Hundreds of thousands of Macs infected

Asif DaslAsif Dasl Member Posts: 2,116 ■■■■■■■■□□
in Off-Topic
It was going to happen sometime...

BBC News - Half a million Mac computers 'infected with malware'

Mac Flashback Trojan: Find Out If You're One of the 600,000 Infected
You can tell whether a man is clever by his answers. You can tell whether a man is wise by his questions. - Naguib Mahfouz

The mind is the limit. As long as the mind can envision the fact that you can do something, you can do it, as long as you really believe 100 percent. - Arnold Schwarzenegger
· Share on FacebookShare on Twitter

Comments

  • tpatt100tpatt100 Member Posts: 2,991 ■■■■■■■■■□
    You know your doing something right and increasing market share to the point where malware writers start to target your systems lol.

    Reminds me of the botnet stories lately where the FBI was involved. Crazy didn't realize how many millions of infected machines are out there.
    · Share on FacebookShare on Twitter
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    I find it funny that they make a big deal about this. 600k out of the millions of Mac computers out there really doesn't make it big news. Now if they wrote some iOS malware that would be big news.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
    · Share on FacebookShare on Twitter
  • Jayjett90Jayjett90 Member Posts: 30 ■■□□□□□□□□
    Well this is bad and good at the same time. Of course infected PCs are never good lol but now all of the non-technical Apple fans who thought Macs could not get viruses just got a reality check. Any system can get a virus, it just wasn't common with macs because majority of the world's population uses Windows.
    · Share on FacebookShare on Twitter
  • ZartanasaurusZartanasaurus Member Posts: 2,008 ■■■■■■■■■□
    the_Grinch wrote: »
    I find it funny that they make a big deal about this. 600k out of the millions of Mac computers out there really doesn't make it big news. Now if they wrote some iOS malware that would be big news.
    Mac Hacker Puts Rogue iPhone App Into iTunes Store | SecurityNewsDaily.com
    Currently reading:
    IPSec VPN Design 44%
    Mastering VMWare vSphere 5​ 42.8%
    · Share on FacebookShare on Twitter
  • tpatt100tpatt100 Member Posts: 2,991 ■■■■■■■■■□
    Not sure how much of a reality check it is since there are millions of Windows machines infected and I doubt even a single digit percentage of them even know what a botnet is.
    · Share on FacebookShare on Twitter
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    It's not so much a Mac exploit, as it is a Java exploit. Just more proof that Java is a Bad Idea (tm)
    · Share on FacebookShare on Twitter
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Apple maintains the Java package for OSX though...
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
    · Share on FacebookShare on Twitter
  • afcyungafcyung Member Posts: 212
    I think it should point out that the concept of security through obscurity is long gone.
    · Share on FacebookShare on Twitter
  • tpatt100tpatt100 Member Posts: 2,991 ■■■■■■■■■□
    How is it long gone? It is still a significantly small target compared to the millions of available Windows machines that are exploited.
    · Share on FacebookShare on Twitter
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    the_Grinch wrote: »
    Apple maintains the Java package for OSX though...

    I understand that, doesn't change the fact that Java is a platform which has been riddled with security holes over the years. Just because they maintain the package doesn't mean they write it, and security auditing is hard. I'm not at all surprised that what's reportedly the most compromising attack on OS X to date came via a Java vector.
    · Share on FacebookShare on Twitter
  • RoguetadhgRoguetadhg Member Posts: 2,489 ■■■■■■■■□□
    java and firefox has been causing issues for us here, firefox disabling it by default.
    In order to succeed, your desire for success should be greater than your fear of failure.
    TE Threads: How to study for the CCENT/CCNA, Introduction to Cisco Exams

    · Share on FacebookShare on Twitter
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Fair enough ;)
    Forsaken_GA wrote: »
    I understand that, doesn't change the fact that Java is a platform which has been riddled with security holes over the years. Just because they maintain the package doesn't mean they write it, and security auditing is hard. I'm not at all surprised that what's reportedly the most compromising attack on OS X to date came via a Java vector.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
    · Share on FacebookShare on Twitter
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    Roguetadhg wrote: »
    java and firefox has been causing issues for us here, firefox disabling it by default.

    That's Mozilla's doing. They recently started disabling old versions of JRE that had known security issues in order to encourage the user to update rather than risk a compromise. In my opinion, this is a very good idea.
    · Share on FacebookShare on Twitter
  • lordylordy Member Posts: 632 ■■■■□□□□□□
    Well, believe it or not, there are stupid Mac users out there.

