OSX getting Malware?

DMGrier

DMGrier

VIP Member
So I was surfing the web and found this, seems pretty official considering it is on apple's website under support.

"A recent phishing scam has targeted Mac users by redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus. The user is then offered Mac Defender "anti-virus" software to solve the issue.

"This “anti-virus” software is malware (i.e. malicious software). Its ultimate goal is to get the user's credit card information which may be used for fraudulent purposes.

The most common names for this malware are MacDefender, MacProtector and MacSecurity.

Apple released a free software update (Security Update 2011-003) that will automatically find and remove Mac Defender malware and its known variants.

The Resolution section below also provides step-by-step instructions on how to avoid or manually remove this malware."

http://support.apple.com/kb/HT4650

Is this the begining to Apple starting to get attacked? I know in the article it says Apple released a fix for it but who says there can't be more written to attack the OS as it continues to grow in popularity.
 
Apple has increased it's market share enough to make it a worthwhile target for the people who make Malware.
 
DMGrier said:
...but most Apple users said they would never have this problem.
Click to expand...


Most people never think anything bad will happen to their computer. I've had people ask (or make fun of) why I do updates, run scan tools or take measures to prevent infection. They usually don't "Get It", or care. It is nearly always pointless to try and explain why the wife and I are so careful. Most people dont want to hear, or change what they do. A lot of times we get the "whatever" look/attitude from people.

I heard about that Apple problem, doesnt surprise me. It will only get worse, like a dam. It starts with a drip, then more finds its way through till.....
 
Last edited:
I knew this would happen but most Apple users denied the fact of it happening. Just a matter of time.
 
Yep, you will eventually see mac users complain that they are getting infected more and more often soon. The first mac infection came about a few weeks ago. The whole reason why they are becoming infected now is that more and more people are buying them instead of windows pc's. As they become more popular, you will see more and more users getting infected.
 
This is like a trojan horse. Any OS is susceptible to this. You can have all the security software in the world, but it’s all worthless if the malicious app can trick the user into disabling security to run it.

Apple’s OS has had trojan horses & malware before. For OS X, to my knowledge, ALL of them require admin privileges in order to work. It’s more a game of social engineering. I don’t see OS X getting as bad as Windows XP, mostly because OS X doesn’t grant anything & everything admin privileges by default. Windows 7 kinda fixed this, by asking if you’re sure you want to grant admin rights. ...For seemingly everything (it’s easy to fall in habit to automatically click yes). This is still much better than just automatically tossing around admin rights to anything. To do anything like key logging on mac, OS X requires that assistive services be enabled, which requires an admin password.

One of the reasons XP was so terrible with malware is because it [by default] granted admin rights to anything that requested it; this is committing security suicide. My grandpa used XP, and he was extremely prone to rounding-up tons of malware (even with a web security suite). As an attempt to keep-up, I set his user account to standard. Then-on, I was the only admin on his computer. This was highly effective in preventing malware from infecting his computer. It stopped 90% of it in its tracks, and the other 10% was easily removed using my account. My point here, is I setup the computer’s security policy to be more like OS X/Unix. As-in, in order for any big changes to be made to the system, it required approval. This security scheme would be worthless if I approved just anything (this is how the mac users got infected with mac defender). If I did, I might as well not have any security in the first place, and leave my front door open while I’m at it.
 
The Fake Security Programs make a ton on money for the Criminal element. These people are well organized, and have a more then capable IT department to attack any OS. Mac users will be a good target since they won't be expecting problems.
 
plutoniumman, so you are telling me that OSX is still more secure then Windows 7 cause instead of granting permission's from pushing "Allow" you have to type a password? I disagree, I use Linux sometimes in place of Windows which is set up in a similiar way and many Linux users as I am sure OSX user's being the same way if not worse since there are a larger percentage of end users also get in the habbit of just typing the password without paying attention.
 
I think he's trying to say there's a bigger emphasis on security on a unix based OS.
Yeah, i use both windows and linux, and in windows, security in my opinion, is never really presented as a significant issue. As long as you have a working anti-virus, and you click the okay button to allow access a couple times, that's pretty much it.
Where in linux, if i want to mount something, or move something, or delete it, and i don't have exclusive rights, which you rarely do, you have to do so as root. Granted, yea, you can just enter the password and be on your way, but i just feel like it's more of a concern in linux, you have to go out of your way to get something done, which is well good(depending on how you look at it). And a deleting of system32 scenario never really happens in linux, because when you try to do so, you have to actually type a message in acknowledging that your about to make a fatal error to your OS. That doesn't happen in windows. Oh, someone told me to delete the system32 folder to speed it up windows? Okay, *deletes* At least, that's my two cents.
 
