Hundreds of thousands of Macs infected
It was going to happen sometime...
BBC News - Half a million Mac computers 'infected with malware'
Mac Flashback Trojan: Find Out If You're One of the 600,000 Infected
BBC News - Half a million Mac computers 'infected with malware'
Mac Flashback Trojan: Find Out If You're One of the 600,000 Infected
Comments
-
tpatt100 Member Posts: 2,991 ■■■■■■■■■□You know your doing something right and increasing market share to the point where malware writers start to target your systems lol.
Reminds me of the botnet stories lately where the FBI was involved. Crazy didn't realize how many millions of infected machines are out there. -
the_Grinch Member Posts: 4,165 ■■■■■■■■■■I find it funny that they make a big deal about this. 600k out of the millions of Mac computers out there really doesn't make it big news. Now if they wrote some iOS malware that would be big news.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
Jayjett90 Member Posts: 30 ■■□□□□□□□□Well this is bad and good at the same time. Of course infected PCs are never good lol but now all of the non-technical Apple fans who thought Macs could not get viruses just got a reality check. Any system can get a virus, it just wasn't common with macs because majority of the world's population uses Windows.
-
Zartanasaurus Member Posts: 2,008 ■■■■■■■■■□the_Grinch wrote: »I find it funny that they make a big deal about this. 600k out of the millions of Mac computers out there really doesn't make it big news. Now if they wrote some iOS malware that would be big news.Currently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8% -
tpatt100 Member Posts: 2,991 ■■■■■■■■■□Not sure how much of a reality check it is since there are millions of Windows machines infected and I doubt even a single digit percentage of them even know what a botnet is.
-
Forsaken_GA Member Posts: 4,024It's not so much a Mac exploit, as it is a Java exploit. Just more proof that Java is a Bad Idea (tm)
-
the_Grinch Member Posts: 4,165 ■■■■■■■■■■Apple maintains the Java package for OSX though...WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
afcyung Member Posts: 212I think it should point out that the concept of security through obscurity is long gone.
-
tpatt100 Member Posts: 2,991 ■■■■■■■■■□How is it long gone? It is still a significantly small target compared to the millions of available Windows machines that are exploited.
-
Forsaken_GA Member Posts: 4,024the_Grinch wrote: »Apple maintains the Java package for OSX though...
I understand that, doesn't change the fact that Java is a platform which has been riddled with security holes over the years. Just because they maintain the package doesn't mean they write it, and security auditing is hard. I'm not at all surprised that what's reportedly the most compromising attack on OS X to date came via a Java vector. -
Roguetadhg Member Posts: 2,489 ■■■■■■■■□□java and firefox has been causing issues for us here, firefox disabling it by default.In order to succeed, your desire for success should be greater than your fear of failure.
TE Threads: How to study for the CCENT/CCNA, Introduction to Cisco Exams -
the_Grinch Member Posts: 4,165 ■■■■■■■■■■Fair enoughForsaken_GA wrote: »I understand that, doesn't change the fact that Java is a platform which has been riddled with security holes over the years. Just because they maintain the package doesn't mean they write it, and security auditing is hard. I'm not at all surprised that what's reportedly the most compromising attack on OS X to date came via a Java vector.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
Forsaken_GA Member Posts: 4,024Roguetadhg wrote: »java and firefox has been causing issues for us here, firefox disabling it by default.
That's Mozilla's doing. They recently started disabling old versions of JRE that had known security issues in order to encourage the user to update rather than risk a compromise. In my opinion, this is a very good idea. -
lordy Member Posts: 632 ■■■■□□□□□□Well, believe it or not, there are stupid Mac users out there.
I had a friend who downloaded some Adult Video File and when he opened it it just showed a message saying "You need to install SomeEvilGuy's Codec to view this", and so he did. He downloaded, installed it and even typed in his password when the installer asked for it...Working on CCNP: [X] SWITCH --- [ ] ROUTE --- [ ] TSHOOT
Goal for 2014: RHCA
Goal for 2015: CCDP -
tpatt100 Member Posts: 2,991 ■■■■■■■■■□Well, believe it or not, there are stupid Mac users out there.
I had a friend who downloaded some Adult Video File and when he opened it it just showed a message saying "You need to install SomeEvilGuy's Codec to view this", and so he did. He downloaded, installed it and even typed in his password when the installer asked for it...
That video codec one is pretty popular. I like the ones that look like Windows UAC and even walks you through how to allow it to mess up your pc. -
Novalith478 Member Posts: 151That video codec one is pretty popular. I like the ones that look like Windows UAC and even walks you through how to allow it to mess up your pc.
The UAC and fake anti-virus ones are so popular. I've had to clean that off friends/family computers more times than I have fingers to count. You'd think they'd learn...nope. -
ptilsen Member Posts: 2,835 ■■■■■■■■■■Let's not dismiss anything significant, here. IMO 600,000 is a significant number, period, and a highly significant number given Macs relative market share. A botnet of 6,000,000 Windows machines would not be dismissed as trivial. That's a lot of infected machines, even if it's a small percentage of potential targets.
