Mac malware in the wild
by Ed Bott | May 6, 2011 12:39pm PDT | Image 1 of 6
Previous | Next
Just In
No, not possible, no virus for Macs, just ask any idiot Apple fanboi, they'll tell you. (Prediction: This thread is about to become full of just such posts.)
Apple users do NOT believe their machines are invulnerable. However, I've been waiting for my Mac to become infected since May 1986.
@Laraine Anne Barker
@Laraine Anne Barker I agree 100%, I waiting since 2006. @Cayble I believe your PC have protection software, that is way you still waiting :-p
@Laraine Anne Barker
I've been virus free on my PCs for that long. My home system uses no Antivirus or firewall. So what?
I've been virus free on my PCs for that long. My home system uses no Antivirus or firewall. So what?
@Laraine Anne Barker I'm really really starting to love this year. First off, it proved to the Linux fanboys that their OS is just as vulnerable as any other man-made OS, then I began seeing the fanboys (including ...Your Linux Advocate) confess that.
Now, 2011 is finally doing the same to the Mactards; as we can see here, they are starting to confess that their Macs aren't immune to Malware
Guess that noobish OS privilege line is finally fading
Keep it up 2011, there are still tonnes of noobs out there who still have yet to see the truth 
Now, 2011 is finally doing the same to the Mactards; as we can see here, they are starting to confess that their Macs aren't immune to Malware
Guess that noobish OS privilege line is finally fading
Keep it up 2011, there are still tonnes of noobs out there who still have yet to see the truth 
I've used Macs since 1997 and have never had a problem. I have used Intego Internet Security for about 4 years as the Mac market grows, so does the probability of malware. I also didn't like receiving virii emails or virii attachments from friends using one of the OS flavors from MightySoft (pun intended), because these could be forwarded (manually or remotely) to others using a MightySoft OS-->INFECTED.
A few years back, an unprotected MS-PC (I believe XP OS) took an average of 20 minutes on the net to be infected. In response, many ISPs implemented anti-virii software on their servers (Time Warner's Roadrunner for example). Also, the more powerful PCs of today don't get as bogged down when being used remotely to spread the infection. You could still be infected; you just don't know it.
I wouldn't own any computer without a firewall and anti-virii protection.
A few years back, an unprotected MS-PC (I believe XP OS) took an average of 20 minutes on the net to be infected. In response, many ISPs implemented anti-virii software on their servers (Time Warner's Roadrunner for example). Also, the more powerful PCs of today don't get as bogged down when being used remotely to spread the infection. You could still be infected; you just don't know it.
I wouldn't own any computer without a firewall and anti-virii protection.
@bargeemike
it's not a virus, it's a malicious program that tries to trick single users one by one into installing it by giving their password (a trojan). a fundamental difference. please educate yourself on the subject, then come back.
it's not a virus, it's a malicious program that tries to trick single users one by one into installing it by giving their password (a trojan). a fundamental difference. please educate yourself on the subject, then come back.
@banned from zdnet
I'm fully aware of the difference between a trojan using trickery to get installed and a virus. Learn the difference between satire and seriousness then come back.
I'm fully aware of the difference between a trojan using trickery to get installed and a virus. Learn the difference between satire and seriousness then come back.
@bargeemike
I don't think satire means what you think it does.
You got caught out there using the term virus incorrectly; a faux pax that normally wouldn't matter except that in this case you did it while trying hard to insult people by calling them idiots. (and you were the first to post.)
Sorry charlie but it is internet trolling 101 to first check your spelling, syntax and diction before starting down that road.
The rest of us will laugh at you now.
Hahahahahahaaha.
I don't think satire means what you think it does.
You got caught out there using the term virus incorrectly; a faux pax that normally wouldn't matter except that in this case you did it while trying hard to insult people by calling them idiots. (and you were the first to post.)
Sorry charlie but it is internet trolling 101 to first check your spelling, syntax and diction before starting down that road.
The rest of us will laugh at you now.
