Nasty Mac OS Trojan Making The Rounds

This post has 20 Replies | 4 Followers

Top 10 Contributor
Posts 25,883
Points 1,173,165
Joined: Sep 2007
ForumsAdministrator
News Posted: Tue, Jun 24 2008 9:08 AM

If you're running Mac OS X 10.4 or 10.5, there's a nasty Trojan horse out in wild that antivirus firm SecureMac has spotted being distributed from a hacker website. Taking advantage of a vulnerability of the Apple Remote Desktop agent, the Trojan does every sort of bad thing to your computer.

According to SecureMac, the Trojan runs hidden on a Mac and allows a malicious user complete remote access. The Trojan can transmit system and user passwords, and avoid detection by opening ports in the firewall and turning off system logging. The AppleScript version, SecureMac reported, can also log keystrokes, take pictures with the built-in Apple iSight camera, take screenshots, and turn on file sharing.

The Trojan requires the user to give it premission to install, but the bad guys have a big bag of tricks to get people to do that. The hacker website featured a discussion on how to distribute the virus to unwitting users through iChat and Limewire. Since Limewire is a P2P client, people pretty much use it with the express intent of downloading things, so the threat is very real. The exploit is considered a critical one, but still not very common. Be careful out there, people!




  • | Post Points: 125
Top 200 Contributor
Posts 412
Points 5,250
Joined: Apr 2007
Location: United States, Maryland
Lev_Astov replied on Tue, Jun 24 2008 9:12 AM
I'd really love to see MS do a reverse Mac vs. PC commercial right now.

><((((">Lev Astov

  • | Post Points: 20
Top 10 Contributor
Posts 5,053
Points 60,700
Joined: May 2008
Location: U.S.
Moderator
3vi1 replied on Tue, Jun 24 2008 10:19 AM
Because Windows somehow became completely immune to trojans that you explicitly allow to install?

What part of "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn" don't you understand?

++++++++++++[>++++>+++++++++>+++>+<<<<-]>+++.>++++++++++.-------------.+++.>---.>--.

  • | Post Points: 35
Top 200 Contributor
Posts 412
Points 5,250
Joined: Apr 2007
Location: United States, Maryland
Lev_Astov replied on Tue, Jun 24 2008 10:56 AM
Exactly.

No, those commercials just always irritated me; especially when they made it seem that Macs were so much safer.

><((((">Lev Astov

  • | Post Points: 5
Top 75 Contributor
Posts 1,792
Points 28,435
Joined: Feb 2008
Location: South Carolina
Yeah now their having a Big Mac Attack!!

 

 

 

 

  • | Post Points: 5
Top 25 Contributor
Posts 3,544
Points 54,480
Joined: Jul 2004
Location: United States, Massachusetts
ForumsAdministrator
MembershipAdministrator
Dave_HH replied on Tue, Jun 24 2008 1:56 PM
Agreed Lev but I personally really LIKE the Apple commercials because I think they are a perfect example of agressive marketing that the PC crowd hasn't pulled off so well. For so many years we've seen commercials of totally boring, trendy or hip people doing things with PCs. What Apple has done is actually call attention to itself by saying "we're different and here's why". And then they use Microsoft's own campaign messaging of compatibility etc against them.

I personally feel that if PC folks (and I'm one of them) don't like Apple commercials, then maybe some smart PC Marketing Weasel will wake up and smell the coffee and launch some innovative PC-based campaigns that fire back at Mac. Macs are pretty compelling products right now and though I think of myself as a PC guy, I sometime second guess that because the hardware is now up to par with a PC and hey, they execute on some semi-convincing marketing too!

Editor In Chief
http://hothardware.com


  • | Post Points: 5
Top 75 Contributor
Posts 2,048
Points 29,300
Joined: Aug 2004
Location: United States, Michigan
kid007 replied on Tue, Jun 24 2008 5:34 PM
it was not me! that all i have to say :). ok now seriously is about darn time some show mr. jobs that his OS IS NOT PERFECT!! i will love to see him explain that...

