![]() It’s probably best to think about exactly what is being attacked to build Windows botnets vs. I thought Technologizer was a bit better than that… Wow, we’re enjoying this a little too much aren’t we, Mr Oswald? But this proves Macs can be used in malicious purposes just the same as Windows PCs. If it could be installed silently without any interaction, say while browsing the web, that would be another matter.ĭid I say it exposes a vulnerability? People will pirate software, period. You won’t get it if you don’t install pirated software. ![]() iServices doesn’t exploit any vulnerability. “I think the above is enough proof that the threat is real, no?” Especially when the user is tricked to install it. No OS is immune (as in: not susceptible) to malware. ![]() “So much for the ‘Macs are immune’ meme.” The installer for the Trojan horse is launched as soon as a user begins the installation of iWork, following the installer’s request of an administrator password.” At the time, the firm updated the blog post to say that: “Intego is getting reports of the iServices.A Trojan horse actively downloading new code and acting as a botnet, participating in distributed denial of service attacks on certain websites.” This is not really a shocker, has been discovered by Intego last January: “When installing iWork 09, the iWorkServices package is installed. On the other hand…how does stupidity proof anything one way or another? Stupidity is universal, be it users of any OS…hell, I know OS390 admins who are idiots. I would ask for forensic proof to back these estimates of estimates. There’s still no such thing as a Mac virus. Thanks, but I’ll pass on the anti-virus software. Just to be clear – the folks who got infected downloaded pirated software & then used their Administrative level password to install the malware.Īs always, only enter your administrator password to install software when you trust the source. Update: Commenter Dave Barnes brought up another good program for detecting unwanted outgoing data: Little Snitch. I think the above is enough proof that the threat is real, no? So suck it up people and download a Mac virus scanner. Of course the Apple faithful will be quick to yell this down, but I don’t think dismissing this is a good idea. While this doesn’t point to an actual vulnerability just yet, it indicates that Macs like every other computer can be used for malicious purposes. Estimates of affected Macs number in the thousands, Symantec estimates. OSX.Iservice and are the names of the files, which essentially obtain the password of the Mac machine allowing the hackers to take control. Moral of the story here? Stop using pirated apps. These applications are apparently making the rounds on BitTorrent. The root cause appears to be a cracked copies of iWork ’09 and Adobe Photoshop CS4 that also includes an additional payload with the Botnet code. Those ones are safe to "allow" but if Little Snitch asks for approval for something unknown, deny the request then Google the name to see if it's kosher.Ryan Naraine at ZDNet has a shocker: Symantec has said it has evidence of the first known Botnet comprised of Mac computers that are attempting to launch denial-of-service attacks. Most of them probably have your approval, like all the apps that you allowed to "check for updates at startup?" and things like Software Update, dotmacsyncclient and Bonjour's mDNSresponder. Once installed you'll be amazed at all the things on your Mac that connect to the Internet in the background. ![]() Little Snitch runs inconspicuously in the background and it can also detect network related activity of viruses, trojans and other malware. This reliably prevents private data from being sent out without your knowledge. You can then choose to allow or deny this connection, or define a rule how to handle similar, future connection attempts. Little Snitch informs you whenever a program attempts to establish an outgoing Internet connection. I hadn't used it since version 1 and the recent rash of Mac trojans gave me a prefect excuse to try v.2. Whether you play fast and loose with your software licenses is on your conscience (I certainly don't recommend it) but one way to keep tabs on software that likes to call home is with Objective Development's Little Snitch 2.0 ($29.95).
0 Comments
Leave a Reply. |