an Apple Newton, can run malware. Malware is just “software that does something bad”. For instance, type this on any old Commodore 64 laying around (please make sure to have your only copy of Ghostbusters in the drive)

    It’s a great little program. It’ll unlock hidden levels in the game.

    10 OPEN1,8,15,”N0:”GOTCHA,4”:CLOSE 1
    RUN

    Now, that’s malware. It says it does one thing (unlocking levels in a game) when in fact it will format the disk in the drive.

    But, are you going to run it? Well, you probably don’t have a C64 laying around. Even if you did, the C64 wouldn’t just execute the code by itself. You’d have to type it in – manually take steps to run it.

    Likewise, OS X is (so far) not vulnerable to those cute little auto-executing programs that plague Windows (mostly via Internet Explorer and Active X) … sure, malware exists. Like I said it’s easy enough to write on any platform. But the difference with the Mac (right now) is that you have to participate in the installation.

  16. Beageal says:

    I thought trojans prevented you from getting viruses.

  17. Anonymous says:

    http://ultracodec.com/ is the root domain for the first trojan I found from the site shown in the screen shot.

    Yes, I just spent the last fifteen minutes hammering on porn site links, trying to find a trojan. Seriously, even if the wife did walk in on me looking at pr0n, I’d have an alibi :)

  18. ricket says:

    Actually, I don’t think it gives you “full root access”. More like full admin access (unless you’re logged in as root, which is generally a big no-no).

  19. Anonymous says:

    Agreed to Ricket. It won’t give you root access unless you are logged in as root and probably 90% of users don’t know how to do that while if you are educated enough to know how you wouldn’t be logged in as root in the first place while browsing for porn.

  20. Giovanni says:

    braschlosan- so you installed OS X on hardware that’s not meant to be supported by the OS and you’re complaining that it was hard to get working?

    Well, it takes some work to get linux running on a toaster too but that doesn’t mean that linux is the problem.

    The drivers are meant for apple hardware, thats one of the reasons OS X is more stable. It’s like getting mad because the airplane you just bought doesn’t handle very well on the highway.

  21. sanity says:

    With the administrator block, it’s basically a phishing technique, though I suppose in the millions of people out there, there is probably someone guillable enough to actually fall for it.

    Excellent comment. This ‘news report’ is from a company that makes money on viruses and the like. Sure, it’s great that they’re making the public aware of a potential problem. But it’s like GlaxoSmithKline saying “You can get herpes by fucking without a condom! Also, we sell Valtrex if you make a mistake and act stupid.”

    Be smart. There’s no excuse for not knowing the fundamentals and safe practices of the thing you’re using. Cars, computers, ICBMs or your penis; if you don’t know ask.

  22. Church says:

    @ Braschlosan:
    I hear you. But you should know that I tried to install Windows on my toaster and the damn thing wouldn’t work. MS is teh suxors!

  23. Cowicide says:

    > Are we doing Mac vs. PC vs. Linux?

    When we see this headline for a post on Boing Boing: “Windows trojan in the wild”

    Then the PC starts winning.

  24. Santos says:

    Expect a patch within the week, poor porn addicts don’y deserve attacks.

  25. Anonymous says:

    WE HAVE ARRIVED! :D

  26. Cowicide says:

    ” … I want to remind everyone of the Leopard blue screen issues that were recently in the news. … ”

    LOL, sorry… (cough) Now, now please tell me… what percentage of Mac OS X users is this affecting? And let’s compare that to the percentage of Windows users who have been affected by the blue screen of death (which even happened to Bill Gates while doing a public demo) Hahaha….

    ” … For a long time the general consensus has been that the Apple OS isn’t plagued by the same issues as MS Windows because of low popularity. … ”

    Well, for a long time the general consensus gave Bush high approval ratings while I ran an “impeach bush” website and was even chastised by some liberals at the time. That doesn’t mean the sheeple were right and I was wrong. Reality came ’round and now the jackass is hovering near Nixonian levels. Welcome to reality, America… Bush is the worst president in the history of the U.S…. gawd… thanks for finally coming around when it’s too late.

    The reality is that OS X isn’t plagued by the same issues as MS Windows because it is built upon open source UNIX. The blue screen issues were rampant in MS Windows… what percentage of OS X users have EVER seen a blue screen of death? Oh, ok… maybe the Mac fanboys who are jumping on Leopard right away which was only released DAYS ago. Do you seriously think I’ll ever see a blue screen when I install and use Leopard 10.5.1?

    Get real, if you investigate the facts, you’ll begin to understand why OS X is truly superior to Windows.

    BTW, I wonder if you are also one of those “Mac security through obscurity” pushers. If so, I have to let you know that if you pick beyond the “general consensus” drivel, you’ll find this has been soundly disproved.

    Hint: Mac OS 9 had over 40 viruses in the wild when Apple had less marketshare. Now, with OS X and Apple’s HIGHER marketshare there are NO viruses in the wild, just a few “proof of concepts” that never seem to be a able to propagate for shit.

    And the ONE that did manage to feebly and inconsistently spread through iChat failed miserably. WHY? Once again, Macs are based on open source UNIX… it’s a major pain in the ass to make viruses for something so battle hardened by the open source movement. Show me ONE virus that has PROPAGATED and affected a notable percentage of Mac OS X users. You can’t.

    Yawn… sorry “potential” exploitables and other bullshit are just that. Let’s get real, what percentage of Mac OS X users ARE ACTUALLY affected? There would be thousands (or, at the very least hundreds) of viruses in the wild for OS X right now if you were to take the percentage of Mac marketshare and apply that to the total amount of Windows viruses, spyware, malware, etc. that are in the wild. When are Apple bashers going to learn some simple math?

    We already know the embarrassing, laughably high percentage of Windows users who are actually affected [cough] er, infected… with blue screen of death, spyware, viruses and trojans that flow through their hobbling machines born of monopolistic, general consensus ineptitude.

    Hey, projection may make you feel better at first but it doesn’t change the reality swarming around you. Open source based apps are the future and Apple jumped on it while Microsoft wallowed.

  27. stevew says:

    Darwin awards are well deserved for anyone who types Admin password at porn site.

  28. Elvis Gump says:

    I think the only thing that could make this story better is if the porn was some sort of Greek horse bestiality clip.

    Now if Apple would fix the stupid ‘buffer overrun’ thing that nuked QuickTime on my XP laptop I’d be happy.

  29. chasie says:

    This doesn’t make sense. Mac users are generally asexual.

  30. John D. Berry says:

    Eileen asked me if I’d heard about the Mac Trojan. “It’s on Boing Boing,” she said. “You’re probably safe unless you visit a porn site.”

    A porn site? If you really wanted to catch Mac users, wouldn’t you set your trap on a design site?

  31. headcode says:

    “Impossible! Preposterious! Blasphemy! Everyone knows you run OS X on your machine because there is no Malware affecting it.”

    No one ever said that. Why, I have a copy of Word residing on my hard disk as I type.

  32. Sam says:

    If anyone is dumb enough to install a codec so they can “view porn” then they deserve their fate.

    Trojans are easy to create, easy to distribute, and equally easy to avoid.

    Wake me up when there is a worm or a virus of some sort.

  33. joelanders says:

    “No video codec is installed, and if the user returns to the web site, they will simply come to the same page and receive a new download.”

    Those lying sons of bitches…

  34. Cowicide says:

    Hmmm, this is a scary one… like the “pick up your chair and throw it at your computer because someone tells you to do so at a strip club” virus that’s out there. Shudder….

Leave a Reply