Thursday, October 27th 2011
Secure Apple Macs Fall Prey To Linux DDoS Trojan
For years Apple Mac users have felt smug that their computers didn't need any security software installed, unlike their poor Windows counterparts which were always coming down with a cold. This they believed is because their beloved operating system is inherently more secure than leaky old Windows (which it used to be). This smug feeling has been especially strong over the last decade, since the release of Mac OS X in 2001, as it's based on Unix which has always had security baked into it. They therefore felt safe from the multitude of viruses, keyloggers, trojans and various other nasties that the bad guys like to infect operating systems with. However, there have been successful attacks in the past on every Apple Mac operating system since the first one in 1984, just nowhere near the number of attacks as on Windows. Of course, what Windows users, Linux users and other OS users have also been saying for years is that Apple's operating systems simply weren't popular enough to bother with and aren't particularly secure. After all, the hackers do this for fun and financial profit, so why aim for a little teeny tiny target, when you can aim for a big, fat one like Windows?
Well, Apple's OS certainly has increased in popularity somewhat since the debacle that was Windows Vista and hence is now a larger attack target than before, attracting more attention from criminal hackers. This appears to be dispelling the myth that Mac OS X is "secure", what with the latest malware attack. This new kid on the block is a trojan called "Tsunami", which has now been discovered on infected Mac OS X systems. What makes this particular malware different is that it appears to be a port of all things, of a Linux DDoS trojan called Troj/Kaiten. This little beauty herds infected Apple computers into a botnet which DDoS's whatever victim website the criminal hackers choose to instruct it to, using an IRC channel. Lovely.
Graham Cluley of Sophos, has taken this trojan apart and shown how it can be instructed to attack any website. He has reproduced the code snippet below:
He then says:
So, it sounds like this nasty requires a little bit of social engineering to get on the machine, like many do for Windows. However, that hardly sounds like a challenge does it, given the general lack of basic technical skills and security knowledge of ordinary computer users? The Apple ones perhaps even more so, as the platform is designed for "ease of use" and aimed specifically at people who are not tech savvy at all and want a computer "that just works". They'll have no idea why their beautiful Mac inexplicably runs slugglishly and unstably, with their ISP possibly disconnecting them for the garbage pumped out by their infected Mac.
Some people reading this will make the rallying cry "Of course Sophos will say it's vulnerable, they have a product to sell!" and they have a point. However, this doesn't take away the fact that threats to the Mac platform are real, out there and growing. Even if a Mac user doesn't want to run security software they should still practice safe computing habits, which is just another way of saying to use their common sense.
A short and interesting history of Apple malware can be found at this Sophos article.
Source:
Sophos
Well, Apple's OS certainly has increased in popularity somewhat since the debacle that was Windows Vista and hence is now a larger attack target than before, attracting more attention from criminal hackers. This appears to be dispelling the myth that Mac OS X is "secure", what with the latest malware attack. This new kid on the block is a trojan called "Tsunami", which has now been discovered on infected Mac OS X systems. What makes this particular malware different is that it appears to be a port of all things, of a Linux DDoS trojan called Troj/Kaiten. This little beauty herds infected Apple computers into a botnet which DDoS's whatever victim website the criminal hackers choose to instruct it to, using an IRC channel. Lovely.
Graham Cluley of Sophos, has taken this trojan apart and shown how it can be instructed to attack any website. He has reproduced the code snippet below:
The big question, of course, is how would this code find itself on your Mac in the first place? It could be that a malicious hacker plants it there, to access your computer remotely and launch DDoS attacks, or it may even be that you have volunteered your Mac to participate in an organised attack on a website.
But remember this - not only is participating in a DDoS attack illegal, it also means that you have effectively put control of your Mac into someone else's hands. If that doesn't instantly raise the hairs on the back of your neck, it certainly should.
