34 Comments

Summary:

Security scares seem to be coming up all too frequently for Mac users these days. First, there was the devastatingly fast hacking of a Mac thanks to a Safari exploit at PWN2OWN, and now the first-known botnet to exploit OS X appears to have been activated, […]

badbotnetSecurity scares seem to be coming up all too frequently for Mac users these days. First, there was the devastatingly fast hacking of a Mac thanks to a Safari exploit at PWN2OWN, and now the first-known botnet to exploit OS X appears to have been activated, according to two security researchers at Symantec. If true, it means the sense of security and superiority that so many Mac users maintain over their PC-using counterparts might be coming to an end.

The botnet is a result of users having downloaded and installed pirated copies of iWork ’09 way back around the time of its initial release. Accompanying those pirated versions was a trojan called iServices, a variant of which was also packaged with a pirated copy of Adobe Photoshop CS4. iServices remained dormant until just recently, when it was implicated in at least one Denial of Service (DoS) attack. Though the install base of the trojan is at present not large enough to pose a major threat, the researchers warn that this is likely only the beginning.

Symantec researchers suspect that software piracy will only trend upwards as the economic crisis continues, which is a very good thing for opportunistic hackers. The easiest way for them to distribute their malicious code is via pirated programs, since they aren’t QA’d or regulated in any real, consistent way. And if Macs continue to increase their presence, hackers will begin more and more to target OS X users, because it makes financial sense from their standpoint to do so.

In response to the report, network security firm McAfee, another anti-virus maker, spoke up. They claim that there’s nothing new about the iServices trojan that wasn’t already apparent and active in January, and that it represents only a low level of risk now, just as it did then. In other words, they think Symantec is blowing things out of proportion. Not that they’re saying you should just relax and pretend nothing’s wrong. Far from it.

Instead, the solution offered by both the Symantec team and McAfee is the one you’d likely suspect: install anti-virus software in order to protect your computer. And it may be the best solution, although after years of running both Windows and Mac machines without any virus protection that wasn’t built into them, and with no major issues to report at this time, I’d say that safe and intelligent browsing (i.e., don’t download risky pirated files) is still your best bet for avoiding these kinds of attacks, Mac or not.

You’re subscribed! If you like, you can update your settings

  1. Yeah, yeah, yeah. We keep hearing about all the “threats”, but not a single one of them has actually been “real” has it? They’ve all been “someone could” or “someone might”.

    The Mac community still isn’t worried.

  2. not to worried this is just a ploy some guy over at symantec and mcAffe decided to come up with reason being that there internet security sucks and no one is buying it so they needed a quick way to generate some revenue.

    They saw that Macs are becoming a trend and thought they needed to expand there market soon they will come up with a story that redhat has a treat out and tell us all that we need to do is buy there product to be safe.

    it all comes down to if your gonna use some software you didnt pay for borrow it from some one who has , if you dont know what the program is dont install it, if you dont know who the hell is sending you that email that says i want to give you a million dollars dont open it (know one is giving away that much money) if you are on a web page and somthing pops up and says install me i will make all you dreams come true, reboot your computer dont be a dumb ass and click on it.

    Mac over PC and it will stay that way. you can tell me that its gonna explode in my hand when i get this virus. i will not buy some shitty anti virus .

  3. I can’t understand why some folks insist on discounting such threats on the basis that the Mac is so secure, no one can break it. Bottomline is as long as the security system was designed by a human being, someone can and will find a workaround. Might not be today, but it will happen. The worst thing you can do is discount the threat.

  4. that is so very true in the late 80s the Government spent a shit load of time and money building a system that they thought would be 100% solid as a rock crash proof.

    Some joe shmo came in and broke the damn thing down in 24 hour what took them years to build.

    key is learn how to use a computer before you start doing shit you dont understand and just keep and eye on whats your installing, opening, web sites you visit and get a traffic monitor learn your ports and protocols and you can protect you self very well with and not have to spend a shit load of money for a anti virus that people write viruses to get around (symantec,Norton) and that slow your computer to a crawl !! even PCs have a bit of built in security learn how to use it even though it might be crap :)

  5. Howie Isaacks Friday, April 17, 2009

    Meh. I’m not too worried about this. I don’t download crap, and I know how to stay alert about what my computer is doing. That’s really the biggest threat for any computer user be they a Mac user, or Windows user — not keeping track of what is happening on their computer. I have seen so many people click past errors and alerts that are actually displaying useful information about the problem that they are experiencing. Those same people seem to download an asshole of crapware, and then wonder what went wrong with their computers. Such things just produce more demand for my services.