Hahahahahahaaha.
You could still be infected; you just don't know it. online high school | high school diploma | online ged
I wouldn't own any computer without a firewall and anti-virii protection. online high school | high school diploma | online ged
@bargeemike...
Not sure how the Mac people are fan boys for having a non-virus infected computer, yet the Windows people somehow aren't fan boys even though they are dearly attached to their digital plague of a computer.
As for anyone dumb enough to believe they're computer is bullet proof, just look at the government and their failures, despite the massive amount of security experts who not only jointly design the environment, but whom each independently test the security.
Not sure how the Mac people are fan boys for having a non-virus infected computer, yet the Windows people somehow aren't fan boys even though they are dearly attached to their digital plague of a computer.
As for anyone dumb enough to believe they're computer is bullet proof, just look at the government and their failures, despite the massive amount of security experts who not only jointly design the environment, but whom each independently test the security.
@R1scFactor
Not suggesting all Mac owners are fanbois, just pointing out how fanbois (and it's not a flavour-specific trait) react to anything that could possibly be twisted into a criticism of their favourite OS/hardware.
Not suggesting all Mac owners are fanbois, just pointing out how fanbois (and it's not a flavour-specific trait) react to anything that could possibly be twisted into a criticism of their favourite OS/hardware.
@bargeemike I think if some one can make virus for apple he is such a talent that would take a job anywhere.
It's very cute you are titling this "Mac malware in the wild" but you actually have to click and install the malware by yourself. But you see, this doesn't work like that on a Win - they use exploits to install malware without your consent or knowledge. That's what we called a virus and trojans 5 years ago.
Now, apparently, a virus and trojan is just fancy social engineering. Good luck in spreading the FUD. Smart people don't buy it.
Now, apparently, a virus and trojan is just fancy social engineering. Good luck in spreading the FUD. Smart people don't buy it.
Smart or not I have seen messages that most people take for granted. lets ust say you are expecting a shipment from UPS or fedex. who do send you pdf files with updates about shipping info. An unsuspecting "smart" user coudl open it without thinkng it could be malicious and become infected.
@campbellj78@...
First, no one ever sends a PDF with shipping info.
Second, if someone opened the imaginary PDF in Preview and it contained a malicious package, the user would be notified of an attempt to run software from the Internet and asked for permission to proceed. (Yes, this is how OS X works).
Third, if they were asked to install something, they would directly that this was an attempt at social engineering.
Fourth, the dismissal, by Windows apologist, of Mac users as idiots is getting very tiresone.
Give it a rest.
This whole example is another attempt by Ed to get clicks and goes beyond desperate to pitiful.
First, no one ever sends a PDF with shipping info.
Second, if someone opened the imaginary PDF in Preview and it contained a malicious package, the user would be notified of an attempt to run software from the Internet and asked for permission to proceed. (Yes, this is how OS X works).
Third, if they were asked to install something, they would directly that this was an attempt at social engineering.
Fourth, the dismissal, by Windows apologist, of Mac users as idiots is getting very tiresone.
Give it a rest.
This whole example is another attempt by Ed to get clicks and goes beyond desperate to pitiful.
@campbellj78@...
I use UPS and FedEx almost every day, both shipping out and receiving. Never had a legitimate PDF from either. Let us also note that PDF-based infections are due to an Adobe issue, not the core OS itself. Adobe accounts for many infections on all platforms they exist on. Some automatically infect you. Others are restricted to accidental (unsuspecting) installation.
I use UPS and FedEx almost every day, both shipping out and receiving. Never had a legitimate PDF from either. Let us also note that PDF-based infections are due to an Adobe issue, not the core OS itself. Adobe accounts for many infections on all platforms they exist on. Some automatically infect you. Others are restricted to accidental (unsuspecting) installation.
@a0 I can tell you that the Chrome malware (I was exposed on Google images) would not let me close the "threat" window or use Chrome unless I clicked the install box. I couldn't even force quit and had to use the Activity Monitor. That goes at least a half step beyond preying on fools.
