RE: mac trojan in-the-wild

看板Bugtraq作者時間18年前 (2007/11/03 03:23), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串5/9 (看更多)
Actually... The enticement of the user is the *easy* and *real* part. As = was explained in the SANS Diary, to play the movie they need a codec... = Shall I download? User clicks Yes, to install I need admin pw, please = enter... GAME OVER! So... I would predict a good chunk of uninfomed users to get hit by this = easily! Aras "Russ" Memisyazici IT Specialist II Virginia Tech Outreach Information Services -----Original Message----- From: "Matthew Leeds" <mleeds@theleeds.net> To: "bugtraq@securityfocus.com" <bugtraq@securityfocus.com> Sent: 11/1/07 5:29 PM Subject: Re: mac trojan in-the-wild Let's see now, user must: 1) Navigate to porn site 2) Download Trojan 3) Either open file or have set 'Open Safe Files...' 4) Must allow install by typing admin password Oh yeah, this will clearly hit Mac users hard, not. I don't see this as = a big deal, more as Darwin in action (if you will not mind the pun). How = this is a big deal is hard to see. Just a few more machines in the bot = net. Now a self-replicating virus, that might be an issue, but this is a dead = end. Not even a very effective drive by. ---------- ---Matthew *********** REPLY SEPARATOR *********** On 10/31/2007 at 6:21 PM Gadi Evron wrote: >For whoever didn't hear, there is a Macintosh trojan in-the-wild being=20 >dropped, infecting mac users. >Yes, it is being done by a regular online gang--itw--it is not yet = another=20 >proof of concept. The same gang infects Windows machines as well, just=20 >that now they also target macs. > >http://sunbeltblog.blogspot.com/2007/10/screenshot-of-new-mac-trojan.htm= l >http://sunbeltblog.blogspot.com/2007/10/mackanapes-can-now-can-feel-pain= -of.html > >This means one thing: Apple's day has finally come and Apple users are=20 >going to get hit hard. All those unpatched vulnerabilities from years = past=20 >are going to bite them in the behind. > >I can sum it up in one sentence: OS X is the new Windows 98. Investing = in >security ONLY as a last resort losses money, but everyone has to learn = it=20 >for themselves. > >Gadi Evron.
更多 arasm. 的文章
文章代碼(AID): #17AtaL00 (Bugtraq)
討論串 (同標題文章)
完整討論串 (本文為第 5 之 9 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共9篇)
更多 arasm. 的文章
文章代碼(AID): #17AtaL00 (Bugtraq)