MacBook Pro 13.3" LED-Backlit Glossy, Intel "Penryn" Core 2 Duo T8700 - 2.53G, 8GB DDR3 1066, NVIDIA GForce 9400M 1280X800

HTPC 4G DDR3 XMS Corsair, Intel i5-750 Quad Core, 6ft HDMI Cable by Rosewill, AverMedia Tv Card, Gigabyte P55M-UD2,  Sapphire ATI Radeon HD 5770 with Vapor X Cooling, 500 HD Maxtor 7200 2.5 HDD, Asus Blu-Ray Optical Drive, 46" LED Toshiba TV

 

  • | Post Points: 35
Not Ranked
Posts 1
Points 5
Joined: Jun 2008
jakekub replied on Tue, Jun 24 2008 6:26 PM

Hey this is one of a very few Mac bugs. I have been using Mac and Windows for some time and Apple, hands down, is much more reliable than MS. OS X is certainly not perfect but I have to say from 9 years experience with OS X and over 15 years with Windows and Mac OS 9, OS X is a far superior OS, easily. But the downside with becoming more popular is you get more attention... sometimes negative attention.

  • | Post Points: 5
Top 50 Contributor
Posts 3,017
Points 43,210
Joined: May 2005
Location: United States, Virginia
Moderator

 I have never used a mac so I have to ask. How old is the 10.4 and 10.5 OS for the Macs? If it's an older version hady anyone uses anymore then there is nothing to really brag about. Of course if it's a newer version then I guess there is

  • | Post Points: 5
Top 50 Contributor
Posts 2,617
Points 32,625
Joined: Oct 2005
Location: Minnesota, United States
ice91785 replied on Tue, Jun 24 2008 9:45 PM
10.5 was released around the same time as Vista roughly and is currently the de facto OS of MAC

  • | Post Points: 5
Top 25 Contributor
Posts 3,466
Points 46,975
Joined: Nov 2005
Location: Metropolis
ForumsAdministrator
Moderator

Lev_Astov:
I'd really love to see MS do a reverse Mac vs. PC commercial right now.

"Hi, I'm a Mac, and I just found this LOVELY WOODEN HORSE outside my front door! I think I'll bring it inside before someone steals it!"

Yeah, something like that! lol. Mac payback.Geeked<-Billy G.

 SPAM-posters beware! ®

  • | Post Points: 5
Top 50 Contributor
Posts 2,904
Points 24,545
Joined: Jul 2001
Location: United States, New York
digitaldd replied on Wed, Jun 25 2008 7:30 AM

The exploit which utilizes the ARDAgent [Apple Remote Desktop Agent] is really bad because it allows stuff like shell commands to run without notifying the user as it utilizes the setuid bit which is owned by root and allows all its child processes to run as root.

  • | Post Points: 20
replied on Thu, Jun 26 2008 4:57 AM
I cant stand the mac comercials Im suprised you do Davo. Not that they are not funny but what I cant stand is knowing people will believe that BS.
  • | Post Points: 50
Top 150 Contributor
Posts 636
Points 9,140
Joined: May 2008
Location: Worcester, MA
SqUiD267 replied on Thu, Jun 26 2008 7:12 AM

Take that trojan and eat it Mac. I'd agree with with the 2nd poster i wanna see a reverse Mac vs Pc commercial.

AMD Athlon X2 5000+ (Thanks to HH)

DFI Lanparty DK 790 FX

EVGA 8800 GT 512 mb

2 GB of G.Skill RAM

  • | Post Points: 5
Top 75 Contributor
Posts 1,677
Points 24,005
Joined: Aug 2002
Location: Pittsburgh, Pennsylvania

I like the Apple commercials that make fun of Windows Vista.  Because it's so true.

Hello

  • | Post Points: 35
Top 50 Contributor
Posts 3,017
Points 43,210
Joined: May 2005
Location: United States, Virginia
Moderator

 I agree that they are humerous. Anything to get MS fired up imo is a good thing!

  • | Post Points: 5
Top 50 Contributor
Posts 2,617
Points 32,625
Joined: Oct 2005
Location: Minnesota, United States
ice91785 replied on Sat, Jun 28 2008 11:41 AM

digitaldd:
The exploit which utilizes the ARDAgent [Apple Remote Desktop Agent] is really bad because it allows stuff like shell commands to run without notifying the user as it utilizes the setuid bit which is owned by root and allows all its child processes to run as root.

