+ Reply to Thread
Page 1 of 2 1 2 LastLast
Results 1 to 20 of 29
  1. #1
    Indispensable Member surreal's Avatar
    Join Date
    Oct 2001
    Location
    CA
    Posts
    31,977

    Over half a million MACs infected and growing

    "Sometimes life is just what we make it."

  2. #2
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    34,953
    Blog Entries
    62
    As of right now some are questioning how this security firm is coming up with this number (espically being from Russia!)

    Either way make sure you get those boxes patched, its only gonna get worse from here as OSX becomes more popular! Also this is another reason why I tell people to run little snitch when they have osx!

    If it doesn't get a valid administrator password, it attempts to use a different infection technique, but checks for Microsoft Word and Skype first and deletes itself if they are present, as it is known that this alternative infection method causes those applications to crash.
    I wonder how successful the other infection technique is if the user doesn't put in the administrator password.

  3. #3
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    34,953
    Blog Entries
    62
    Apple Releases Second Update to Java in Two Days - Mac Rumors

    While yesterday's Java for OS X Lion 2012-001 update closed the vulnerability in Java 1.6.0_29, there's no indication what the new update -- called Java for OS X 2012-002 -- fixes. The update notes link to the same support document as update 2012-001.

    Last year, Apple introduced a security update to OS X that would automatically remove malicious software from OS X installations. It isn't clear if the infected machines can be fixed via the internal OS X security mechanisms.

  4. #4
    Indispensable Member surreal's Avatar
    Join Date
    Oct 2001
    Location
    CA
    Posts
    31,977
    You're using Lion aren't you?
    "Sometimes life is just what we make it."

  5. #5
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    34,953
    Blog Entries
    62
    Actually surreal my mac died about 6 months ago. I was waiting till this summer when the new Air Books and OS come out

  6. #6
    Indispensable Member surreal's Avatar
    Join Date
    Oct 2001
    Location
    CA
    Posts
    31,977
    Bummer GZ..
    The malware was initially found in September 2011 masquerading as a fake Adobe Flash Player plug-in installer, but in the past few months it has evolved to exploiting Java vulnerabilities to target Mac systems.
    I don't think it needed your password.
    "Sometimes life is just what we make it."

  7. #7
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    34,953
    Blog Entries
    62
    My understanding is it will prompt the user to enter the administrator password. If the user does not then it will look for another way to infect the machine, which im still trying to figure out how successful it is at doing it.

  8. #8
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    34,953
    Blog Entries
    62

  9. #9
    Indispensable Member surreal's Avatar
    Join Date
    Oct 2001
    Location
    CA
    Posts
    31,977
    Doh! I posted the news and the patch but not how to check your machine. Thanks for posting that part GZ
    "Sometimes life is just what we make it."

  10. #10
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    34,953
    Blog Entries
    62
    Ive been watching other forums in regards to this infection and it amazes me how many mac users (espically long time users) dont know how to use the terminal.

    Supposedly Dr. Web got his number by sinkholing which is a new term to me. This article explains what it is:

    Kaspersky Lab, which collaborated with Microsoft on the takedown, says 3,000 infected hosts are connecting to its sinkhole every minute. Kaspersky reverse-engineered the bot malware, cracked the botnet’s communication protocol, and then developed tools to attack its peer-to-peer infrastructure, explains Kaspersky Lab expert Tillmann Werner in a blog post. That allowed Kaspersky to create a situation in which the bots are "talking to our machine, and to our machine only. Experts call such an action sinkholing—bots communicate with a sinkhole instead of its real controllers.
    Sinkhole contains botnet neutralized by Microsoft and Kaspersky

    So I assume that if he used this technique, technically he has control over those 600,000+ machines?

  11. #11
    THE Gimp Clown Fish! nemowolf's Avatar
    Join Date
    Jun 2007
    Location
    Bay Area
    Posts
    4,935
    Quote Originally Posted by GroundZero3 View Post
    Ive been watching other forums in regards to this infection and it amazes me how many mac users (espically long time users) dont know how to use the terminal.