@henry@...
But you are still talking about a Windows machine, aren't you? And it isn't like your heart will stop if you don't install the malware. You simply open the Task Manager and kill the window. Please tell me if I am wrong. BTW does one kill a process on a Mac?
But you are still talking about a Windows machine, aren't you? And it isn't like your heart will stop if you don't install the malware. You simply open the Task Manager and kill the window. Please tell me if I am wrong. BTW does one kill a process on a Mac?
@henry@...
There has never been a process I couldn't kill in "Force Quit." If there ever was such a process, you can still find the parent process and kill it. If all else fails, hold the power button until the hardware powers off and that kills everything.
But basically, I don't believe your description as I have never seen it before and if it did occur to you, it would have occurred to others as well.
BTW, view much porn using Google images?
There has never been a process I couldn't kill in "Force Quit." If there ever was such a process, you can still find the parent process and kill it. If all else fails, hold the power button until the hardware powers off and that kills everything.
But basically, I don't believe your description as I have never seen it before and if it did occur to you, it would have occurred to others as well.
BTW, view much porn using Google images?
It all comes down to definitions. Wikipedia defines Malware as "short for malicious software; software designed to infiltrate a computer system without the owner's informed consent". The attack at http://69.50.202.201/51615c36e821918f2f5571a3eaedb18bb20743da0934c5c6 certainly requires user consent.
The URL above is where the redirect goes. It is easy to dismiss this as for dumb mac users only but it's worth a look.
Duane
The URL above is where the redirect goes. It is easy to dismiss this as for dumb mac users only but it's worth a look.
Duane
@technoracle But not "informed". Ed is right, this is Mac malware. But he's also wrong, it is so utterly unconvincing that it is VERY low risk.
However, if you did run the installer, and type your admin password there is no limit to the damage it could inflict (but you'd not expect any different would you?)
However, if you did run the installer, and type your admin password there is no limit to the damage it could inflict (but you'd not expect any different would you?)
@technoracle
my computer keeps randomly redirecting me to that site you linked. what is it and how do i stop it from happening?
my computer keeps randomly redirecting me to that site you linked. what is it and how do i stop it from happening?
Attacks like this have been on Mac for a while. I had a client have a simular issue 6 months ago.
Also, if you're going to blur out the IP address of the download, make sure it can't be read...
Also, if you're going to blur out the IP address of the download, make sure it can't be read...
No system is proof against social engineering. BTW, I note that Firefox agreed to download the file, NOT install it. At least that gives the user time to THINK about it.
More Windows Fanboys hoping that other platforms would be even 25% as unsafe as their ill chosen Platform, keep wishing , hoping & dreaming cause it will be a loooooonnng
time till we see this happen.
time till we see this happen.
@johnpall@...
The thing is, if you're right, then how is it that the Mac keeps falling first, usually within 2 minutes or less, at the last few CanSecWest Pwn2Own contests? Charlie Miller got so bored to death going home with the Mac prize he switched to hacking the iPhone - AND won that as well.
Charlie Miller, btw, had something like 125 exploits in his bag of tricks - which he didn't get a chance to use.
This year's Pwn2Own also found the Mac going down hard and fast while the Windows system required a convoluted combination of three exploits to get the job done. Oh.. And both systems were fully patched.
The difference now is that real hackers are out there - not just a bunch of security researchers - and they are out to pwn YOUR Mac.
Just keep on thinking your system is 100% safe. That kind of attitude will get you into trouble.
The thing is, if you're right, then how is it that the Mac keeps falling first, usually within 2 minutes or less, at the last few CanSecWest Pwn2Own contests? Charlie Miller got so bored to death going home with the Mac prize he switched to hacking the iPhone - AND won that as well.
Charlie Miller, btw, had something like 125 exploits in his bag of tricks - which he didn't get a chance to use.