Some people reading this will make the rallying cry "Of course Sophos will say it's vulnerable, they have a product to sell!" and they have a point. However, this doesn't take away the fact that threats to the Mac platform are real, out there and growing. Even if a Mac user doesn't want to run security software they should still practice safe computing habits, which is just another way of saying to use their common sense.
A short and interesting history of Apple malware can be found at this Sophos article.
60 Comments on Secure Apple Macs Fall Prey To Linux DDoS Trojan
IN order not to upset the fans of a certin Brand sold worldwide
Perhaps we NON USERS OF THAT BRAND should in future refer to trojens and virus's that target "That Brand" as :laugh: ""Maggots""":laugh:
seems to me to be the perfect description
Confusing to fix? Did you only deal with AIO iMacs or the billion screw laptops?
Their towers and desktops were always pretty straight forward. Aside from a few models, usually easy to get at the internals. I've dealt with repairs on a lot of PCs which were nightmares compared to Macs.
Apple used to tote their Macs for resale value, still do but its not as good as it once was. Course partially because of the healthy upgrade market. It made sure you could run more modern CPUs on the older outdated rigs. Bunch of upgrade companies developed all sorts of upgrade options. Even for the Macs considered to be unable to upgrade, they found ways to use L2 cache slots to upgrade. Good 5+ year life on each Mac before needing to upgrade or buy new. Nowadays, lucky to get 2-3.
They also try to dissuade people from upgrading more and more now. Which bred the aftermarket PC GPU to Mac flashing community. Should be no technical reason for newer GPUs to not work with some of the earlier x86 Macs, but sure enough...Apple put a limitation in. Its all about selling more Macs now which they can't do if people hold onto machines forever.
You have just re affirmed that some mac uses are very arrogant. Not all use some.
I was going to use a figure like 99% but I know that is not true.
So since this is a E-Penis contest how do you measure up?
Who really cares what OS you run or how technical you are?
If your an arrogant asshole you can run BeOS, Free BSD or what ever you want it still makes you a arrogant asshole.
BTW linux unix and even MAC is has virus and mal ware out there. Its rare. I Have gotten malware for linux a few times, all it did was use all my ram or used all my processor. A quick kernel upgrade and its fixed.
Apple is going to get imploded with viruses, because of the simple fact that apple users are SNOBBY and believe there so secure and safe when it comes to there systems(OS).
III PREDICT!: There is some malware out there already hitting some macs and is now being discovered(News example above).What is going to happen is someone or somehow there is going to be a massive break in the OS security and at VERY FAST pace almost all mac OS"s will fall prey to some nasty NASTY nasty malware/virus/trojan/ddos/keylogger and APPLE! will not be able to respond fast enough.
Then you will see the mac crowd come to realization.
I have never seen, nor have experience with Mac's and virus issue's. That in my opinion makes the SNOBBY mac corporate business men and User's vulnerable to a massive VIRAL attack that is one whole punch to the mac OS crowd. The OS security team(if its a team), wont be able to respond fast enough, and over 50% of the mac's will be virus consumed and cracked within a week.
I believe windows has had experience with MASSIVE attacks and usually SOON (@ least today) they respond with patches and fixes for those malicious viruses.
What I am trying to say is, maybe MAC will get caught way off-guard in the FUTURE and it will take a HUGE toll on apple OS's and users all in one punch. Its the perfect setting(Snobby user's, low counter(protection) experience,and the growing market with apple and there macs.
The funny thing is with you SNOBBY ASS USERS. you can fix any PROBLEM with a mac VIRTUALLY using GOOGLE, and following STEP BY STEP GUIDES MADE BY THE PRO'S(or INFORMED).
Second of all, that 1% of Windows PC users' IS STILL BIGGER THEN YOUR ENTIRE MAC CROWD so GTFO. Number's still exceed your IMAGINARY numbers.
You could not even talk about the same technical issue's some of us Windows Users understand EVERYDAY. You could not even prove it.
There is just no argument there, experience and longevity and customer base just rape any of your speculations.
Were mac's not made in Steve Job's mind for simplicity and the fact that the USER was not a computer SAVVY person? Tell me i'm wrong.