I think you guys forget somehting, malware is directly aimed at end users! There is no difference between allow and typing a password other then time consuming. We know that if while surfing the web something pop's up and says computer has a virus, give software whatever permission and it will delete it to not give it permission. But to a end user this is not the case, it does not matter if you hit allow or type in a password, there end users and they will believe what the program says thinking it was a pre-installed program.

You can say Unix based OS stress security more with a typing of a password but Windows users know what is actually out there for the OS unlike all the OSX users who "typed passwords" and where affected by this thinking there OS security was impossible to break.
 
I’m not really saying that OS X or Unix is more secure because it requires typing a password vs just clicking allow. I’m saying it’s more secure because it doesn’t grant just anything admin rights like Windows used to, and that MS is doing something right by removing this ‘convenience’. Unfortunately many windows applications still require/expect admin rights when there’s no good reason for it. (Though windows apps are getting better about it). Constantly being pestered for admin rights is almost like the boy who cried wolf. This makes it too easy to just accept it without checking things over.

Usually when I’m using Linux the only time I need to enter a root password (or credentials of a permitted user) is usually only when I install something system wide, like graphics drivers, or if I make some system change (ie modifying system swap partition...). If you don’t want to enter root password for a given command, give that user permission to execute that command.

In OS X, I never need to grant admin rights to an application, unless the app is trying to change potential system settings, or modify other users’ files. Photoshop (because it’s system-wide) and applications that change the way the hardware function are the only apps that require admin rights (usually just when installing). A few apps ask for admin rights when installing, even though they don’t need it (because they attempt to install the app for all users, which involves modifying their files). But they can be manually extracted from the installer, and usually work just fine without installing as an admin. Any other app that asks for admin rights is probably up to no good, especially if you’re not expecting it (like mac defender).
 
Last edited:
plutoniumman said:
I’m not really saying that OS X or Unix is more secure because it requires typing a password vs just clicking allow. I’m saying it’s more secure because it doesn’t grant just anything admin rights like Windows used to, and that MS is doing something right by removing this ‘convenience’. Unfortunately many windows applications still require/expect admin rights when there’s no good reason for it. (Though windows apps are getting better about it). Constantly being pestered for admin rights is almost like the boy who cried wolf. This makes it too easy to just accept it without checking things over.

Usually when I’m using Linux the only time I need to enter a root password (or credentials of a permitted user) is usually only when I install something system wide, like graphics drivers, or if I make some system change (ie modifying system swap partition...). If you don’t want to enter root password for a given command, give that user permission to execute that command.

In OS X, I never need to grant admin rights to an application, unless the app is trying to change potential system settings, or modify other users’ files. Photoshop (because it’s system-wide) and applications that change the way the hardware function are the only apps that require admin rights (usually just when installing). A few apps ask for admin rights when installing, even though they don’t need it (because they attempt to install the app for all users, which involves modifying their files). But they can be manually extracted from the installer, and usually work just fine without installing as an admin. Any other app that asks for admin rights is probably up to no good, especially if you’re not expecting it (like mac defender).
Click to expand...

Why do you keep referencing a 10 year old OS for security concerns? This was fixed over 4 years ago and is kind of a moot point now.
 
Last edited:
I was refering a bit to the history of Windows’ security (including the latest versions). I completely forgot why... But it had something to do with how Windows pointlessly requires admin rights to install anything, which even Windows 7 does this. This is good for corporate environments where users shouldn’t be able to install anything without permission, but is a bit overkill in home environments, and will lead to the user to habitually granting admin rights. I agree Windows 7 has greatly improved over Windows XP and Vista. However the only time the OS should pester a user over admin rights is if the program attempts to change important system files, or if it attempts access assistive service features (which could potentially lead to key loggers). Any security stricter than this should be optional. This is pretty much how Apple has their OS setup, and people still managed to habitually grant admin rights.

Like I [kinda] said in my first post, you can have the latest greatest security policy & software in the world, but you can’t protect the user from him/herself.
 
You must log in or register to reply here.
Back
Top