Mac Trojan Horse Used In Denial-of-Service Attacks

I guess Apple shouldn't have backed down on their insistence that Macs need virus scanning software installed.

Any OS (Linux, Unix (Macs included), and Windows) can get viruses. It is up to the people who purchase the OS to make sure they are using common sense.

[www.sadtrombone.com]

@ColinC: my thoughts exactly. If you are prone to downloading cracked/pirated versions of software you are just asking for trouble.

mshorts

Download illegitimate software from an untrusted source, type in your root password to install it, get a trojan ... I'm not sure of any OS that's immune to that type of attack.

ColinC

Its a good thing Macs can't get a virus. (roll eyes)

JuniorAndTorrie

and as the market share of apple increases, this will become a more common occurrence.

stryker1800

lol, and Apple just released a new virus free commercial.

cattrain

A Mac botnet? :(
And I thought Mac viruses were very rare!
I hope this will drive Apple users to use security softwares starting now...

callrecall911

@Mudkip x86: Tonda Gossa!! [オ マイ ポク!! See you all in Hawaii!]: Solution? Get an antivirus software.

ssj4Gogeta

@Mudkip x86: Tonda Gossa!! [オ マイ ポク!! See you all in Hawaii!]: Solution? Get an antivirus software.

ssj4Gogeta

@gerrrg: exactly. Apple goes on and on about OS X being virus free as if it's inherently secure from them. No OS is.

ssj4Gogeta

@gerrrg: exactly. Apple goes on and on about OS X being virus free as if it's inherently secure from them. No OS is.

ssj4Gogeta

I guess the only OS left is unix.

/sarcasm

I guess the only OS left is unix.

/sarcasm

@ColinC: I don't think that's the issue. If you have AVG or any good antivirus software running in the background, you'd get a popup that would indicate that a virus was trying to install itself, and was either stopped or isolated or both.

If you're a Mac user and took the advice that you didn't need virus protection - even free - then you're leaving yourself vulnerable, regardless of the source. Exploits will only continue to gain steam on the internet.

gerrrg

@ColinC: I don't think that's the issue. If you have AVG or any good antivirus software running in the background, you'd get a popup that would indicate that a virus was trying to install itself, and was either stopped or isolated or both.

If you're a Mac user and took the advice that you didn't need virus protection - even free - then you're leaving yourself vulnerable, regardless of the source. Exploits will only continue to gain steam on the internet.

gerrrg

Solution? Don't pirate your goods! Buy them legitimately!

Solution? Don't pirate your goods! Buy them legitimately!

@cattrain: lol, pwnd.

TurboTexas

@cattrain: lol, pwnd.

TurboTexas

The simple belief that virus infections only come from pirated software illustrates how easy it is to infect a persons system.

It seems ignorance and stupidity is OS independent.

.:roll eyes:.

jActon

The simple belief that virus infections only come from pirated software illustrates how easy it is to infect a persons system.

It seems ignorance and stupidity is OS independent.

.:roll eyes:.

jActon

A virus for a Mac, Fanboys are probably crying to death while hiding under a cave. Most probably on denial!! Like always

venc

A virus for a Mac, Fanboys are probably crying to death while hiding under a cave. Most probably on denial!! Like always

venc

@fosphen: I agree.

Andrew Mussey

@fosphen: I agree.

Andrew Mussey

What are some good free AV apps for Mac?

Anomaly1

What are some good free AV apps for Mac?

Anomaly1

@wewillchange: Macs run off Unix, I think you mean Linux. (lol, I feel like an ass for correcting you)

TurboTexas

@wewillchange: Macs run off Unix, I think you mean Linux. (lol, I feel like an ass for correcting you)

TurboTexas

Linux and Mac both are Unix based systems, so a virus that affects one can technically affect the other. This virus affects Mac OS X which is a Unix Spec 03 system. So there you have your Unix virus.

BonnibelJuicy

Linux and Mac both are Unix based systems, so a virus that affects one can technically affect the other. This virus affects Mac OS X which is a Unix Spec 03 system. So there you have your Unix virus.

BonnibelJuicy

Linux and Mac both are Unix based systems, so a virus that affects one can technically affect the other. This virus affects Mac OS X which is a Unix Spec 03 system. So there you have your Unix virus.

BonnibelJuicy

@ColinC: I should have mentioned this, please don't run the command I mentioned above. As root, on a *nix OS, it will wipe out your entire filesystem.

ColinC

@ColinC: I should have mentioned this, please don't run the command I mentioned above. As root, on a *nix OS, it will wipe out your entire filesystem.