Pfft...any idiot knows that Wink Haha, digital you sound like you may be a Unix/Linux buff hm?

  • | Post Points: 20
Not Ranked
Posts 1
Points 5
Joined: Mar 2008
Location: Atlanta, GA

FlyinBrian:
I cant stand the mac comercials Im suprised you do Davo. Not that they are not funny but what I cant stand is knowing people will believe that BS.
 

The thing with commercials and any advertising is that when you're not the market leader you typically target whoever is the market leader and (attempt to) make well played exaggerations.  Most "underdog" companies with a good advertising firm will do this (in turn, the market leader always ignores competitors in advertising, but that's besides the point).

The Mac commercials are obviously an exaggeration.  Taking them at face value doesn't work.  The face value of them really is BS (I'm a Mac user and I think so too).  At the same time, though, you get through the marketing and you see they are typically built on top of some real underlying truths or experiences, especially such that they appeal to the iPod-carrying J6P who HAS had issues with Windows, and maybe its entire platform.  Put simply, PC fans calling BS on the commercials are missing the bigger picture.  For example, from one of the commercials last year, they quoted Windows as having over 114,000 viruses.  We all know this is misleading crap because it's basically counting everything written since the beginning of time, which means we can exclude anything you're not going to find in the wild now.  Not to mention multiple variants in one family of viruses which you can also exclude.  However, the underlying point is that, as it is today, Windows still DOES have more viruses than Mac OS X does.  "114,000 viruses" is just a buzz phrase to catch attention -- to say anything else would be worthless and go unnoticed because it wouldn't attract attention.  Not attracting attention is bad advertising.  But anyway, I really doubt that most people believe the literal message of these commercials.  At least anyone who isn't retarded should know better cause this is how advertising works.

 

On topic, I do find it funny how people get all "Take that, Apple!" on news reports like these, because this happens so infrequently on Apple's platform and isn't really a big deal, but on the Windows side of things this wouldn't be a big announcement and would just be business as usual since it's not uncommon here.  Oh well, similar stuff happens on Mac news sites too Wink  It's surprising how similar the two fanbases really can be.  Plus what's up with trojans?  That's all we get on this side of the fence.  A social engineering experiment -- not anything that exploits a hole in the OS, just a hole in the user's head. Big Smile

 

  • | Post Points: 5
Top 25 Contributor
Posts 3,544
Points 54,480
Joined: Jul 2004
Location: United States, Massachusetts
ForumsAdministrator
MembershipAdministrator
Dave_HH replied on Sun, Jun 29 2008 8:42 PM
Heya FlyinB, I personally think Macs make for pretty solid products right now. Not that I'm going to run out and buy one tomorrow but these days they offer some pretty solid product. And again, not that I agree with everything that's said in these commmercials, not by a long shot, but they're good commercials and the PC ecosystem should be thinking of ways to reach out to the mainstream crowd like Mac is as well.

Editor In Chief
http://hothardware.com


  • | Post Points: 5
Top 50 Contributor
Posts 2,904
Points 24,545
Joined: Jul 2001
Location: United States, New York
digitaldd replied on Sat, Jul 5 2008 12:00 PM

ice91785:

digitaldd:
The exploit which utilizes the ARDAgent [Apple Remote Desktop Agent] is really bad because it allows stuff like shell commands to run without notifying the user as it utilizes the setuid bit which is owned by root and allows all its child processes to run as root.

Pfft...any idiot knows that Wink Haha, digital you sound like you may be a Unix/Linux buff hm?

Sort of. Been working in tech support for a long time and have to support a lot of different OSes many of them unix based.

  • | Post Points: 5
Not Ranked
Posts 21
Points 180
Joined: Aug 2008

really? because macs are safer? and PCs are only good for spreadsheets?

 

you're right. it seems like any media program doesn't function on vista for me...because its so true...

 

  • | Post Points: 5
Page 1 of 1 (21 items) | RSS