Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
[Merged] Zombie Mac "Botnet" is Active
- Thread starter fpbecker
- Start date
- Sort by reaction score
doesn't change the fact of a security threat, we dont ask these details about windows users, do we? we blame windows no matter if the users initiated the process.
Its a threat, plain and simple. blame user wont solve it.
nobody in this thread mentioned virus, but most anti virus softwares handle trojans, worms, malwars as well.
If anybody should, that would be apple, who claimed windows has 144000 viruses, which is 80+% malware, worms, trojans.
Anyone with any amount of common sense should know that installing an application downloaded from a P2P site and providing the admin password in the process is a very high risk activity. The fact that people are pirating iWork which costs only £80 or so to buy legitimately is particularly sad.
As for CS4, if you can't justify buying it (ie. if you're not a pro.) then there is a good chance you don't actually need it and might be better of with something like Aperture which is priced much more for the consumer market and yet delivers many pro features.
If you must download stuff via P2P (I do sometimes to be fair) then for heaven's sake get a virus/trojan/malware scanner and scan your downloads before installing. Also, make sure you have a good backup strategy in place so that you can recover from getting hacked more easily.
Personally, if I decide to buy iWork 09 (been thinking about it) then it would be a no-brainer to just get it from Apple. Different story perhaps if I needed Microsoft Office due to the fact it costs an arm and a leg. Fortunately OpenOffice is able to fill that need more than adequately and costs nothing.
Stay safe folks, it's a scary world out there...
Craig.
As for CS4, if you can't justify buying it (ie. if you're not a pro.) then there is a good chance you don't actually need it and might be better of with something like Aperture which is priced much more for the consumer market and yet delivers many pro features.
If you must download stuff via P2P (I do sometimes to be fair) then for heaven's sake get a virus/trojan/malware scanner and scan your downloads before installing. Also, make sure you have a good backup strategy in place so that you can recover from getting hacked more easily.
Personally, if I decide to buy iWork 09 (been thinking about it) then it would be a no-brainer to just get it from Apple. Different story perhaps if I needed Microsoft Office due to the fact it costs an arm and a leg. Fortunately OpenOffice is able to fill that need more than adequately and costs nothing.
Stay safe folks, it's a scary world out there...
Craig.
Thank you.
For a while, I thought I was the only person thinking about this.
Windows users are really going to get a good laugh when someone finds another way to deliver trojans to Mac users, and there are thousands of infections.
Not in all cases. Many of us know full well that in most cases it is the system user that presents the biggest security hole.
I had an old copy of PC Tools and still get occasional emails from them.
Today, I got this:
"Mac Threat Alert
Know anyone that's a Mac User?
Then let them know that malware researchers have discovered what appears to be the first Mac OSX botnet, aka MacBot or iBotnet and its receiving a substantial amount of industry and media interest. "
Another marketing ploy or is this something I should watch out for?
I have all of the Apple software updates. I don't use torrents or download illegal music or porn.
Today, I got this:
"Mac Threat Alert
Know anyone that's a Mac User?
Then let them know that malware researchers have discovered what appears to be the first Mac OSX botnet, aka MacBot or iBotnet and its receiving a substantial amount of industry and media interest. "
Another marketing ploy or is this something I should watch out for?
I have all of the Apple software updates. I don't use torrents or download illegal music or porn.
This whole OS X and malware thing does get me thinking from time-to-time. Currently it is very much a non-issue, but if it started actually gearing up I fear what Apple would do:
(future timeline...)
Only odd pieces of malware appear, nobody cares.
More malware starts appearing, most Mac users don't care.
Apple Store Genius' start having to remove malware regularly, some Mac users are getting a little worried, Apple does nothing.
Malware is now fairly widespread for OS X, AV firms start shouting at Mac users to use their software, most Mac users are worried. Apple does nothing.
Eventually Apple caves (after a big one) and starts recommending the sort of security software PC users have always used. Apple start releasing security updates with speed for OS X. PC users have the smuggest looks on their faces.
(future timeline...)
Only odd pieces of malware appear, nobody cares.
More malware starts appearing, most Mac users don't care.
Apple Store Genius' start having to remove malware regularly, some Mac users are getting a little worried, Apple does nothing.
Malware is now fairly widespread for OS X, AV firms start shouting at Mac users to use their software, most Mac users are worried. Apple does nothing.