ColinC

@ColinC: I should have mentioned this, please don't run the command I mentioned above. As root, on a *nix OS, it will wipe out your entire filesystem.

ColinC

@gerrrg: It's not like this was an exploit in OS X, this was just a service they wrote to create zombie machines. They modified the installer before they released it and the service gets installed as root when you type in the root password to install iWork. The whole point is, you're not going to plug a fresh version of OS X into the internet and grab this virus. You're going to have to make the decision to download AND INSTALL illegitimate software. That's part of the reason so many developers publish the md5 hash for their packages. So you can check, before installing, that the package you have hasn't been modified (either accidentally or intentionally).

It'd be no different than someone complaining because a modified installer ran "rm -fr /" as root. So yeah, if you're going to run around install illegitimate software, even on Ubuntu or whatever you're running, you might want to run virus software. Even though, in a lot of cases, it's not going to help.

ColinC

@gerrrg: It's not like this was an exploit in OS X, this was just a service they wrote to create zombie machines. They modified the installer before they released it and the service gets installed as root when you type in the root password to install iWork. The whole point is, you're not going to plug a fresh version of OS X into the internet and grab this virus. You're going to have to make the decision to download AND INSTALL illegitimate software. That's part of the reason so many developers publish the md5 hash for their packages. So you can check, before installing, that the package you have hasn't been modified (either accidentally or intentionally).

It'd be no different than someone complaining because a modified installer ran "rm -fr /" as root. So yeah, if you're going to run around install illegitimate software, even on Ubuntu or whatever you're running, you might want to run virus software. Even though, in a lot of cases, it's not going to help.

ColinC

I'm a little disappointed in how this story is minimized on the front page. When I see headlines like this, I want them to be in large print and at the top of the page, if only to make up for a portion of those smug smiles on pretentious apple owner's faces when they say how invincible their computers are. Is that wrong?

On a more relevant note, does this really surprise anyone? After all, wasn't safari itself cracked in minutes during that security competition a month or so ago? It seems that security more or less takes a back seat with apple, since they assume no virus writers are out to get them anyway. Welcome to double digit market share apple! Here's your trojans.

dangerp

@gerrrg: It's not like this was an exploit in OS X, this was just a service they wrote to create zombie machines. They modified the installer before they released it and the service gets installed as root when you type in the root password to install iWork. The whole point is, you're not going to plug a fresh version of OS X into the internet and grab this virus. You're going to have to make the decision to download AND INSTALL illegitimate software. That's part of the reason so many developers publish the md5 hash for their packages. So you can check, before installing, that the package you have hasn't been modified (either accidentally or intentionally).

It'd be no different than someone complaining because a modified installer ran "rm -fr /" as root. So yeah, if you're going to run around install illegitimate software, even on Ubuntu or whatever you're running, you might want to run virus software. Even though, in a lot of cases, it's not going to help.

ColinC

I'm a little disappointed in how this story is minimized on the front page. When I see headlines like this, I want them to be in large print and at the top of the page, if only to make up for a portion of those smug smiles on pretentious apple owner's faces when they say how invincible their computers are. Is that wrong?

On a more relevant note, does this really surprise anyone? After all, wasn't safari itself cracked in minutes during that security competition a month or so ago? It seems that security more or less takes a back seat with apple, since they assume no virus writers are out to get them anyway. Welcome to double digit market share apple! Here's your trojans.

dangerp

@jActon: If you're referring to this part: "The takeaway: Macs can get malware the same way Windows computers more often than not do-through careless downloading practices." I think it's just not worded the best.

Adam's not saying the only way you can get viruses on Windows is by downloaded pirated software, just that "careless downloading" (i.e. pirated software) is one of the ways. And more often than not, pirated software has some type of virus.

ColinC

@jActon: If you're referring to this part: "The takeaway: Macs can get malware the same way Windows computers more often than not do-through careless downloading practices." I think it's just not worded the best.

Adam's not saying the only way you can get viruses on Windows is by downloaded pirated software, just that "careless downloading" (i.e. pirated software) is one of the ways. And more often than not, pirated software has some type of virus.

ColinC

this is a great day for Apple. The Mac now has enough market share for people to bother writing malware for it.

klumsy

this is a great day for Apple. The Mac now has enough market share for people to bother writing malware for it.

klumsy

Macs don't get viruses!

Richard Wang

Macs don't get viruses!

