Apple Macs hit by scareware attacks
 

So, all of this time it's just been their small size limiting virus attacks?

I guess that virus writers don't notice market cap size.

yep, many knew that.
But it sounds like this is like something many people fall for. They see a warning and react without thinking.

I think the "evil doers" get more profit by attacking aol and yahoo as they did last month. They get into your contacts list on yahoo mail and send emails to everyone with a link to some item to buy.

Please respect FT.com's ts&cs and copyright policy which allow you to: share links; copy content for personal use; & redistribute limited extracts. Email ftsales.support@ft.com to buy additional rights or use this link to reference the article - FT.com / Technology - Apple Macs hit by scareware attacks


The cybercrime world has largely ignored Macs because their market share of less than 10 per cent has made mass attacks less valuable.

But as Apple’s Mac shipments surge this is changing. Buyers are likely to be targeted, forcing Apple to rethink its security or lose one of its key selling points.

Users were tricked into authorizing the install -- pretty difficult for any OS to protect against. A fairer test would be whether simply viewing a web page or email can infect the system, which is not the case here. Macs, like PCs have always been vulnerable to infection by authorized installation of infected software.

I just got whacked by a malware posing as a Windows fix program that was attched to a Google image. I ddn't fall for the purchase but the darn thing screwed me up for awhile. RKill and TDSS fixed it up fairly well.

That was the case with the earlier incarnation of this exploit. Things change quickly.
New Mac scareware variant installs without password - The Register

Yes, the new version circumvents password requirements but the user must still "consent" to the install:

New MacGuard malware variant gets slightly easier to install - Apple

The removal is a *****, too.

That whole "drag it to the trash" thing.

That's not a virus. It does not infect, replicate and spread on it's own.

It's not a flaw of the OS at all. It's an end user issue, social engineering.

And I still don't buy the market share BS.

Every time we discuss this I ask the same question and no one has ever been able to answer it.

Before OS X Macs regularly got viruses. At a time when Apples market share was a drop in the bucket compared to the last 5 years. Where did all those guys go? Why did they stop attacking Macs?

Is there a big virus problem with UNIX? That might be a clue.

Yep, it tried today- I was on opensecrets.org of all things IIRC.

The screen went grey and it had a warning that I had trojans and wanted to me to install to start scanning.

Just x'd out of it and it was fine.

scareware = stupidware

If you look at the truly big virus incidents, NIMDA, Melissa, CODE RED and Slammer they were aimed at disrupting business, as many malicious programs are. The last place you're going to find business, is on Macs. It's not like you're going to get "hacker famous" for crashing a Mac network.

If you wanted to you could attack OSx very easily. The surface area is very large being a BSD flavor. But what would be the point? It's not like taking down banks or gov' agencies, that's what most of the big attacks are written for.

Yep, nothing to do with market share. That's BS. I haven't had a virus issue for 10+ years on my Macs and I do NOTHING to protect them, aside from not being an idiot (I like to think). Supposedly the UNIX under layer is doing most of the work protecting us.

I don't buy this, either. Some of the really large, high profile shops are mac-based. They would be a lovely target.

Security by obscurity works...for awhile.

So you can't answer my question, why were Macs attacked regularly before OS X when the market share and use in business environments was considerably smaller than post OS X?

What happened to all those people who were motivated to attack a smaller target?

Cause that's the position you are supporting, Apple are too small to bother with. But somehow when they were smaller they were worth it.

The argument is self defeating.

Answer with fact, not opinion.

I once went to a Mac shop with a thumb drive to get some work done when I was on the road, downloaded my artwork and uploaded a billable word doc. Got a virus alert as soon as I plugged it in, little douche laughed at me.

He needed dental work afterwards.....I have no pity on hearing about the new Mac viruses. Likely the first virus was from a Mac user.....sanctimonious little twits. it's about time.

I think that the Mac people have upped the anti just enough that it isn't worth it. Prior to OSX, the bar was really low. Now it is just high enough that the (easily repeatable due to market share) attacks on Windows are much more attractive.

As an aside, are there any zOS viruses?

Opinion, not fact.

Here's a fact, Windows market share is shrinking in the face of .nix systems.

Here's a fact, .nix systems share enough DNA where an app written for say Linux has a pretty good shot of running "out of the box" by simply compiling on the target system. So one can reasonably lump all .nix's into the same group. What you end up with is market share that includes not only OS X but Linux and Unix as well. OS X runs the same Apache, PERl, Ruby distributions as the rest of the .nix family.

Here's a fact, Windows allows you to create an Admin that becomes part of the Admin group/root user, so when you compromise any Admin user you compromise the system/root.

.nix OS's separate Root and Admin users. If any user including Admin are compromised it does not affect the root/system user.

Just as many OSx viruses as there ever was, here are the threats forward from 2006:

2006-2011 are about the same...

A - Z list of all Threats and Risks - Symantec Corp.

uh oh. Geek fight.

rjp

Seriously, you're in the business IIRC and your going to put up that list without even looking at it?

Symantec include proof of concept and lab stuff. Those are not in the wild. I love that Apple Remote Access is listed:rolleyes:

You do know the biggest security threat to OS X to date was a back door created by Symantec anti virus? The irony, a product designed to protect an OS ends up being the biggest security hole to date?

Oh yeah, and Symantic published the list, no conflict there.

All facts.

The Mac OS X Virus Contest, A Year Later
An Open Challenge To The Technology Media

My name is Jack Campbell, until September, CEO of a manufacturing company producing Apple Computer related products.

Just over one-year ago, my company, DVForge, announced a $25,000 prize for the first virus developer who could infect two Powermac G5 computers located in our office, both with plain-Jane installations of OS X, by propagating that new virus over the internet. In the onslaught of correspondence that quickly then began streaming into our office we found enough wisdom to convince us to cancel that contest, due almost completely to potential risks to legal liabilities. But, the flare was shot into the sky, and the challenge received a huge degree of worldwide press attention, in both Apple press and mainstream press outlets. Presumedly, any virus coders who had not previously eyed the Apple platform would have seen some of this press exposure, and would have been enticed by the challenge, regardless of the retraction of the cash prize.

Well, more than a year has passed. And, surprisingly (or not, to some of us), there is still not one self-replicating virus in the wild that attacks the Mac OS X operating system. That's right, folks... not one. Not the first. Ever. Never. Zero.

http://technicallytrue.blogspot.com/2006/05/mac-os-x-virus-contest-year-lateran.html

Ubuntu...free...no handcuffs...do it.

Love Ubuntu. I have 9 PC's running in my house. 2 Win XP, 3 OS X, 1 OS X server, 1 SUSE server, 2 Ubuntu.

Oh by the way, Ubuntu locks Root by default. As in if you install it you never get Root access, it's all SU, they do that for security, at least with OS X you can enable Root if you really need it.

EDIT: 3 Win XP, forgot one. And a couple Android tabs but they are Linux so.....