Eventually Apple caves (after a big one) and starts recommending the sort of security software PC users have always used. Apple start releasing security updates with speed for OS X. PC users have the smuggest looks on their faces.
THERE ARE NO VIRUSES on OSX.
Since there are no viruses, anti-virus cannot determine what is a virus at this time.
Giz Explains: Why OS X Shrugs Off Viruses Better Than Windows
http://i.gizmodo.com/5101337/giz-explains-why-os-x-shrugs-off-viruses-better-than-windows
The Mac Malware Myth
http://www.roughlydrafted.com/2009/01/29/the-mac-malware-myth/
The Unavoidable Malware Myth
http://www.roughlydrafted.com/2008/...-apple-wont-inherit-microsofts-malware-crown/
Since there are no viruses, anti-virus cannot determine what is a virus at this time.
Giz Explains: Why OS X Shrugs Off Viruses Better Than Windows
http://i.gizmodo.com/5101337/giz-explains-why-os-x-shrugs-off-viruses-better-than-windows
The Mac Malware Myth
http://www.roughlydrafted.com/2009/01/29/the-mac-malware-myth/
The Unavoidable Malware Myth
http://www.roughlydrafted.com/2008/...-apple-wont-inherit-microsofts-malware-crown/
please. stop using this as excuse. security threat. does't have to be virus. every anti virus softwares out there handle trojan and worms.
why are we still staying at the stage of caring more about terminolgy than care about users' security?
apple itself thinks trojans and malwares are "viruses" after all.
why are we still staying at the stage of caring more about terminolgy than care about users' security?
apple itself thinks trojans and malwares are "viruses" after all.
Wow, bad things happened after people installed BitTorrented, pirated software. Shocking!
Symantec is dying to get people to believe there's a security threat on Macs. It wouldn't surprise me at all if "security researchers for Symantec" created this Trojan, only to "discover" it later.
Because these security threats can be easily avoided by not downloading pirated software. Yes, it's still a threat because people will continue to do that, but no one else has to worry just yet. If trojans start making their way into more legitimate file downloads, then there will be something to talk about (and I've personally never encountered anything like that even in Windows).
+1
ALL computer users need to be careful if they want to avoid this kind of behavior. Installing certain pirated software can get you owned, as can being directed to a bad site using safari. This puts us in the same boat as a patched windows box.
A complacent/careless user can get their computer owned, both mac and windows.
I run both Windows XP and OS X.
I have encountered a nasty once in the 5 years I have had internet access (on my own computers that is, can't speak for others I have tried to save).
It was from a torrent; fortunately I had a virus scanner running (in Windows). I guess this is a good lesson for Mac users that we are not invincible.
I think that the user is the biggest security threat. If someone runs trojan.exe or virus.exe and puts in the admin password, no amount of OS security will save them.
I have encountered a nasty once in the 5 years I have had internet access (on my own computers that is, can't speak for others I have tried to save).
It was from a torrent; fortunately I had a virus scanner running (in Windows). I guess this is a good lesson for Mac users that we are not invincible.
I think that the user is the biggest security threat. If someone runs trojan.exe or virus.exe and puts in the admin password, no amount of OS security will save them.
the botnet is already launching DDoS attacks now. http://i.gizmodo.com/5217202/symantec-finds-first-mac-botnet-already-launching-ddos-attacks
easily avoid? today is pirated iwork, tomorrow might be pirate movies, are we expecting mac users not using bt?
lets get real, and understand blaming users is not the solution.
how convenient. Why dont you go suggest apple to do a piracy test of each user before sell them computers then.
oh, its stupid users, my system is fine! Im sure Microsoft can say exactly same with windows.
Blaming users. lol, yeah right. Did you ever seen microsoft blaming users for trojans or worms? Now thats how a company takes care of its users.
True, you can never save the user from themselves, but I think there is more to be learned here.
It's dirt simple to get a Mac user to turn over credentials, just throw a .pkg at them. Legal software or not it could be harboring a bot. You have just given it root level access. Unsigned .app or .pkg files included in .zip or .dmg could even be altered in transit, if necessary, to include a bot.
Think about the level of freeware you download and install via pkg. On a complex package a bot would be dirt simple to slip into a framework.
Apple should be taking reasoned approaches to reducing this risk including building better installers and pushing devs to steer clear of root level access completely and pkg files when unnecessary. I think it's one of the reasons Apple has started a real code signing push, as it reduced the vectors for malware to spread effectively.