Richard Wang

@Anomaly1: I know a few people at work run norton antivirus for mac. They're all running pretty decent machines so it's hard to say how much overhead it creates (I say that just because I know everyone seems to complain about norton's overhead on windows). It seems to work pretty well though, not to catch viruses on OS X but rather in attachments and such from windows users. That way if someone sends you an attachment with a virus and you go to forward it to someone on windows, you're not spreading the virus. Plus you can always let the person know who sent you the file "you might have a virus, you should get that checked out."

The problem is that even if you had norton running when this trojan first came out, norton wouldn't have caught it (although it's been updated to catch it now).

ColinC

@Anomaly1: I know a few people at work run norton antivirus for mac. They're all running pretty decent machines so it's hard to say how much overhead it creates (I say that just because I know everyone seems to complain about norton's overhead on windows). It seems to work pretty well though, not to catch viruses on OS X but rather in attachments and such from windows users. That way if someone sends you an attachment with a virus and you go to forward it to someone on windows, you're not spreading the virus. Plus you can always let the person know who sent you the file "you might have a virus, you should get that checked out."

The problem is that even if you had norton running when this trojan first came out, norton wouldn't have caught it (although it's been updated to catch it now).

ColinC

I've been saying it for years. Macs are not virus-proof.

idogis1

I've been saying it for years. Macs are not virus-proof.

idogis1

Dear PC douches:

This is a Trojan, not a virus. Now go play in traffic.

Thank you,
LJS

LJSeinfeld

Dear PC douches:

This is a Trojan, not a virus. Now go play in traffic.

Thank you,
LJS

LJSeinfeld

@Joseph Smrekar:
Further, none of my 3 macs have malware or have ever had malware.

Joseph Smrekar

@Joseph Smrekar:
Further, none of my 3 macs have malware or have ever had malware.

Joseph Smrekar

"Macs can get malware the same way Windows computers more often than not do"

"more often than not" -- my friends, family & clients do not pirate software, as they don't know how. Being that i am on their PCs helping them fix them, I would know if there was some pirated software on there. The signs are usually a p2p or torrent client installed -or- an expensive program that they have no use for e.g. Creative Suite, 3ds max, maya, etc...

That being said, I find fault in your statement. I really don't think this is the primary way to spread malware on PCs.

Joseph Smrekar

"Macs can get malware the same way Windows computers more often than not do"

"more often than not" -- my friends, family & clients do not pirate software, as they don't know how. Being that i am on their PCs helping them fix them, I would know if there was some pirated software on there. The signs are usually a p2p or torrent client installed -or- an expensive program that they have no use for e.g. Creative Suite, 3ds max, maya, etc...

That being said, I find fault in your statement. I really don't think this is the primary way to spread malware on PCs.

Joseph Smrekar

Echoing LJS up there, this is a Trojan, not a Virus. This isn't even about OS fanboyism, just using the right term for it.

Can I be the first to point out that there's a difference between a trojan and a virus?

IndigoHapiloons

Can I be the first to point out that there's a difference between a trojan and a virus?

IndigoHapiloons

@dangerp:

Actually, Safari was cracked in seconds. Macs: No viruses and no hackers (as far as you know)!

Justin B

@dangerp:

Actually, Safari was cracked in seconds. Macs: No viruses and no hackers (as far as you know)!

Justin B

Wait wait.......I'm confused. According Apples new "Macs are for cool people, PC's are for geeks" commercial, Macs don't get viruses, malware, etc. Interesting.

LuzioAetolus

Wait wait.......I'm confused. According Apples new "Macs are for cool people, PC's are for geeks" commercial, Macs don't get viruses, malware, etc. Interesting.

LuzioAetolus

"The takeaway: Macs can get viruses the same way Windows computers " erm no, its NOT a virus, it required downloading / installing and verifying with a password.

AtwaterDeion

@LJSeinfeld: Dear FruitLove:

Don't forget you use a PC whether it was made from fruits or from other fruits like D, H, S, A, M, etc you name it.

As such, you have "I'm Also A Big D-BAG" written all over your pathetic diatribe.

Thank You,
The_Gank

the_gank

@dangerp: I agree. Why is the headline so small?

@AtwaterDeion: Does arguing semantics within one element of the takeaway really matter when the overall emphasis is that users should not be careless with downloading activities?

jonny6pak

After those commercials about mac / windows & malware, this is deserved.

@AtwaterDeion: deeeeenial!

BrianB

@AtwaterDeion: deeeeenial!

BrianB

@LuzioAetolus: Um. That's a Microsoft commercial. Not Apple's.

@TurboTexas: LOL. You were pwnd. Read Atwater's correct post above.