    Supposedly Dr. Web got his number by sinkholing which is a new term to me. This article explains what it is:



    Sinkhole contains botnet neutralized by Microsoft and Kaspersky

    So I assume that if he used this technique, technically he has control over those 600,000+ machines?
    Not exactly control, they probably lack the knowledge of how the software uses commands to make them do anything, They only routed the communication protocols so they feed communication to their sinkhole.

    TechIMO Folding@home Team #111 - Crunching for the cure!

  12. #12
    Indispensable Member surreal's Avatar
    Join Date
    Oct 2001
    Location
    CA
    Posts
    31,977
    OK, what's a sinkhole?
    "Sometimes life is just what we make it."

  13. #13
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    34,953
    Blog Entries
    62
    Quote Originally Posted by GroundZero3 View Post
    Ive been watching other forums in regards to this infection and it amazes me how many mac users (espically long time users) dont know how to use the terminal.

    Supposedly Dr. Web got his number by sinkholing which is a new term to me. This article explains what it is:



    Sinkhole contains botnet neutralized by Microsoft and Kaspersky

    So I assume that if he used this technique, technically he has control over those 600,000+ machines?
    Here you go surreal

  14. #14
    Indispensable Member surreal's Avatar
    Join Date
    Oct 2001
    Location
    CA
    Posts
    31,977
    Duh! that worked

    Actually that's kinda interesting...
    "Sometimes life is just what we make it."

  15. #15
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    34,953
    Blog Entries
    62

  16. #16
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    34,953
    Blog Entries
    62
    Official Apple KB

    About Flashback malware

  17. #17
    Indispensable Member surreal's Avatar
    Join Date
    Oct 2001
    Location
    CA
    Posts
    31,977
    Now why doesn't that surprise me?
    Quote Originally Posted by GroundZero3 View Post
    Official Apple KB

    About Flashback malware
    Interesting- I had no notice of needing a software update, but ran it anyway and got a "software update" however it never disclosed what software was being updated. Typical Apple sauce.

    (I had already updated java and applied the patch)
    "Sometimes life is just what we make it."

  18. #18
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    34,953
    Blog Entries
    62
    Surreal OSX updater checks weekly for the update, so im sure if you waited it would of picked up the updates the next time it scanned.

  19. #19
    Banned
    Join Date
    Feb 2009
    Location
    KFNL FS2004
    Posts
    11,886
    Blog Entries
    1
    And here I thought Macs weren't susceptible to malware.

  20. #20
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    34,953
    Blog Entries
    62
    It was bound to happen, however its important to remember this infection came from java being broken once again. Of course Apple dragged ass on pushing out a fix

Quick Reply Quick Reply

If you are already a member, please login above.

What is 10 and 5 added together?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Top U.S. Incomes Grew From $91 Million/yr to 519 Million/yr
    By MTAtech in forum DebateIMO: Politics, Religion, Controversy
    Replies: 18
    Last Post: November 3rd, 2010, 03:30 PM
  2. What can you do with $200 Million that you cant do with $100 Million?
    By no1_vern in forum DebateIMO: Politics, Religion, Controversy
    Replies: 3
    Last Post: June 5th, 2010, 09:47 AM
  3. Web site posts what it says are half million text messages from 9/11
    By pickel in forum DebateIMO: Politics, Religion, Controversy
    Replies: 15
    Last Post: December 2nd, 2009, 02:28 AM
  4. Half-Man Half-Goat Discovered In Zimbabwe
    By Dude111 in forum IMO Community
    Replies: 10
    Last Post: October 23rd, 2009, 01:40 PM
  5. what do macs use?
    By EpyonMelee in forum General Tech Discussion
    Replies: 31
    Last Post: May 10th, 2004, 05:36 PM

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Copyright 2014 All Enthusiast, Inc