A agree strongly that JVM being the infection method is not remotely surprising. Even on Windows, Java is one of the most often exploited features and one of the hardest to secure. You can have users locked down to least privilege, browser settings restricted, host antivirus, threat management on the gateway, 100% patch and update compliance, and still get hit through Java along with various browser plug-ins (hint: Adobe).
Honestly, I hate almost everything about Java. It's made programming seem so easy that lazily written, poor code is a staple of modern computing. Most browser-based applets that require a JVM are horribly slow and buggy, and Java is an administrative pain. All that being said, I'm inclined to blame Apple. Their slow pace of patching that vulnerability is inexcusable, IMO. And keeping Java maintained on Macs is too hard, Apple should stop supporting JVM use altogether. I'm serious. That's what they did with Flash in the mobile sector, and I could easily see it with Flash and Java on Macs. If you think about all the programs that already don't run natively in Mac OS X, web-based Java and Flash applets are really a drop in the bucket. The major web developers would re-code to support Macs, and frankly the rest don't matter enough to make a difference.
Mac market share has steadily enough that indeed, Macs are more and more likely to be targeted. Technical implementation of security measures on Macs compared to Windows has been lax for years now. The non-technical Mac users (the vast majority of Mac users, just as with the vast majority of Windows users) do not know enough to do their part and automatic measures from Apple are not implemented enough. Until things change, I bet we'll see more Mac exploits in the near future. Apple definitely wants to maintain the image of Macs as systems with far fewer problems than Windows PCs, so I think it's likely these sorts of issues will get addressed. -
Forsaken_GA Member Posts: 4,024All that being said, I'm inclined to blame Apple. Their slow pace of patching that vulnerability is inexcusable, IMO. And keeping Java maintained on Macs is too hard, Apple should stop supporting JVM use altogether. I'm serious.
Sure, it's ultimately Apple's fault, but this isn't a vulnerability in OS X, which is what it's being trumped up as. In order to fall vulnerable to this, it requires two things -
A) A specific piece of software to be installed
The user to do something stupid.
That is much closer to social engineering than a code fault, and there isn't an operating system in existence that can protect against those parameters before the fact.
The fact that it's so rare for an exploit of this nature to hit a Mac goes to show it's got a fairly decent track record when it comes to security - folks can't wait for the chance to jump all over it. If this had been a windows flaw instead, folks would say 'what else is new?' Windows exploits are so common that it originated Patch Tuesday.
And Apple's track record is still better than Microsofts when it comes to patch times. They just recently fixed some exploits that have been around since Windows 2000. I mean really, you're going to criticize Apple for taking two months to patch when it took Oracle 5 months to do so? (Please note that the article author cannot do math - Oracle patched on Feb 14th, Apple on April 4th. That's a difference of 50 days. 50 / 7 = ~7.14. Quoth the article 'Apple released its own "security update" on Wednesday - more than eight weeks later.' Idiots.) I don't think ~2 months is unreasonable to push a patch that had a couple conditionals in order for it to take effect. -
ptilsen Member Posts: 2,835 ■■■■■■■■■■Forsaken_GA wrote: »Sure, it's ultimately Apple's fault, but this isn't a vulnerability in OS X, which is what it's being trumped up as. In order to fall vulnerable to this, it requires two things -
A) A specific piece of software to be installed
The user to do something stupid.
That is much closer to social engineering than a code fault, and there isn't an operating system in existence that can protect against those parameters before the fact.Forsaken_GA wrote: »The fact that it's so rare for an exploit of this nature to hit a Mac goes to show it's got a fairly decent track record when it comes to security - folks can't wait for the chance to jump all over it. If this had been a windows flaw instead, folks would say 'what else is new?' Windows exploits are so common that it originated Patch Tuesday.Forsaken_GA wrote: »And Apple's track record is still better than Microsofts when it comes to patch times.Forsaken_GA wrote: »I mean really, you're going to criticize Apple for taking two months to patch when it took Oracle 5 months to do so? (Please note that the article author cannot do math - Oracle patched on Feb 14th, Apple on April 4th. That's a difference of 50 days. 50 / 7 = ~7.14. Quoth the article 'Apple released its own "security update" on Wednesday - more than eight weeks later.' Idiots.) I don't think ~2 months is unreasonable to push a patch that had a couple conditionals in order for it to take effect.
I will give Apple more credit for the mobile sector, despite some of the problems they've had. Considering how many more iPhones and iPads there are then Macs and how they are potentially an easier target, Apple has actually done a good job of securing the OS and the applications. Android's opening, by comparison, is a security issue. Apple vets App store apps reasonably well, considering how many there are. One might slip through here and there, but it's nothing compared to Android, which has no basically no quality control, by comparison. If Apple applied similar policies to Mac OS X, I think that could make it compare favorably to Windows. -
afcyung Member Posts: 212I imagine that the programers do their patches in priority from largest threat to least given things like how difficult would it be to exploit the vulnerability and what mitigation steps can be taken by the end user to prevent the exploit.