@Justin B: It was cracked by an expert who had this trick up his sleeve for a year. He won the contest the previous year so he saved this trick so he could win this year. His full time job is cracking Macs.

If it was easy to do, anyone could do it.

It's funny to see all the Windows users jump on this without realizing they don't know what they're being fed. This is NOT a trojan, virus or anything of the kind. This is a "shoot yourself in the foot" problem which Windows users also have, plus the extra baggage is real trojans, viruses, etc.

ha

resilient

ha

resilient

ha

resilient

I forgot to add. While Windows is a virus hog, when ONE example of something comes out over the course of a year or more, Windows users jump all over it as if they were squeaky clean themselves.

I forgot to add. While Windows is a virus hog, when ONE example of something comes out over the course of a year or more, Windows users jump all over it as if they were squeaky clean themselves.

I forgot to add. While Windows is a virus hog, when ONE example of something comes out over the course of a year or more, Windows users jump all over it as if they were squeaky clean themselves.

@venc: Service of Denial?

@venc: Service of Denial?

@drhowarddrfine: Youre assuming that all people who write malware are weekend amateurs. You'd really be surprised.

@drhowarddrfine: Youre assuming that all people who write malware are weekend amateurs. You'd really be surprised.

@klumsy: LOL!

@klumsy: LOL!

Mac Botnets. Cause they just work!

Mac Botnets. Cause they just work!

@Lazarus: lol. yes.

@Mudkip x86: Tonda Gossa!! [オ マイ ポク!! See you all in Hawaii!]: What about when you buy legitimate hardware with viruses already on them?
Case in point:
[redtape.msnbc.com]

@wewillchange: Actually the only OS protected from trojans are Punch Card Input. Unless of course, youre pirating punch cards and get a bad set.

The majority of viruses are spread like this these days (although yes it is a trojan). Most come from people downloading pirated software or pirate movies/music that say they require special codecs to play.

However, if you are running up-to-date anti-virus/anti-malware software then it should pick up these viruses/trojans as they try to install themselves. Apple claiming that Macs don't need this type of software is just untrue, and will become more and more untrue as more people write trojans/viruses for Apple's increased market share.

timdickinson

@BrianB: denial is the first symptom of an addiction

mfusion

@Anomaly1: I use ClamXav. It's free and you can set which folders it monitors so it doesn't drag down the entire system. I only have it monitor my downloads folder and my web cache.

I also run a scheduled system scan once every week or so to be safe.

[www.clamxav.com]

EdgesRazor

@Anomaly1: I use ClamXav. It's free and you can set which folders it monitors so it doesn't drag down the entire system. I only have it monitor my downloads folder and my web cache.

I also run a scheduled system scan once every week or so to be safe.

[www.clamxav.com]

EdgesRazor

@Lazarus: Correction, live CD's with cloud storage for files and e-mail would be pretty hard to infect with a virus if you had no HDD installed.

XPC22393

@Lazarus: Correction, live CD's with cloud storage for files and e-mail would be pretty hard to infect with a virus if you had no HDD installed.

XPC22393

@BrianB: Not really denial but correction. He never said it wasn't malware.

jennieblue22

@jonny6pak: No, and I don't think that was AtwaterDeion's point. Rather, just a correction - it was malware, but not a virus per se because it was not automatic.

jennieblue22

@callrecall911: Or just stop pirating software. Remember that to install this one - the users actually had to download and install the "pirated" iWork software to get the trojan horse.

jennieblue22

@TurboTexas: Uh, no. Macs are still "virus free" because this technically wasn't a "virus" because it wasn't automatic. Now, if the commercial said Macs were "malware free" then that would be a different story...

jennieblue22

@Joseph Smrekar: It is "a", if not "the", primary way of spreading malware on PCs

jennieblue22

@klumsy: +1

jennieblue22

@IndigoHapiloons: You're not the first, and certainly not the only one. But some people still don't get it.

jennieblue22

@LuzioAetolus: Correction: Macs don't get VIRUSES but they do get stupid-user-installed malware - which technically no OS is safe from.

jennieblue22

@venc: NOT VIRUS! MALWARE! There is a huge difference!

@Lazarus: yep :) except in reverse

jennieblue22

@EdgesRazor: Second ClamXav. Would like to add that it's good enough for Apple to include a non-GUI version in Mac OS X server.

jennieblue22

@fosphen: fail. This was stupid pirating user error, not Mac error. Unless the sound was directed at the infected users, in which case, win!

jennieblue22

@Mudkip x86: Tonda Gossa!! [オ マイ ポク!! See you all in Hawaii!]: +1!