The problem I have with this is that it really portrays a stereotype that isn't true. I'm sure if you did a scientific calculation of the percentage or number of PC users (not just those on TPU!) that "lack basic technicals skills and security knowledge" it would be just as high, if not higher than Mac users. Since there is absolutely no scientific data the author can cite (unless I missed it), he is injecting his opinion as if it were fact.smug
Exhibiting or feeling great or offensive satisfaction with oneself or with one's situation; self-righteously complacent
I was in no way being "smug", but maybe you just didn't know what the word meant. :laugh:I do consider myself a "more (technically) skilled" Mac user. I spent years (mid 90's-mid 2000's) on the DealMac forums helping others and learning from others. There were a large number of other Mac users there that I would say were experts or advanced users. Just because they aren't here on TPU doesn't mean they don't exist. As I said before, I was originally objecting to the fact that the author was trying to portray Mac users as those who "lack basic technicals skills and security knowledge".Ok, but you are making those "numbers" up and that's based on your opinion, not fact. You haven't cited any statistical data proving your argument, just as the original author of the "article" hasn't.I'm not going to argue with you about this. I have my opinion, you have yours, and the facts speak for themselves.From the looks of it, this would be just as good of a place to start as any! :laugh:There are a lot of us out there and I agree with you that some "harsh generalizations" are made about Apple users in general, some similar to the unfair ones about PC users which we know aren't true either! :laugh:
Apple user since 1983, Commodore user since 1985, Mac user since 1986, DOS user since 1986, and Windows user since 1992. But maybe you weren't asking me specifically ;)This is a recent development. Until recently (a year ago or so) they were charging a premium price. I do applaud them for this but they aren't doing this purely to be nice and there are business motivations behind it. Just like a lot of the free Windows AV, it's only a matter of time until the nags are implemented and the functionality is reduced unless you buy the premium version.That required direct machine access and use of social engineering to work. If I could actually find something in "the wild" I could as easily install it onto my Mac sitting here. Just as easily as you could install malware on your PC sitting there.Nope, that was a complete misunderstanding on YOUR part. I was defending the group that was being "belittled". As for the rest of your statement, stay classy. I've read the rules many times over and feel that I in no way violated them. I'm free to state my opinion here just as you have, and I live in the United States Of America, where we have this thing called the First Amendment to the United States Constitution :laugh:I don't think I'm arrogant, as you would probably agree if you knew me in really life, but you are entitled to your opinion. My "E-Penis" measurements are above.Nice personal attack from a fellow longtime TPU user. I hope you feel better about yourself.
Oh, and take a look at my specs, I'm a Windows user, just like you. :toast:
Since it sounds like you are challenging me, what are these "technical issue's some of us Windows Users understand EVERYDAY", so that I could prove it? Do you see me posting "Please help me with my computer" on the forums here on TPU?
I wasn't speculating on anything, I was just saying that not all mac users "lack basic technicals skills and security knowledge".
Apple created the Mac OS to offer a great user experience, not an OS for people who are stupid and need an easy to use computer. You were mostly right.
You say you're a technically competent Mac user and I'm happy to take that at face value (you're on here, after all ;) ) but you're the exception, not the rule. Look, I work on an IT helpdesk and I see just how effing clueless most of these PC users are, so I have every reason to believe that a dumbed down, DRM locked down Mac is gonna attract even more clueless users buying into the "it just works" mantra. Man, I despise the koolaid that Apple's been peddling all these years. Maybe without Jobs's reality distortion field Apple will turn into less of a control freak company? Here's hoping.
It looks like Mussels's experience illustrates one example of the lie to the "it just works" mantra.
I would say that "article" is a good characterization of the original post, not in the sense of a long, thought out, logically consistent piece of argumentation with citations (as in academic publishing), but as a piece of opinion on a news item.
