Think affiliate programs are solely the province of SEO firms and experts? Think again. There’s such a thing as a malware affiliate program, and a very recent one targets Mac users specifically. It’s a sign that cyber-crime is beginning to target Apple more aggressively than it has in the past.
ZDNet.com reports that a group called the “Partnerka,” which consists of Russian spam and malware affiliates, have begun to focus on the Mac. Their tactics involve using social engineering tricks (read: preying on human weakness) to install fake codecs and scareware programs (the kind that pressure you into installing and paying for bogus single purpose anti-malware software).
The plans and methods of the “Partnerka” were revealed at the Virus Bulletin Conference 2009, where Sophos Labs researcher Dmitry Samosseikko talked about a site called Mac-codec.com which has since been taken down, that offered a bounty of 43 cents for each successful installation of malicious software on a Mac computer. According to Samosseikko, that’s a high price, and indicates that the Mac malware game is becoming more attractive to online crime organizations.
Even though the site is gone, the threat is not. These malware schemes work because they offer something many Mac users might be looking for. Partnerka’s Mac-codec.com was offering video players and fake video codecs that attempt to draw in people trying to playback video they’ve downloaded somewhere on the web. Previous DNS-changing trojan malware attempts depended on porn video lures.
Focus on the Mac platform might be growing for online criminals, but most malware plots still require you to make the first move. To help protect yourself from fake and harmful codecs, use Perian and VLC, and if your video still won’t play back, just give up altogether. No video content is worth the theft of your private data, after all.
To help protect yourself from fake and harmful codecs, use Perian and VLC, and if your video still won’t play back, just give up altogether.
You can always try MPlayer OS X Extended. Plays some stuff VLC won’t and you can full screen it in one monitor and still work on the other (unlike QuickTime). Plus it’s less of a resource hog than either of the other two so you get better playback on older machines.
It’s hard to protect onesself from one’s folly.
But then the claim for no virus still stands.
So this bounty has been placed on Macs “a few months ago”, and inspite of this incentive for hackers to attack Macs… to date there has not been any Mac virus outbreaks. That speaks volumes about Mac security compared to Windows.
This doesn’t speak security compared to Windows, it speaks market share.
Windows has been proven to be more secure by security analysts. The operating system is more robust to malware than OS X is. It has to be considering how big of a target it is for malware composers.
There have been a few Mac virus outbreaks, mostly among the trojan infections incurred with the pirating of iWork.
@Koki,
Maybe you should refrain from such FUD since you don’t know the difference between viruses and trojans.
Sorry, Koki, OSX runs on top of certified Unix, and it had security
as a major focus from its inception.
I’m not a Windows user coming in here and trying to shit the place up, I am a Mac user well aware of security issues with both operating systems. Slapping Unix on a box doesn’t make anything impenetrable – it just means it’s Unix.
There’s one of many articles regarding the issue, but this is the most accessible. Sweet and short.
http://www.computerworld.com/s/article/9137992/Apple_missed_security_boat_with_Snow_Leopard_says_researcher?taxonomyId=17&pageNumber=1
OK. Point taken. But as someone else on another Mac-related blog stated “Using Windows is like a homeowner who who has to fumigate the entire house on a frequent basis, while the Mac user never has to use pesticide and only has to deal with an occasional dead fly on the window sill.” [My paraphrase].
For me, twenty years of using Macs without a single malware issue is what matters.
LOL …. I like your praphrase a lot.
This is a wonderfully apt analogy. I wish I had thought of it in the first place.
43 Cents? AIN’T SO!
More FUD, Errington?
You need to research more and write less.
http://brainstormtech.blogs.fortune.cnn.com/2009/09/27/about-those-russian-hackers-targeting-macs/
CNN exposes yet more widely-reported Mac security FUD
It’s a FUD report, of course, as it fails to note that the general rate for Windows hacking is 50-55-cents, and fails to note that the website offering the bonus has since shut down, due to lack of interest.
As reported by Greg Keizer at Computerworld and repeated through numerous publications – including at least one which really should know better – it has been claimed that Russian hackers are targeting the Mac.
Naturally, all the usual suspects are involved in the info chain who bought us this ‘story’: Graham Cluley of Sophos quotes another researcher, Paul Ducklin, who himself points to a presentation given last week by Dmitry Samosseiko, himself a Russian-born researcher for – wait for it – Sophos.
CNN has the best rebuttal of the story. It takes a look at the six-page security research document and points out that the reference to Mac security occupies precisely one paragraph.
Once again these security warnings are pure FUD. Widely reported as fact. Doubt we’ll see a retraction by any of the publications who blindly carried the story.
Great Job—- Darrell Etherington (NOT)
What Are You UNFAUX, News and just follow Blindly without proof or fact of Checking your story , And Just as Such This is Just a Story and a Bad ONE at That.
So Much for any credibility you had Darrell Its Gone Now,
Links ,
CNN:- http://brainstormtech.blogs.fortune.cnn.com/2009/09/27/about-those-russian-hackers-targeting-macs/
9to5 Mac:- http://9to5mac.com/mac_security_fud_again