@Lazarus: That hasn't happened with a Mac (yet)

jennieblue22

@Andrew Mussey: Absolutely!

jennieblue22

@gerrrg: Not necessarily, especially if the Trojan horse slid past the AV software...

jennieblue22

Is it just me, or does anyone think of the word virus as a generic blanket term which is divided into different types (worms, trojans, spyware, etc.)? Maybe I'm just too used to talking with people who wouldn't know what a trojan is, but know that viruses are bad.

BurkDP

Is it just me, or does anyone think of the word virus as a generic blanket term which is divided into different types (worms, trojans, spyware, etc.)? Maybe I'm just too used to talking with people who wouldn't know what a trojan is, but know that viruses are bad.

BurkDP

@Richard Wang: Again, there are no viruses. There are trojans though, of which this is one of the handful. Nice try though.

madog

@callrecall911: There are no viruses. There are a handful of trojans, this is one of them. Not all that new.

madog

@stryker1800: true say... thats the only reason windows has so many... but the more ppl who have it, the more worthwhile it is to write malicious code...

urbanturban666

@jennieblue22: NO COKE! PEPSI!

madog

@JuniorAndTorrie: It's a good thing you're right because they don't. None exist for Mac at the moment. This is called a TROJAN. Say it with me now, T-R-O-J-A-N. Very good.

madog

@Anomaly1: Head Norton CEO's have said there is no point to making their software for Mac. As far as I know it's not even updated anymore, but uses pretty much the same virus definitions for Windows, as it only catches those kinds of bugs.

It's mostly nostalgia. Norton made a great app for the Mac 10 years ago for OS 9, and ever since the release of 10, has been an awful app. I would avoid it like a plague and chose something else if you really want one. Intego software built one for OS X from the ground up, and there are the others people have already mentioned.

madog

@BonnibelJuicy: correction, Linux is a unix based system, OS X is a flavor of unix.

One is not the other though you will find arguments either way.

And its not a virus, its a trojan. Its akin to saying heres the keys to my house to a person you KNOW is a thief posing as a repairman, and thinking nothing is going to be stolen when you come back.

People illegally downloaded cracked software, installed it on their machine using their administrator password, and expected nothing bad to happen. Virus protection or not, that was a STUPID move that the simple act of paying for your software legitimately could have rectified.

Jim Topoleski

@Justin B: Actually Safari was cracked in ONE DAY and a couple of seconds. The media did a good job (including the Gawker sites) of glossing over the fact that it was cracked on day 2 of the competition, and only after they loosened the requirements on all the systems in the competition.

Couple this with the coder who pulled it off pulling a all nighter to write the code based on what he knew the requirement changes would be the next day and you have a hacked browser.

In a real world situation, he probably would not have been as successful, and in fact prior to the second day, NONE of the browsers could be cracked.

Jim Topoleski

@Anomaly1: ClamXav is what you want. Its small, lightweight, and powerful. The only thing it doesnt do is repair files, it simply quarantines them to be deleted or repaired using another program later.

I use Intego Virusbarrier which is a paid app, but is pretty powerful and while not nearly as thin as ClamXav, is thin enough to not bog the system down horribly.

Norton is trash these days. Even on our district PCs we are thinking of dumping it for another platform because of how bad the overhead is on it, especially with Vista running.

Jim Topoleski

@BurkDP: No because a Virus is in it of its self, a term for a type of malicious software package that self replicates it's self on the system.

Malware is the general term, but people confuse that with crimeware, spyware, and root kits.

Jim Topoleski

@idogis1: this ISNT a virus, but your right, NO OS is virus proof.

But OS X and Unix/Linux OSs in general lead it to be very difficult to actually write viruses that can cause nearly as much damage as a PC virus can, due to the nature of the OS and how integrated parts of the OS are with each other.

Tojans are Trojans though. Like I said previously, its akin to handing keys to a thief and expecting nothing to be stolen. You could have the MOST secure OS in the world but if you open the door to it, shits going to happen.

Jim Topoleski

OMG it's totally a TROJAN not a VIRUS everybody. Because trojans are harmless, unlike a virus. Go Apple. Hey Apple, can I shine your shoes?

Natnie

of course any computer can get malware if it can download and run programs. still. macs seem to be better at avoiding viruses probably because of multi-kern os. and windows would be safer and faster if people actually used UserAccountControl, though I don't. still. no blame. I love macs. I also happen to use windows most often. but mac osx is much better for security and workflow. If only I had a mac again.

cathos

@jennieblue22: I do believe a virus needs user input, sometime, somewhere. Else how would you get infected?
That's not how the classification works.
A virus is malicious code able to replicate itself.