  6. Although its true the mac fell quickly during the PW2own contest it must be understood that the hacker former NSA security analyst Charlie Miller spent a lot of time before the contest preparing his exploit as seen in Toms Hardware interview:

    CM: “Yes, I took down the Mac in under a minute each time. However, this doesn’t show the fact that I spent many days doing research and writing the exploit before the day of the competition”

    Charlie Miller is also apparently a Mac User.

    CM: “I don’t know what I’ll do with my new MacBook Pro, but I definitely won’t retire my trusty MacBook.”

    And as for which OS he recommends:

    “I’d still recommend Macs for typical users as the odds of something targeting them are so low that they might go years without seeing any malware”


    Mac security in general:

    CM “I’d say that Macs are less secure for the reasons we’ve discussed here (lack of anti-exploitation technologies) but are more safe because there simply isn’t much malware out there.”
    ——-
    Security issues with mac have been hyped up recently by certain parties, there are concerns but no doubt Snow Leopard coming in few months will improve mac security.

  7. There’s a hole in the Apple, dear Liza, dear Liza,…

    This kind of attack would be theoretically thwarted in Vista, if the users were paying attention to the security warnings that come up.

    On Vista, if an application requires admin access (to e.g. install software) the publisher of the software, by secure digital signature, is identified OR lack of a publisher.

    On Apple OSX, there is no such information presented.

    So, on OSX, I could install software that has no digital signature i.e. it couldv’e been hacked by ANYBODY, and if I didn’t go to a lot of extra and highly technical steps to check, I’d never know.

    This is just one of the ways in which Vista is more secure than OSX. And Windows 7? Better.

    IMO, Apple will never catch up to Microsoft in security. Apple will continue lying about how their OS is more secure, and enough people will buy it to buy there expensive hardware.

    Apple’s advantage related to security is obscurity, nothing more. Obscurity is not security.

    The question I’ve been posing for years is not IF Apple will fall, but how hard.

  8. Part of the problem is people doing stupid things like downloading illegal copies of software. Maybe some people need to wise up and not break the law? ; )

  9. Astrochimp: you say windows is more secure by having all these pop ups asking you if you are sure you know what you are doing. As for your software and it’s digital signiture that’s great that you need that to know what you are installing is safe. I’ve always used common sence if I don’t know what it is or where It came from don’t install it.

    The best way to obtain a virus is to use a browser that is full of holds (I.E8) or a email client that doest provide a built in layer of security.

    Know how to control your browser and it’s security setting and also your email client . You will be fine.

    What you are doing on a apple blog supporting windows and talking about how hard osx will fall is beyond me.

    You just continue to run you pc and your norton and wonder why you computer runs like shit. Do alittle more reasearch before you come here. Start by looking up the side by side benchmark06 pc vs mac. Sorry to tell you but windows even runs better on a mac at native speeds.

    Compair your costs also buddy you 24 inch iMac starting at 1200$ with everything DDR3,wirelessN, Bluetooth, iSight camera I could go on . Try to build a pc with what a iMac comes standard with at the price of 1200$ good luck buddy!!

  10. You’re right, Monster. “The best way to obtain [malware] is to use a browser that is full of holes,” e.g., Safari, the worst of the worst. I use IE 8, infinitely more secure, thank you very much. Oh, wait, I forgot . . . you can’t use it, can you? So you really don’t know, do you? But you just keep sayin’ it’s “full of holds” and maybe one day it might come true.

    “Compair your costs also buddy you 24 inch iMac starting at 1200$ with everything DDR3,wirelessN, Bluetooth, iSight camera I could go on . Try to build a pc with what a iMac comes standard with at the price of 1200$ good luck buddy!!”

    Are you kidding? Is that a joke? I’m a system builder, pal. Give me $1,200 and I’ll build a system that blows you iMac out of the water, like shooting a mosquito with a bazooka! Kawoosh!

    An iSight camera? Oooooo, goody. I think I’ll pass. I wouldn’t build a system today unless it included Blueray and HDMI support (hint: think home entertainment, after the work gets done). Anything less is just, well . . . Apple.

Comments have been disabled for this post