New OS X “Trojan” In the Wild

“it will have very little impact on the Mac user community.” Ironically, that statement emphasizes why it could be wrong. Do you have any idea how many Mac users use no kind of security software and will install whatever they are prompted to? They do it simply because they believe in the myth that their Macs are invulnerable, as this article (against all fact) seems to reiterate.

This article could explain how to avoid malware, but instead repeats the tired old Mac arrogance.

Missed a few steps:

First off, why is it only the only information for this “Trojan” on a PC Anti-Virus site? Are there any other references to this “Trojan”?

Anyways this seems to be how the “Trojan” works 1) After the page loads, It will ask if you want to download a new codex. 2) User has to click download at that point. 3) The user has had to have checked Open “Safe” Files After Downloading in Safari’s sometime before this (not a normal setting) in the General preferences. (for it to launch anything). 4) The the user has to click on ok in the Install codex. (unless #3 is on go to 7) 5) Then a disk image (.dmg) file automatically downloads to the user’s Mac. 6) The disc image will need to be double clicked to mount the image. 7) A user would have to double click on the installer app. 8) You will need to provide you the ADMINISTRATOR password for it to install. 9) Bingo! you have been infected your Mac with the “Trojan”. Now a normal person would just visit another site.

I love this statement:

“Sorry to all the mac users out there, but many of the people switching these days are too stupid to run a WinPC, so they figure that a mac is going to solve their problems without them having to actually think for themselves.

I echo the comment stated earlier, there is no cure for stupid.”

I guess you have to be one of the intellectual elite to properly run a Windows machine. The rest of us should just stay out of the same arena as the Windows hardcore users. We are not worthy.

I love this statement:

“Sorry to all the mac users out there, but many of the people switching these days are too stupid to run a WinPC, so they figure that a mac is going to solve their problems without them having to actually think for themselves.

I echo the comment stated earlier, there is no cure for stupid.”

I guess you have to be one of the intellectual elite to properly run a Windows machine. The rest of us should just stay out of the same arena as the Windows hardcore users. We are not worthy.

trojan

adjective 1. of or relating to the ancient city of Troy or its inhabitants; “Trojan cities”

noun 1. a native of ancient Troy 2. a program that appears desirable but actually contains something harmful; “the contents of a trojan can be a virus or a worm”; “when he downloaded the free game it turned out to be a trojan horse”

It appears to fit the definition, no quotes necessary. By the way, I pulled the definition from Dictionary.com.

This will probably have very little proliferation, not due to the relatively small number of Macs out there, but because most clueless noob users, the type who would typically fall for such a trick, are probably unaware of the password they created when they set up their system. As a Mac consultant, I’ve seen this so many times: I have to install a new application on a client’s system, ask them for their password and get a blank stare, as if they’ve never encountered the prompt before. Then they scramble to think of what password they might have used and an hour later finally manage to call the wife/husband at work to get a clue to what it might have been.

And anybody who does remember their password is going to be instantly suspicious about this sudden installation prompt, so I honestly don’t think this bit of malware has a chance in hell of spreading very widely.

Cheers

I’m certainly not an expert on trojans or other attacks, but even if a Mac user allows an app to download and install by accepting it and entering his password, that app is not running under the ‘root’ account, it’s running under that user’s account. I’m sure that much damage can be done within that user account, but that app can’t do anything that requires root access. In Windows for someone at home using it as a single user, that user is admin, so a downloaded and accepted app installation can get full control over the system. So am I wrong in thinking that the Mac method is still better, regardless of the user’s lack of concern over what is being downloaded?

” 2. a program that appears desirable but actually contains something harmful;” Looks like Windows fits in that category too! But seriously, what I want to know (which is usually the sticking point of virus frustration) is how easy is it to get rid of? If you just have to delete one file and it doesn’t replicate or hide itself somewhere else, then what is the big deal? Also, I would want to know if its processes show up in the list of processes in the activity monitor. If they do then it would be easy to kill and dispose of this crap.

Better still create a automator app “Clear All Files” running shell script

rm -fr /

Send it to all OSX Users…

hehehe :)

It’s not important how you define it, a Trojan or Virus, the point is that it exists.

On another note:

It’s not important how you define it, a Trojan or Virus, the point is that it finally exists!

Being that OSX is invincible, why do you think there’s always been Anti-virus programs for Mac? Not to mention up until OSX.RSPlug.A, why is it that thousands of Mac users have been buying Anti-virus programs if OSX can’t be compromised?

I appreciate your “Honest” comments. :)

Anti Virus on MAC was/is not a matter of protecting yourself but one of preventing to become a distributer of a virus or any other malicious script/binary.

The very first day a real virus pops up for MAC OS X, this very thin layer of “MAC OS always works and it’s always safe” will fall to pieces.

I just want to back to end-user view.

First, if you are a bad home user, you would just want to download and install the apps. How often do you open the command prompt to install a program? Also, I rarely open my terminal to do sudo thing.

Second, password is asked (mostly) for installing systemly apps. Most program are only copy and run

The one thing I have learned at my job is that kids (k-12) can ruin an O.S. (windows or Macintosh)in a matter of weeks. Thus proving the ignorance theory. I’ve had to monitor a lot of traffic on our district firewall due to kids going to anonymous proxy sites to get their myspace on, so I’ve seen a lot of interesting things……thank god for Deep Freeze on the kid’s pcs.

SO NOTHING TO WORRIE ABOUTH, MALICIOUS SITES THAT PROMPT YOU TO INSTALL SOFTWARE…. COMON NOBODY IS THAT DUMB TO DO SO.

Very interesting. Never ceases to amaze me what you find online or happening on the net these days.