But then again, that's discussing semantics. Good job to any dimwit getting infected, even more so when there's only a handful of malware for Mac.

polobunny

@jennieblue22: I do believe a virus needs user input, sometime, somewhere. Else how would you get infected?
That's not how the classification works.
A virus is malicious code able to replicate itself.

But then again, that's discussing semantics. Good job to any dimwit getting infected, even more so when there's only a handful of malware for Mac.

polobunny

@jennieblue22: I do believe a virus needs user input, sometime, somewhere. Else how would you get infected?
That's not how the classification works.
A virus is malicious code able to replicate itself.

But then again, that's discussing semantics. Good job to any dimwit getting infected, even more so when there's only a handful of malware for Mac.

polobunny

@callrecall911: Like madog said, this isn't a virus. It's a trojan, and this is one of the few. And, the user had to download pirated software and enter their root password for the trojan to run. That's the only way Macs can get trojans--voluntarily entering the root password (in this case for the purpose of installing pirated software).

@callrecall911: Like madog said, this isn't a virus. It's a trojan, and this is one of the few. And, the user had to download pirated software and enter their root password for the trojan to run. That's the only way Macs can get trojans--voluntarily entering the root password (in this case for the purpose of installing pirated software).

Macs don't get viruses - people willingly agree to install software. If that software does things that the user doesn't like, that's something else. Moral is, only install trusted software from trusted sources. Ain't nobody going to be able to protect a fool from himself!

tipps

Macs don't get viruses - people willingly agree to install software. If that software does things that the user doesn't like, that's something else. Moral is, only install trusted software from trusted sources. Ain't nobody going to be able to protect a fool from himself!

tipps

@Lazarus: Interesting, I didn't even know that digital frames could be infected, too.

@Lazarus: Interesting, I didn't even know that digital frames could be infected, too.

@jennieblue22:
I'm sorry, I must not have quoted the commercial properly. It does mention malware. "PC viruses and malware have tripled in the past year. Some estimets put it 20 thousand new ones are discovered every day. You're lucky you don't have to deal with this stuff Mac." -

+ Watch video

cattrain

@madog:
You just repeated what he said.

koekielam

Am I really going to get a virus after purchasing the Adobe CS4 Master Suite? ...or going to the Apple store and purchasing a copy of iWork?

Nope. I guess not. Sweet. Then I have absolutely no fear of catching this "virus" since I purchase all of my software legitimately. Wow, Macs really are pretty sweet.

@Lazarus: Actually, there were a few iPods that had a Windows virus (RaveMoneE.exe) that were sold awhile ago. When a Windows users plugged the iPod into his computer, he or she would become infected (well, their computer would be). What's almost funny is that on Apple's website they state, "As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it."

In a situation where it was YOUR quality control (or lack thereof) that caused this situation, you should not use it as an opportunity to take a stab at your competition.

For those who don't believe me, the actual link to this on the Apple website is here: [www.apple.com]

almigi

All the erroneous responses from the PC users about how Macs are getting viruses too when this is NOT a virus shows that they are all just really stupid or a bunch of trolls. Probably both .

@IndigoHapiloons:

I don't think the difference is really significant. Just because the file isn't distributed in a particular manner doesn't matter.

And don't think for a second that when people criticize windows for having "viruses" that that doesn't include trojans, worms, and malware - or 90% of the user experience with what they would call a virus.

mherlihy

@madog: So in your expert opinion does a worm count as a virus?

[www.oreillynet.com]

The state of denial is worse then Jersey!

lvhotrain

Fot the love of all that is holy! Please take your heads out of the sand people! EVERY OS can get viruses. (yes, worms) There are documented cases for all of them. It's finally getting to the point where security though obscurity no longer applies because of market share. If I were to write a virus who am I going to target? PC's, which run all sorts of buisness and financial apps, or a MAC? I would only do the later if I wanted to steal people home movie edits.

[www.oreillynet.com]

lvhotrain

Fot the love of all that is holy! Please take your heads out of the sand people! EVERY OS can get viruses. (yes, worms) There are documented cases for all of them. It's finally getting to the point where security though obscurity no longer applies because of market share. If I were to write a virus who am I going to target? PC's, which run all sorts of buisness and financial apps, or a MAC? I would only do the later if I wanted to steal people home movie edits.