    I had a friend who downloaded some Adult Video File and when he opened it it just showed a message saying "You need to install SomeEvilGuy's Codec to view this", and so he did. He downloaded, installed it and even typed in his password when the installer asked for it...
    Working on CCNP: [X] SWITCH --- [ ] ROUTE --- [ ] TSHOOT
    Goal for 2014: RHCA
    Goal for 2015: CCDP
    · Share on FacebookShare on Twitter
  • tpatt100tpatt100 Member Posts: 2,991 ■■■■■■■■■□
    lordy wrote: »
    Well, believe it or not, there are stupid Mac users out there.

    I had a friend who downloaded some Adult Video File and when he opened it it just showed a message saying "You need to install SomeEvilGuy's Codec to view this", and so he did. He downloaded, installed it and even typed in his password when the installer asked for it...

    That video codec one is pretty popular. I like the ones that look like Windows UAC and even walks you through how to allow it to mess up your pc.
    · Share on FacebookShare on Twitter
  • Novalith478Novalith478 Member Posts: 151
    tpatt100 wrote: »
    That video codec one is pretty popular. I like the ones that look like Windows UAC and even walks you through how to allow it to mess up your pc.

    The UAC and fake anti-virus ones are so popular. I've had to clean that off friends/family computers more times than I have fingers to count. You'd think they'd learn...nope.
    · Share on FacebookShare on Twitter
  • ptilsenptilsen Member Posts: 2,835 ■■■■■■■■■■
    Let's not dismiss anything significant, here. IMO 600,000 is a significant number, period, and a highly significant number given Macs relative market share. A botnet of 6,000,000 Windows machines would not be dismissed as trivial. That's a lot of infected machines, even if it's a small percentage of potential targets.

    A agree strongly that JVM being the infection method is not remotely surprising. Even on Windows, Java is one of the most often exploited features and one of the hardest to secure. You can have users locked down to least privilege, browser settings restricted, host antivirus, threat management on the gateway, 100% patch and update compliance, and still get hit through Java along with various browser plug-ins (hint: Adobe).

    Honestly, I hate almost everything about Java. It's made programming seem so easy that lazily written, poor code is a staple of modern computing. Most browser-based applets that require a JVM are horribly slow and buggy, and Java is an administrative pain. All that being said, I'm inclined to blame Apple. Their slow pace of patching that vulnerability is inexcusable, IMO. And keeping Java maintained on Macs is too hard, Apple should stop supporting JVM use altogether. I'm serious. That's what they did with Flash in the mobile sector, and I could easily see it with Flash and Java on Macs. If you think about all the programs that already don't run natively in Mac OS X, web-based Java and Flash applets are really a drop in the bucket. The major web developers would re-code to support Macs, and frankly the rest don't matter enough to make a difference.

    Mac market share has steadily enough that indeed, Macs are more and more likely to be targeted. Technical implementation of security measures on Macs compared to Windows has been lax for years now. The non-technical Mac users (the vast majority of Mac users, just as with the vast majority of Windows users) do not know enough to do their part and automatic measures from Apple are not implemented enough. Until things change, I bet we'll see more Mac exploits in the near future. Apple definitely wants to maintain the image of Macs as systems with far fewer problems than Windows PCs, so I think it's likely these sorts of issues will get addressed.
    Working B.S., Computer Science
    Complete: 55/120 credits SPAN 201, LIT 100, ETHS 200, AP Lang, MATH 120, WRIT 231, ICS 140, MATH 215, ECON 202, ECON 201, ICS 141, MATH 210, LING 111, ICS 240
    In progress: CLEP US GOV,
    Next up: MATH 211, ECON 352, ICS 340
    · Share on FacebookShare on Twitter
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    ptilsen wrote: »
    All that being said, I'm inclined to blame Apple. Their slow pace of patching that vulnerability is inexcusable, IMO. And keeping Java maintained on Macs is too hard, Apple should stop supporting JVM use altogether. I'm serious.

    Sure, it's ultimately Apple's fault, but this isn't a vulnerability in OS X, which is what it's being trumped up as. In order to fall vulnerable to this, it requires two things -

    A) A specific piece of software to be installed
    B) The user to do something stupid.

    That is much closer to social engineering than a code fault, and there isn't an operating system in existence that can protect against those parameters before the fact.

    The fact that it's so rare for an exploit of this nature to hit a Mac goes to show it's got a fairly decent track record when it comes to security - folks can't wait for the chance to jump all over it. If this had been a windows flaw instead, folks would say 'what else is new?' Windows exploits are so common that it originated Patch Tuesday.

