Is your shiny Mac part of a Botnet?

  • Posted by a hidden member.
    Log in to view his profile

    Apr 05, 2012 9:58 PM GMT
    Yes, your "impervious" shiny Apple-branded Mac may be compromised... as with over half a million others:
    http://www.zdnet.com/blog/security/over-600000-macs-infected-with-flashback-trojan/11345
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 1:53 AM GMT
    Problem here is that Apple is slow at fixing security holes. I think it's funny how people complain that Windows requires frequent updates. They don't realize that this is a GOOD thing. icon_lol.gif
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 1:58 AM GMT
    xrichx saidProblem here is that Apple is slow at fixing security holes. I think it's funny how people complain that Windows requires frequent updates. They don't realize that this is a GOOD thing. icon_lol.gif


    ^^^This. But I suspect a huge percentage of Mac users might think that a Botnet is part of iCloud, LOL.
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 2:04 AM GMT
    This is a very telling anecdote I saw on another site..
    _____
    I used to work for a major cable ISP back in the day (about 8 years ago) and we had the ability to monitor your SMTP traffic. Not like reading your emails, but we would monitor the amount of mail traffic. If you were using a large part of your bandwidth for port 25, you were either a.) infected with a spambot virus b.) a piece of shit spammer scumbag. If you fell into case a or b we put a virtual firewall on your cable modem and blocked your mail traffic. We would call you first and then send you a physical letter when we blocked you.

    These were my favorite and most frustrating tickets, because no joke over half the cases were apple users for about a period of a few months. I'd release the FW straight up do a simple ping on their cable modem and see 50% dropped packets. They were spamming like crazy. I'd reenable the port25 virtual FW and the pings would return to normal. I'd ask they shut off their Macs and the pings returned to normal. It was obvious their computer was causing the traffic.

    I'd explain either they were infected or they were violation of ToS for spamming and they would go ape shit. "I have a Mac and I can't have a virus, you guys are terrible...". They seemed more concerned that I was a perceived douchebag (I was by far one of the nicest and knowledgeable techs you'd speak to) or that Cabletown was evil (which it was but I was in full support of stopping spammers intentional or otherwise), than the fact their Apples were infected and their personal information was at stake. I was even an Apple user at the time and tried to point them in helpful directions. A lot of these guys canceled their service or we eventually just banned them for ToS violations (they would callback and lie and say they were fixed and would get firewalled again) instead of contacting apple tech support. The network traffic monitor was pretty dead on, these guys were infected big time and refused to just reinstall OSX or install an AV, but in their eyes I was the idiot.

    TL;DR About 8 years ago I worked for a cable internet company and we had a wave of spambot Macs we shut down. A lot of Apple users hated our guts and refused to fix their Macs
  • hyperionx

    Posts: 232

    Apr 06, 2012 3:27 AM GMT
    As a Mac user, I have to say that yes, your Macintosh computer can be infected with a virus, just like a Windows PC. I'm not one of those people that relies on false pretenses and I take everything with a grain of salt.

    Just know that your computer is like your car, you should know how it works, be able to give it basic maintenance and make sure it is checked up by a professional on a frequent basis. Period.
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 4:32 AM GMT
    hyperionx saidJust know that your computer is like your car, you should know how it works, be able to give it basic maintenance and make sure it is checked up by a professional on a frequent basis. Period.
    And if it crashes, just close all the windows, restart it, and it'll be as good as new.
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 6:36 AM GMT
    yourname2000 said
    intensity69 saidYes, your "impervious" shiny Apple-branded Mac may be compromised... as with over half a million others:
    http://www.zdnet.com/blog/security/over-600000-macs-infected-with-flashback-trojan/11345?tag=mantle_skin;content

    But that's not possible...I've heard that Apple computers were individually made by Jesus himself, in a factory where God overlooks everything, and Santa ensures all the Chinese workers have Christmas everyday. It's just not possible for something bad to happen....not to a mac.


    Why would non-Christians have Christmas and Santa? Unless its Japan!

    christmas_santa_claus_marathon_kyoto_jap




    But they are Shinto, and in shintoism.. anything goes icon_cool.gif




    japanese-penis-festival1.jpg

    tumblr_le6ouf5s2N1qcnzne.jpg

    tumblr_le6otsBXsR1qcnzne.jpg

    parade_penis_festival_in_japan_02.jpg

    penis-1.jpg
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 8:39 AM GMT
    Sounds like this would be bad for Apple's PR since some people say that Mac never gets infected with viruses. I guess the hackers decided to focus on non-Windows OS for once.
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 9:11 AM GMT
    The more the Mac's gain in popularity, the more viruses will be created for Mac's. The reasons Mac's got fewer viruses in the past is simply because fewer people used them.
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 9:23 AM GMT
    I recall a group of Apple fanboys blasting me in a recent RJ thread when I claimed that Apple wasn't immune to viruses.

    I've been waiting for one of them to post to this thread. So far, nothing, though I anticipate the "At least Apple doesn't get attacked as regularly as Windows" reply will be their best defense.

    icon_lol.gif
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 9:37 AM GMT
    It is not true and never was that Macs could not be infected with viruses. Up until Macs switched to the UNIX operating system circa 2000, there were about 30 viruses and trojans affect the MacOSes up through OS 9.2, mostly affecting the early iterations of the OS. This was 30 viruses in a sixteen year period, so Macs were definitely vulnerable. (Of course, during this same period there were something like 100 new viruses per day affecting Microsoft's DOS/Windoze operating system. Mac users were so jealous that they couldn't talk at cocktail parties about their computers being virused, and the clueless Mac users thought that the PC users were so daringly outré to be talking about condoms in public when saying their PCs had trojans in them.)