[www.oreillynet.com]

lvhotrain

ZOMG this is a trojan not a virus. Because it's not like most of the malware problems on PCs are trojans willingly installed by users.

OH WAIT A MINUTE users are idiots and willingly run all sorts of crapware. EG: XPAntivirus2008

johnsmith1234

People say oh this isn't a virus but I work on infected PCs every day. And not every one has a virus. The worst ones are clogged with malware not viruses. Also most people I have talked to go to macs because they are sick of getting infected or with problems with windows but the truth of the matter is they are too lazy to learn about security. Most people will install a program if it pops up saying it needs to install even if they don't know what it is. The problem will not go away on PCs or Macs until people are educated about how a computer works.

QasimCaffeina

Apple never did back down on their insistence that Mac is immune to viruses. Guess you just wanted your two cents out. Well done, I bow in your presence. Common sense my ass.

YasminZeiram

I want to point out that that your statement of virus written for a Mac having the potential of infecting other *nix OS's. While logically that would make sense seeing as they both are indeed derivations of the Unix kernel they are far too different to make a virus to "conquer" them all. The easiest way to explain this is by looking at each OS's file system/ structure. First in oder for a virus to have the ability to infect both a Mac and Linux it would need the ability to read/write multiple system formats (i.e. HFS+ and ext3). The second reason is the way each file system is setup, realize that the are similar however, a major difference between the two would be where each stores system files etc. Linux has the /etc and /bin where many of the different binaries need to perform system tasks are stored and Mac while has many of the same directories they are stored in different places and in a different order. If you need more clarification try to find the /home directory on a Mac. So after extensively proving my point this is not actually a "Unix" virus. (I don't mean to be a tool but I would like to prevent wanna fan boy types from getting their facts wrong. And I if it makes any one feel better the first documented virus was written for an apple computer.)

PaoloJalookhi

@BonnibelJuicy: Um... I just wanted to say that a virus that has been written for a mac will be unable to infect any other OS whether they inherit many of the same characteristics from the same parent just because everything is implemented differently in each OS. An easy example would be the way the file systems are set up on each. First you have the format that it's stored in NTFS, ext3, HFS+, etc. Secondly the way the file system is setup, Windows likes to have its C:\ drive and every other has /. As far as Linux and Mac go user dirs are stored in the /home dir while on a Mac it's /Users. (I don't mean to be a tool but I figured your statement needed clarification)

pilferingpanda

Yea, right, if it happens on a windows machine, it's all windows fault and not the fact it was downloaded. Face it, macs can get viruses just like windows.

MosesEpimetheus

@AtwaterDeion: A worm propagates itself; other forms of malware tend to need some kind of user input such as clicking on an exe or attachment.

ChibaCityCowboy

@IndigoHapiloons: So would you rahter have your computer taken over by a virus , a trojan or a worm?

ChibaCityCowboy

@tipps: I just want to correct you in saying Macs don't get viruses. They are in fact able to get infected, however, the likelihood of this happening is slim to none. The real reason they "don't" get viruses is there is no one to write one because at this point in time the mac market share is still to small to make viruses profitable for the people who write them.

pilferingpanda

@AtwaterDeion: Wait, does this mean we get to see one of those cool apple commercials with the mac and pc guy? I can just see it now. They come out and Mac and PC are talking about why PC is in a biohazard suite then all of a sudden PC takes out a remote control and starts treating the mac guy like a toy robot. Then the Mac guy goes "This is my new feature call iSocialize. We enable your computer to work with other computers even better" and the PC just stands there and wonders about a double standard.

DarqAnshin

@callrecall911: A mac botnet? That will be huge...

Lakshan

Alright, seriously everone...

For starters, I should point out I am a dedicated Mac user. I am posting this from my 2-year-old iMac. However, I do help people with computer problems on the side. For one woman, I set up her computer three or four years ago. I carefully set up antivirus, antispyware, and other preventative apps. I installed a free but functional 3rd party firewall. And I made sure she only uses Firefox for browsing and only uses web-based email. And she has NEVER had a malware problem.

That said, on my iMac I use whatever browser I'm in the mood for; I have 8 different ones installed (though I guess I should get rid of Netscape :p ). I use Apple's Mail.app for all my email checking-even Gmail, as I don't like web email interfaces (or ads). And while I admit that I did download an illegitimate iWork with this unfortunate TROJAN (not a virus), I spotted it quickly because it puts files in a system folder I regularly visit. This was my fault, I'll admit.