    And Apple's track record is still better than Microsofts when it comes to patch times. They just recently fixed some exploits that have been around since Windows 2000. I mean really, you're going to criticize Apple for taking two months to patch when it took Oracle 5 months to do so? (Please note that the article author cannot do math - Oracle patched on Feb 14th, Apple on April 4th. That's a difference of 50 days. 50 / 7 = ~7.14. Quoth the article 'Apple released its own "security update" on Wednesday - more than eight weeks later.' Idiots.) I don't think ~2 months is unreasonable to push a patch that had a couple conditionals in order for it to take effect.
    · Share on FacebookShare on Twitter
  • ptilsenptilsen Member Posts: 2,835 ■■■■■■■■■■
    Forsaken_GA wrote: »
    Sure, it's ultimately Apple's fault, but this isn't a vulnerability in OS X, which is what it's being trumped up as. In order to fall vulnerable to this, it requires two things -

    A) A specific piece of software to be installed
    B) The user to do something stupid.

    That is much closer to social engineering than a code fault, and there isn't an operating system in existence that can protect against those parameters before the fact.
    I will be the last person to disagree with any of this. I'm certainly not claiming it's a fundamental flaw in the programming of OS X.
    Forsaken_GA wrote: »
    The fact that it's so rare for an exploit of this nature to hit a Mac goes to show it's got a fairly decent track record when it comes to security - folks can't wait for the chance to jump all over it. If this had been a windows flaw instead, folks would say 'what else is new?' Windows exploits are so common that it originated Patch Tuesday.
    No one will disagree that there are more Windows exploits. But, it goes back to "there isn't an operating system that can prevent against those parameters before the fact." The number of actual Windows remote vulnerabilities that don't require a user or configuration problem is very low, especially in the last five years. Even the ms12-020 is only applicable to systems configured in a certain way -- RDP must be on (off by default), NLA must be off (recommended on), and the system must be accessible on the public Internet for a significant risk of exploitation (not recommended, even for remote access to TS/RDSH) -- this situation describes a poor configuration even without the vulnerability as RDP has always been a known attack vector and these best practices and defaults were there to mitigate against that risk.
    Forsaken_GA wrote: »
    And Apple's track record is still better than Microsofts when it comes to patch times.
    Not sure I can agree with that. Microsoft searches out and patches the vast majority of vulnerabilities before they are exploited, often long before they are even identified by third parties. Microsoft patches very frequently, releasing updates before the next Patch Tuesday if they're important. I don't feel great about how many vulnerabilities there are and how large the code and customer bases behind the Windows platform and its staples are, but the fact that Microsoft patches so often and so quickly is a good thing, to me. I would compare Firefox favorably to IE for the same reason; Firefox actually gets security patches more frequently than IE, even though IE is a more frequently targeted system.
    Forsaken_GA wrote: »
    I mean really, you're going to criticize Apple for taking two months to patch when it took Oracle 5 months to do so? (Please note that the article author cannot do math - Oracle patched on Feb 14th, Apple on April 4th. That's a difference of 50 days. 50 / 7 = ~7.14. Quoth the article 'Apple released its own "security update" on Wednesday - more than eight weeks later.' Idiots.) I don't think ~2 months is unreasonable to push a patch that had a couple conditionals in order for it to take effect.
    That's somewhat fair, and I am not experienced enough with that sort of code development to make a truly informed analysis of that response time. That being said, Microsoft and even Apple have been known to develop and release other patches in shorter time frames, and I have no reason to believe those should take longer. But again, if Apple wants to take responsibility for the development and deployment of Java patches, I think that there either needs to be more resources put on it or a decision made to not support it at all.

    I will give Apple more credit for the mobile sector, despite some of the problems they've had. Considering how many more iPhones and iPads there are then Macs and how they are potentially an easier target, Apple has actually done a good job of securing the OS and the applications. Android's opening, by comparison, is a security issue. Apple vets App store apps reasonably well, considering how many there are. One might slip through here and there, but it's nothing compared to Android, which has no basically no quality control, by comparison. If Apple applied similar policies to Mac OS X, I think that could make it compare favorably to Windows.
    Working B.S., Computer Science
    Complete: 55/120 credits SPAN 201, LIT 100, ETHS 200, AP Lang, MATH 120, WRIT 231, ICS 140, MATH 215, ECON 202, ECON 201, ICS 141, MATH 210, LING 111, ICS 240
    In progress: CLEP US GOV,
    Next up: MATH 211, ECON 352, ICS 340
    · Share on FacebookShare on Twitter
  • afcyungafcyung Member Posts: 212
    I imagine that the programers do their patches in priority from largest threat to least given things like how difficult would it be to exploit the vulnerability and what mitigation steps can be taken by the end user to prevent the exploit.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.