This year's Pwn2Own also found the Mac going down hard and fast while the Windows system required a convoluted combination of three exploits to get the job done. Oh.. And both systems were fully patched.
The difference now is that real hackers are out there - not just a bunch of security researchers - and they are out to pwn YOUR Mac.
Just keep on thinking your system is 100% safe. That kind of attitude will get you into trouble.
@johnpall@...
Actually, your quite wrong. The faster people switch to apple the faster your troubles will come. Apple is gaining more attention in that community now.
Actually, your quite wrong. The faster people switch to apple the faster your troubles will come. Apple is gaining more attention in that community now.
Humans. That's the commonality of Mac and PC. If you can get a human to accept the download, open the download, whatever, you're in. Forget Mac v. PC. We're talking about humans.
@qlas - Absolutely!! But there are differences based upon how the OS engineers human behavior. On windows we are all used endless prompts. UAC added even more repetitive prompts. On a MAC I can tell when a Windows-y programmer has made software by the installer and by multiple admin prompts. You know this isn't a Mac programmer. They are doing it wrong. Windows/Unix programmers will include scripts that must be copied to hidden directories and execute them to change permissions. This only happens when I'm install software from the Windows/Linux end of programming world. I'm prompted so rarely on a Mac to enter my admin rights, that it is actually Meaningful. On Windows, If I want to open items in control panel, I'm prompted for elevation. On a server as a Admin of the Windows 2008 server, I'm prompted every time I copy files that aren't in my user directory between different directories. It is quite ridiculous. But Windows has trained people to click, click, click, click through lots of stuff to get to the next meaningful thing. Firewall on windows will ask for permission to allow programs the user CAN'T recognize to allow a connection somewhere to something on some port. YES or NO? I manage firewalls for a living and I can't know the right answer. It makes the user feel stupid and breed a "click it" so I can do what I want mentality.
I plugged my printer into a new MacBook Pro -- my first mac ever. A week later I needed to print, so I started poking around for an ADD PRINTER process. Eventually I realized the OS has setup the printer. The OS is responsible for I/O and hardware, so why would it need me to participate. Why should the user be trained like a monkey to click NEXT, NEXT, NEXT, NEXT, FINISH.
Mac is a completely different mindset and design from the ground up. And great design pays off for a decade, the same way the bad designs of Windows 3.1 hurt Windows for a decade. It isn't just about "OS" security. It is about the work environment that OS provides the user. Windows users (who arent geeks) feel helpless and at the mercy of this mysterious machine that keeps asking questions they don't understand. Mac Users aren't made to feel like morons because they don't work in the computer industry. AND THAT is why they love and trust their machines.
And Windows people simply don't get it, until they are willing to be a Mac users, no take backs, not using it only when I have to, not bothering to invest in it to have all the tricks you need to live on it the same way you did on Windows. When you jump fully in the pool you start to see the different perspective. Not that everything is rosey and perfection of a Computer Operating System. It isn't about that, that is the Windows user's view of a Mac User. The Mac people are busy using the computer to do something that has nothing to do with "OS". OS isn't their focus or concern.
Lastly, social engineering is not a weakness in an app or operating system. And this "malware" is about social engineering -- 100%. It has nothing to do with the OS, other than it is targeting users who are use Mac and Windows users of specific visual versions.
I plugged my printer into a new MacBook Pro -- my first mac ever. A week later I needed to print, so I started poking around for an ADD PRINTER process. Eventually I realized the OS has setup the printer. The OS is responsible for I/O and hardware, so why would it need me to participate. Why should the user be trained like a monkey to click NEXT, NEXT, NEXT, NEXT, FINISH.
Mac is a completely different mindset and design from the ground up. And great design pays off for a decade, the same way the bad designs of Windows 3.1 hurt Windows for a decade. It isn't just about "OS" security. It is about the work environment that OS provides the user. Windows users (who arent geeks) feel helpless and at the mercy of this mysterious machine that keeps asking questions they don't understand. Mac Users aren't made to feel like morons because they don't work in the computer industry. AND THAT is why they love and trust their machines.