It's too easy to throw the 'citation' bomb without thinking of the context. If you're looking for vetted, cited, and formal "news", a forum such as this is not the place for such a thing. It is unreasonable.
A forum, like this one, is perpetuated in the traditional, human, and fundamentally irrational way -- word of mouth. It is up to the reader to determine the worth of a posting, and to sift through its information for any grains of truth, it is not up to the poster to be exquisitely formal and correct, even if their wish is to present a piece of information. No matter how much we may want it to be so...
Think things through next time.
Don't react to inflammatory nonsense.
And don't assume your position is unassailable when dealing with opinion, especially when relying purely on logical form while presenting no substance.
:shadedshu
You get clueless users on any platform, not just in the PC world. its just that Mac users seem proud of it, under the umbrella of "it just works, so i dont HAVE to learn that stuff"
Its that pride in ignorance that really gets under our skin - especially in cases like this, where that willful ignorance results in harm to other internet users worldwide, by allowing their 'secure' systems to become part of DDoS botnets.
I know what you mean about the massed ranks of the great unwashed (and I'm also including all platforms here). They actually revel in their ignorance and consider it "uncool" to actually know anything. How f* retarded. :shadedshu
Since these roles today arent physical labor, some people seem to have the attitude that being ignorant of how things work means you're important enough to not need to know how it works, since someone else can do it for you. its bizarre.
[/off topic]
But having said that, it is clear that windows pcs are and have always been the bigger target given the nature of unix based systems, and their much lower market share. But that argument is a double edged sword because, when you're a target you learn how to compete better than when you're sitting idle waiting for someone to hit you every once and a while.
I personally would consider no system truly impenetrable and wouldn't consider my data safe from any attacker. I am behind a hardware firewall, I keep fairly up to date on OS security, and do regular scans and updates for the real time monitoring software. But more importantly, I restrict access to critical stuff to drives that I can physically detach from the network when it's not in use. Regular back ups are as important as any part of secure systems.
I don't think mac users are standing out there being purposefully ignorant, I think perhaps you just seem to seek out the vocal crowed who somehow think they are superior because they have a more expensive product than other people do. You see just as many users on pc side of the fence who think they are superior to mac users because their pc cost less, or has a better graphics card, or something along those lines. You even see that crap on smart phones, where people who use android phones think their platform is superior to ios or vice versa.
Frankly the highly opinionated users with a superiority complex can wind up giving any group a bad reputation. Ever seen a political rally? How bout a religious gathering? Anyone who believes they are superior in one way or another to any other human being shouldn't have an opinion that is taken seriously anyway.
I watched a documentary on Netflix yesterday pretty much revolving around design and the revelations of design(apple had a big segment in it). What Apple and the Apple's team do is try to design a product that is natural to the human person.
Example: If a alien(outer-space) were to come down and see a metal spoon, he could readily understand how to use it for food or a scoop.
When real design comes into play, it revolves more on the natural simplicity around that product/design. All these ipod's, iphones, ipads, Macbook's, even macpros were designed in the eye of natural simplicity and understanding. Yes there are technical's in the way but when you pick up readily any device from the big Apple you virtually know how to use it and start plucking away, everything works without hitches. That's the beauty of it.
The same goes with apple OS's yes there a little out of that design aspect, but when they were made and or designed, every thought of USER trouble was pinpointed and suppressed fairly well, even with virus protection.
Personally that's how I believe apple broke economic barrier's(500$ product, 1mil+ sales). Design and natural capability and ease of use were very very very strongly enforced within that company's team.
My bad though, no hard feeling :toast: :o
Even proposed this analogy I think I have mentioned on TPU once before.
Apple OS (Mac's) are like the Native Americans in North America prior to the arrival of the Europeans which you could say are like the Windows OS. Windows carries all these diseases (AKA Viruses) but are mostly immune to them while the Native Americans (Apple OS) all peaceful and ignorant to the troubles disease brings with it are suddenly hit very hard by these virus now "ported" to them.
I find that explanation to sit well with many people. Been preaching it for years.