Apple Macs hit by scareware attacks

[island911]

Quote:

One of the most pervasive and costly types of virus is now affecting Mac computers, signalling the end of an age of innocence for Apple customers, ...more at FT Times

So, all of this time it's just been their small size limiting virus attacks?

I guess that virus writers don't notice market cap size.

[stevepaa]

yep, many knew that.
But it sounds like this is like something many people fall for. They see a warning and react without thinking.

I think the "evil doers" get more profit by attacking aol and yahoo as they did last month. They get into your contacts list on yahoo mail and send emails to everyone with a link to some item to buy.

[GH85Carrera]

Please respect FT.com's ts&cs and copyright policy which allow you to: share links; copy content for personal use; & redistribute limited extracts. Email ftsales.support@ft.com to buy additional rights or use this link to reference the article - FT.com / Technology - Apple Macs hit by scareware attacks


The cybercrime world has largely ignored Macs because their market share of less than 10 per cent has made mass attacks less valuable.

But as Apple’s Mac shipments surge this is changing. Buyers are likely to be targeted, forcing Apple to rethink its security or lose one of its key selling points.

[MrScott]

Users were tricked into authorizing the install -- pretty difficult for any OS to protect against. A fairer test would be whether simply viewing a web page or email can infect the system, which is not the case here. Macs, like PCs have always been vulnerable to infection by authorized installation of infected software.

[flatbutt]

I just got whacked by a malware posing as a Windows fix program that was attched to a Google image. I ddn't fall for the purchase but the darn thing screwed me up for awhile. RKill and TDSS fixed it up fairly well.

[Paul_Heery]

Quote:

Originally Posted by MrScott

Users were tricked into authorizing the install -- pretty difficult for any OS to protect against. A fairer test would be whether simply viewing a web page or email can infect the system, which is not the case here. Macs, like PCs have always been vulnerable to infection by authorized installation of infected software.

That was the case with the earlier incarnation of this exploit. Things change quickly.
New Mac scareware variant installs without password - The Register

[MrScott]

Yes, the new version circumvents password requirements but the user must still "consent" to the install:

New MacGuard malware variant gets slightly easier to install - Apple

[jeffgrant]

The removal is a *****, too.

That whole "drag it to the trash" thing.

[stomachmonkey]

That's not a virus. It does not infect, replicate and spread on it's own.

It's not a flaw of the OS at all. It's an end user issue, social engineering.

And I still don't buy the market share BS.

Every time we discuss this I ask the same question and no one has ever been able to answer it.

Before OS X Macs regularly got viruses. At a time when Apples market share was a drop in the bucket compared to the last 5 years. Where did all those guys go? Why did they stop attacking Macs?

[jyl]

Is there a big virus problem with UNIX? That might be a clue.

[RANDY P]

Yep, it tried today- I was on opensecrets.org of all things IIRC.

The screen went grey and it had a warning that I had trojans and wanted to me to install to start scanning.

Just x'd out of it and it was fine.

[jyl]

scareware = stupidware

[Scott R]

Quote:

Originally Posted by stomachmonkey

That's not a virus. It does not infect, replicate and spread on it's own.

It's not a flaw of the OS at all. It's an end user issue, social engineering.

And I still don't buy the market share BS.

Every time we discuss this I ask the same question and no one has ever been able to answer it.

Before OS X Macs regularly got viruses. At a time when Apples market share was a drop in the bucket compared to the last 5 years. Where did all those guys go? Why did they stop attacking Macs?

If you look at the truly big virus incidents, NIMDA, Melissa, CODE RED and Slammer they were aimed at disrupting business, as many malicious programs are. The last place you're going to find business, is on Macs. It's not like you're going to get "hacker famous" for crashing a Mac network.

If you wanted to you could attack OSx very easily. The surface area is very large being a BSD flavor. But what would be the point? It's not like taking down banks or gov' agencies, that's what most of the big attacks are written for.

[motion]

Quote:

Originally Posted by stomachmonkey

That's not a virus. It does not infect, replicate and spread on it's own.

It's not a flaw of the OS at all. It's an end user issue, social engineering.

And I still don't buy the market share BS.

Every time we discuss this I ask the same question and no one has ever been able to answer it.

Before OS X Macs regularly got viruses. At a time when Apples market share was a drop in the bucket compared to the last 5 years. Where did all those guys go? Why did they stop attacking Macs?

Yep, nothing to do with market share. That's BS. I haven't had a virus issue for 10+ years on my Macs and I do NOTHING to protect them, aside from not being an idiot (I like to think). Supposedly the UNIX under layer is doing most of the work protecting us.

[motion]

Quote:

Originally Posted by Scott R

If you look at the truly big virus incidents, NIMDA, Melissa, CODE RED and Slammer they were aimed at disrupting business, as many malicious programs are. The last place you're going to find business, is on Macs. It's not like you're going to get "hacker famous" for crashing a Mac network.

If you wanted to you could attack OSx very easily. The surface area is very large being a BSD flavor. But what would be the point? It's not like taking down banks or gov' agencies, that's what most of the big attacks are written for.

I don't buy this, either. Some of the really large, high profile shops are mac-based. They would be a lovely target.

[legion]

Security by obscurity works...for awhile.

[stomachmonkey]

Quote:

Originally Posted by Scott R

If you look at the truly big virus incidents, NIMDA, Melissa, CODE RED and Slammer they were aimed at disrupting business, as many malicious programs are. The last place you're going to find business, is on Macs. It's not like you're going to get "hacker famous" for crashing a Mac network.

If you wanted to you could attack OSx very easily. The surface area is very large being a BSD flavor. But what would be the point? It's not like taking down banks or gov' agencies, that's what most of the big attacks are written for.

So you can't answer my question, why were Macs attacked regularly before OS X when the market share and use in business environments was considerably smaller than post OS X?

What happened to all those people who were motivated to attack a smaller target?

Cause that's the position you are supporting, Apple are too small to bother with. But somehow when they were smaller they were worth it.

The argument is self defeating.

Answer with fact, not opinion.

[Joe Bob]

I once went to a Mac shop with a thumb drive to get some work done when I was on the road, downloaded my artwork and uploaded a billable word doc. Got a virus alert as soon as I plugged it in, little douche laughed at me.

He needed dental work afterwards.....I have no pity on hearing about the new Mac viruses. Likely the first virus was from a Mac user.....sanctimonious little twits. it's about time.

[legion]

I think that the Mac people have upped the anti just enough that it isn't worth it. Prior to OSX, the bar was really low. Now it is just high enough that the (easily repeatable due to market share) attacks on Windows are much more attractive.

As an aside, are there any zOS viruses?

[stomachmonkey]

Quote:

Originally Posted by legion

I think that the Mac people have upped the anti just enough that it isn't worth it. Prior to OSX, the bar was really low. Now it is just high enough that the (easily repeatable due to market share) attacks on Windows are much more attractive.

As an aside, are there any zOS viruses?

Opinion, not fact.

Here's a fact, Windows market share is shrinking in the face of .nix systems.

Here's a fact, .nix systems share enough DNA where an app written for say Linux has a pretty good shot of running "out of the box" by simply compiling on the target system. So one can reasonably lump all .nix's into the same group. What you end up with is market share that includes not only OS X but Linux and Unix as well. OS X runs the same Apache, PERl, Ruby distributions as the rest of the .nix family.

Here's a fact, Windows allows you to create an Admin that becomes part of the Admin group/root user, so when you compromise any Admin user you compromise the system/root.

.nix OS's separate Root and Admin users. If any user including Admin are compromised it does not affect the root/system user.