And Windows people simply don't get it, until they are willing to be a Mac users, no take backs, not using it only when I have to, not bothering to invest in it to have all the tricks you need to live on it the same way you did on Windows. When you jump fully in the pool you start to see the different perspective. Not that everything is rosey and perfection of a Computer Operating System. It isn't about that, that is the Windows user's view of a Mac User. The Mac people are busy using the computer to do something that has nothing to do with "OS". OS isn't their focus or concern.
Lastly, social engineering is not a weakness in an app or operating system. And this "malware" is about social engineering -- 100%. It has nothing to do with the OS, other than it is targeting users who are use Mac and Windows users of specific visual versions.
@royalef
This episode was broughht to you by the letter i
And The REverend Steve Jobs Kool-Aid ascention Plan for instant Grape flavored heaven, followed by liquifactoin of you inners! Buy It! Try It! Or else!
This episode was broughht to you by the letter i
And The REverend Steve Jobs Kool-Aid ascention Plan for instant Grape flavored heaven, followed by liquifactoin of you inners! Buy It! Try It! Or else!
@Grey Ash
I don't see how your insults regarding Mac Apple and all associated registered trademarks being connected to The Rev. Jim Jones and the Guyana tragedy, What does this have to do with the fact the Mac is what The Lord God, Uses himself to create everything and to keep score of all the good boys and Girls....Mac is soooo Awesome my wallets ruptured and hemmorrhiged cash everywhere, and for a machine that that looks so heavenly Like A really upscale fuctioning cocaine addicts loft, So Realize, If you aren't using Apple, you and the succesive generations of you kith and kin will remain the plebian serfs that dig the ditches for mister jobs with your inferior wooden shovels and windows boxes...Know your place windey> The is Mac man's country, don't let us catch you round these parts or we'll bore you with our gushing love sonnets to our electrically powered aluminium objects...
I don't see how your insults regarding Mac Apple and all associated registered trademarks being connected to The Rev. Jim Jones and the Guyana tragedy, What does this have to do with the fact the Mac is what The Lord God, Uses himself to create everything and to keep score of all the good boys and Girls....Mac is soooo Awesome my wallets ruptured and hemmorrhiged cash everywhere, and for a machine that that looks so heavenly Like A really upscale fuctioning cocaine addicts loft, So Realize, If you aren't using Apple, you and the succesive generations of you kith and kin will remain the plebian serfs that dig the ditches for mister jobs with your inferior wooden shovels and windows boxes...Know your place windey> The is Mac man's country, don't let us catch you round these parts or we'll bore you with our gushing love sonnets to our electrically powered aluminium objects...
@qlas Thank God for a glimmer of objectiveness in this thread - you hit the nail on the head. I read these articles hoping for enlightenment and information, yet most of the posts come across sounding like 12 year old super nerds with nothing better to do than barrack for their chosen OS with a fervour and passion that most religious zealots could only dream of. Do you guys just sit at your computers all day trawling CNET, ZNET, etc,etc,etc, just waiting to start up another sad diatribe about your (perceived) superior OS's?? Get a life people!
No system is 100% safe. Please follow this logic... People are not perfect (and never will be). Computers and their programs were all designed by people. Therefore, computers and their programs are not (and never will be) perfect.
Sure, very intelligent people design all kinds of protection for the masses but, there`s always someone smarter just around the corner waiting to surpass the previous intelligence `high-mark`.
Sure, very intelligent people design all kinds of protection for the masses but, there`s always someone smarter just around the corner waiting to surpass the previous intelligence `high-mark`.
I have been using personal computers since 1979 and Macs since 1984. A well designed social engineered attack will present the unfortunate user with a screen that looks like his normal system response. That familiar "OK" or "Continue" button could really be "YES" for the installation of Malware, Virus or what ever! No machine is safe! Not even my beloved Mac.