    UNIX has been around since circa 1965 and was and is a much refined and widely used operating system for mainframe and minicomputers, renowned for its stability and resistance to malware. It is much harder to program successful malware to attack UNIX. The early Mac OS (as nice as it was) did have stability issues in how it handled the memory for its own use, which ultimately led to Apple switching to UNIX in 1999 as MacOS X with the Mac graphic interface. [Windows is just the badly implemented copy of the original Mac interface (itself derived from the Xerox prototype), leading to the Mac users' enthusiasm for Windows 95, which was the first poor copy of the MacOS 1984.] Once more and more people realized how much easier and more pleasurable it is to work under the MacOS X, it obviously would become more worthwhile for the scumbag hackers to invest their malevolence in programming attacks on the MacOS. So, after 28 years, I may actually have to buy an anti-virus program and even use it !!! Every dog has its day, so finally the PCers can gloat convincingly about Macs finally getting A virus!
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 10:46 AM GMT
    xrichx saidProblem here is that Apple is slow at fixing security holes. I think it's funny how people complain that Windows requires frequent updates. They don't realize that this is a GOOD thing. icon_lol.gif


    update_for_your_computer.jpg
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 10:54 AM GMT
    No. No, it's not. icon_smile.gif
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 10:59 AM GMT
    Uhmmm... my Mac is actually a matte-finished aluminum. It's not "shiny" and thus it can't be part of your supposed "Botnet."

    Darn you sexy Canadians trying to incur the wrath of brilliant Americans! *shakes fist!
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 11:02 AM GMT
    I thought this was interesting:

    If you end up downloading the trojan and entering your password it checks for the following:

    /Library/Little Snitch
    /Developer/Applications/Xcode.app/Contents/MacOS/Xcode
    /Applications/VirusBarrier X6.app
    /Applications/iAntiVirus/iAntiVirus.app
    /Applications/avast!.app
    /Applications/ClamXav.app
    /Applications/HTTPScoop.app
    /Applications/Packet Peeper.app

    If any of these are found, the malware will skip the rest of its routine and proceed to delete itself

    even If you do not enter your password it attempts to install anyway, checking for the following applications:

    /Applications/Microsoft Word.app
    /Applications/Microsoft Office 2008
    /Applications/Microsoft Office 2011
    /Applications/Skype.app

    If any of these are found, the malware again skips the rest of its routine and proceeds to delete itself, presumably to avoid infecting a system that has an incompatible application installed. Taken from F-Secure: http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml

    Very Strange logic here, at least the second case where the user doesn't enter their password...how do these apps prevent this malware from carrying out its mission, I do not know.
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 11:33 AM GMT
    yourname2000 said
    intensity69 saidYes, your "impervious" shiny Apple-branded Mac may be compromised... as with over half a million others:
    http://www.zdnet.com/blog/security/over-600000-macs-infected-with-flashback-trojan/11345?tag=mantle_skin;content

    But that's not possible...I've heard that Apple computers were individually made by Jesus himself, in a factory where God overlooks everything, and Santa ensures all the Chinese workers have Christmas everyday. It's just not possible for something bad to happen....not to a mac.


    It's been theoretically possible since the Macintel was introduced in early 2006.

    However, it is safe to say that it takes something like Java to screw up Mac OS X. ;-)

  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 11:36 AM GMT
    intensity69 saidYes, your "impervious" shiny Apple-branded Mac may be compromised... as with over half a million others:
    http://www.zdnet.com/blog/security/over-600000-macs-infected-with-flashback-trojan/11345

    Thanks, I just ran my Software Update and found a new Java version, and one of the improvements claimed is security. I wondered why I didn't get an automatic notification, and found my settings were at "Weekly" whereas I thought I had them on Daily. So I changed that, and installed the Java update.

    BTW, in an RJ thread touching on Mac security a few days ago I mentioned that despite Macs getting fewer viruses than PCs I still recommended a virus program.
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 12:21 PM GMT
    credo saidI recall a group of Apple fanboys blasting me in a recent RJ thread when I claimed that Apple wasn't immune to viruses.

    I've been waiting for one of them to post to this thread. So far, nothing, though I anticipate the "At least Apple doesn't get attacked as regularly as Windows" reply will be their best defense.

    icon_lol.gif

    It would be interesting if you happened to remember any of those threads and provide the links. I have Macs and Windows computers. Use Macs whenever possible. I don't recall ever reading anyone claim that Macs were immune to viruses. In the past most viruses were targeted to Windows computers.

    To the comment that Apple doesn't take security seriously, that has never been my impression. This is a current issue:
    http://www.slashgear.com/apple-makes-second-attempt-at-trojan-java-block-06221830/
  • Posted by a hidden member.
    Log in to view his profile

    Apr 06, 2012 6:12 PM GMT
    An article from 2011 citing Apple's slowness when addressing security issues.
    http://www.crn.com/news/security/232800152/mac-malware-exploits-apple-delay-with-java-patch.htm

    Security vulnerabilities + Mac users giving absolute trust in their computer = bad.

    I don't really care about the Apple/Windows rivalry. But Apple really needs to be more serious about these things as they gain market share. Compromised computers are bad for everyone in the end.

    And Mac users need to change their way of thinking.
    http://roee.co/2011/12/30/the-greatest-trick-apple-ever-pulled-was-making-you-think-its-your-fault/