When Apple says Mac users don't have to worry about malware, it's because they don't. While Windows has-in the past more so than today-left gaping holes in the past for malware to install itself, on a Mac (since OS X) every install has to be user-approved. This approval may be implicit when dragging an app from a disk image to your HD, but it's still a deliberate choice by the user.

On the other hand, Windows users have to protect themselves from all the backdoor openings that allow malware to install itself. For example, on a Mac you're never going to get infected just from downloading email attachments in a desktop email client. In Windows, this can and does happen-which is why most commercial antivirus packages include email software in the list of major protection areas.

Heck, on a Mac, downloading the offending software doesn't do anything. You have to install it. On Windows just downloading it is dangerous.

Ryan Alexander Campfield

@fosphen: I could not have said it better myself.

@LJSeinfeld: Dear Mac Fanboi,
Please note that viruses are out there and they do exist. OSX/Leap-A, for example is an old virus/worm that was around for a bit. While you are right this is a trojan and not a virus, please be aware that the number of malware hits and attacks on Macs are raising every day. Please also note that if your a fan of Windows/Linux/Mac, no operating system protects against stupid and if you do something stupid you may just get something nasty.

Thank you,
-Tired of it all

DarqAnshin

@Joseph Smrekar: Downloading isn't piracy, though. A free cursor set will contain a virus, it's still a download.

@YasminZeiram: Yeah, common sense. That's all people needed, rather than a "I can't GET viruses, ho ho ho" mentality.

Having said that, OS X IS inherently more secure - if not infallible.

@[dvlabs.tippingpoint.com]">Pwn2Own 2009 Day 1 - Safari, Internet Explorer, and Firefox...

Your assertion that "In a real world situation, he probably would not have been as successful" only holds some merit. If you look at the rules and methods, the user goes to a link taking them to an infected site and the exploit goes from there. I'm not sure what kind of idealized world you live in, but that sounds like a plausible, real-world situation. Sure, smart users won't go to sites that are possibly infected nor surf online without protection, but not everyone with a computer and internet access is a smart user.

@Richard Wang: ... yet

@anwas.adienwc:
[www.cisco.com]

... because I seem to be getting the format for links wrong.

Malware definitions for those who are confused. And who think that viruses are worse than trojans.

@anwas.adienwc: odd, don't know why it did that...

what I really meant to post was:

@polobunny "I do believe a virus needs user input, sometime, somewhere. Else how would you get infected? " Check wikipedia, "A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner. "

GretaDafoe

That's what you get for stealing.

Justin Phelan

SecureMac has a very simple checker/removal tool for this trojan www.securemac.com

UdolfFeard

@Phoshi: Well, clearly it's fallible--otherwise it wouldn't have gotten infected..

:-D

masskonfuzion

@stryker1800: congrats, stryker. i believe you've written the only intelligent, non-fanboyish comment in this entire thread so far.

masskonfuzion

@Phoshi: Since we can't decide what to call these wares, let's just mash the words "Malware, Trojan and Virus" into one word: Maltrojirus.

Ok, now to Phoshi's point, you might make one trip to the wrong online shopping website and catch a maltrojirus. I've seen free icon/cursor sets with maltrojiri (plural form). I've seen free font packages with maltrojiri. Even packages as seemingly innocuous as clip-art can be riddled with maltrojiri.

You can get maltrojiri anywhere. The internet's not safe. Stay inside and wear your hard-hat.

masskonfuzion

@wewillchange: Sorry I meant to say /sarcasm

@masskonfuzion: k so i tink i get this maltroijiri cans you help me much thanks

@klumsy: Well played sir.

@ChibaCityCowboy: A cowboy.

@anwas.adienwc: hahaha "Are you new"
love that.

@LuzioAetolus: Macs are for geeks too. PCs are only for geeks if you wipe them and install Linux (or get it fresh from the manufacturer like this).

@madog: Ha ha! Good analogy... Do you think that the Apple marketing people and the news anchors are going to know / talk about the difference between virii, malware, worms or any other forms of generally malicious software? No. Apple like to give the impression that Macs are completely free of all of these.

But on a lighter note, it does carry another message - that most of the time malicious software is contracted through the dumbassness of the user, not some inherent flaw in the operating system.

kyokan

Oh snap! someone is quoting wikipedia as a source! :P

DonnaCachifa

well every Empire or company what have you that says I am not vulnerable to attacks or anything at all ends up shoot themselves in the foot one day

Jonathan Wilmore

thought you mac users were not vulnerable to viruses,Trojans,and spyware ,looks like the empire known as Apple is getting a taste of the pc world

Jonathan Wilmore