I even installed MS DOS on a new PC using a new OEM DOS diskette and the new DOS diskette was infected! So you can never be to comfortable.
I even installed MS DOS on a new PC using a new OEM DOS diskette and the new DOS diskette was infected! So you can never be to comfortable.
Ooh, look. My predictions in my first post. Spot on, I think. However, suprising number of sensible comments as well.
good god, why not keep at it about how the only way to infect a mac is to open yourself to it through your actions? honestly, do what bill gates did when he bragged about xp being a non pirateable os before it was released. people took the challenge, then went after it. 3 bucks us a couple hours after the official release, and downloadable 2 hours after that.....careful what you say, someone may decide to learn more about how to sneak in a true virus, or a worm that you don't have to be stupid enough to click on. as apple sells more and more machines, they make themselves abigger market. nothing is bulletproof, as others have said in this article and thread. i have gotten many viruses and trojans on my machines over the years, but, that was due to laziness and neglect. my work laptop, is as clean as a whistlee.....why? because it matters......and i pay attention. is it better than my other machines? no, i just care about it more. Danger will robinson, danger!!!
If Macs are so unlikely to be infected by bugs, then that huge list of "discovered" bugs in the trojan screens shown above should surely arouse some massive suspicions in any switched-on Mac user's noddle. Even a Windows computer is highly unlikely to have that many bugs in operation at any one time. Listen to the little voice in your head, which says "Don't be so daft as to click on this".
Mac fanboys amaze me. There is no economic gain from making viruses for a non-dominate OS. That being said, more and more people own them because of that one reason, not because they "can't get viruses". No one cares enough to make a virus specifically for a minority system. When making an argument be sure to understand the obvious points from the makers of viruses.
It has nothing to do with inferiority, just majority.
It has nothing to do with inferiority, just majority.
Virus, trojan All of it screws your system,city,night of pleasure, I figure with the virus-like proliferation of iDiots being the first of thousands of firsts in line to get the newest gospel from Jobs-on-High, there's atleast a few shady charecters (probably the ones without turtlenecks) looking to exploit, the 1st gen. 2 gen bugs that exist in every electronic device including vacuum tube technology....and with so many people willing to do just that, line up like the old soviets for toilet paper,and get all willy-nilly with their shenannigoats all over the web ( who had to clean up the icky stuff left behing? probably those on the Jobs-town punishment Detail) where was i going??? oh yeah, yeah, electronics get all sorts of messed up,iZombies,window-jumpers, and penguin club...(Hey, Get it Clubbing a penguin??) I use the Winders and the various clubbed penguins, but not Apple, cause, it's too damn much, for The Rev. Jobs..
man, i'm sick of the Mac Winders, linux, I wish someone would invent like a typewriter or pens and paper...
man, i'm sick of the Mac Winders, linux, I wish someone would invent like a typewriter or pens and paper...
Please explain the label Mactard. If it is slang for merging Macintosh with retard; that would actually mean that you don't understand the Macintosh computer. Which makes calling Mac users Mactards, a retarded statement, MrElectrifyer. So we can only assume, you're an ignorant person that does not know how to use most words contextually. Since you must be a Mactard, then how can you comment on what you are ignorant about.
Good pictures and good article...I guess I will have to be cautious of this when browsing the web on my Mac.
Virus writers are platform agnostic...if you think viruses and malware will continue only existing for Windows, you are mistaken.
Virus writers are platform agnostic...if you think viruses and malware will continue only existing for Windows, you are mistaken.
win win whinge. this is NOTHING more than an ATTEMPTED exploit. pardon me whilst i go off and do something constructive (other than run a/v, defrag and twiddle with an OS that is at its heart still QDOS).
don't know about Mac viruses but I know for a fact that viruses effect PCs. I have had to do full Windows OS reinstalls in order to clean infected PCs. So folks, here, who claim viruses are no significant threat to PCs are not being quite well, let us just say they must be winking and crossing their fingers when making those statements.
Join the conversation!
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Vendor Showcase
