Overclock.net › Forums › Industry News › Software News › [El Reg] New password-snatching Mac Trojan spreading in the wild
New Posts  All Forums:Forum Nav:

[El Reg] New password-snatching Mac Trojan spreading in the wild

post #1 of 122
Thread Starter 
Quote:
Originally Posted by The Register .co .uk 
Security watchers warned on Friday that a new variant of a Mac-specific password-snatching Trojan horse is spreading in the wild.


Flashback-G initially attempts to install itself via one of two Java vulnerabilities. Failing that, the malicious applet displays a self-signed certificate (claiming to be from Apple) in the hope users just install the malware.


Once snugly in place, the malware attempts to capture the login credentials users enter on bank websites, PayPal, and many others.


To read the full article, click here.
Main Rig.
(14 items)
 
Battlefield 2 review.
Battlefield 2 PC Game EA
 
CPUMotherboardGraphicsRAM
Bulldozer FX4100 Gigabyte GA-M68MT-S2 MSI 7770 Kingston Hyper X | 2 x 2 GB 
Hard DriveOptical DriveCoolingOS
WD 2 TB  LiteON DVD/CD R-W Drive AMD Standard cooler Windows 7 Ultimate 
MonitorKeyboardPowerCase
32' Luxor Full HD TV Microsoft comfort curce Antec 450 Watt OcUK Value case 
MouseAudio
Microsoft wireless mouse Logitech speakers & Bass 
  hide details  
Reply
Main Rig.
(14 items)
 
Battlefield 2 review.
Battlefield 2 PC Game EA
 
CPUMotherboardGraphicsRAM
Bulldozer FX4100 Gigabyte GA-M68MT-S2 MSI 7770 Kingston Hyper X | 2 x 2 GB 
Hard DriveOptical DriveCoolingOS
WD 2 TB  LiteON DVD/CD R-W Drive AMD Standard cooler Windows 7 Ultimate 
MonitorKeyboardPowerCase
32' Luxor Full HD TV Microsoft comfort curce Antec 450 Watt OcUK Value case 
MouseAudio
Microsoft wireless mouse Logitech speakers & Bass 
  hide details  
Reply
post #2 of 122
but... but... the guy at the apple store told me that macs don't get viruses
post #3 of 122
looks like I will be working on a few MACs soon...oh well....goes straight to my Ivy/Kepler fund biggrin.gif
Ov3RK11L
(15 items)
 
Project Toaster
(15 items)
 
 
CPUMotherboardGraphicsRAM
i5-661 4.2Ghz 24/7 Gigabyte H55N-USB3 Sapphire HD7950 950mhz OC Gskill Ripjaws DDR3 1333 4GB 
Hard DriveOptical DriveCoolingOS
Corsair F60 SSD + WD 500GB black LG burner Antech Kuhler 620 w/ NoiseBlocker fan Win 7 Ult. 64bit 
MonitorKeyboardPowerCase
Asus 24" LED LCD 1920X1080 Logitech G510 600W 80+ Lian Li PC-Q08B 
MouseMouse PadAudio
R.A.T 7  Frys?? lol onboard..ohh yahhhhhhh  
  hide details  
Reply
Ov3RK11L
(15 items)
 
Project Toaster
(15 items)
 
 
CPUMotherboardGraphicsRAM
i5-661 4.2Ghz 24/7 Gigabyte H55N-USB3 Sapphire HD7950 950mhz OC Gskill Ripjaws DDR3 1333 4GB 
Hard DriveOptical DriveCoolingOS
Corsair F60 SSD + WD 500GB black LG burner Antech Kuhler 620 w/ NoiseBlocker fan Win 7 Ult. 64bit 
MonitorKeyboardPowerCase
Asus 24" LED LCD 1920X1080 Logitech G510 600W 80+ Lian Li PC-Q08B 
MouseMouse PadAudio
R.A.T 7  Frys?? lol onboard..ohh yahhhhhhh  
  hide details  
Reply
post #4 of 122
Quote:
Originally Posted by ComradeNF View Post

but... but... the guy at the apple store told me that macs don't get viruses

They don't. There is ZERO Viruses for OSX in the past 12 years, even with over 50 Million users now. So much for that "marketshare" argument.

This Trojan, only works on outdated Java 10.6 systems that haven't run a system update in awhile. Lion, 10.7, isn't vulnerable as it obviously has the updates already installed. Oh gee, another Java exploit...

Oh, and the built in Anti-malware on Lion, which automatically updates every day, has already blocked this file.
Edited by PoopaScoopa - 2/25/12 at 4:35pm
post #5 of 122
I don't remember viruses on the pc being this thorough. At most you'd get infected with a key Logger and that's it
Karthe-TransAM
(15 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500k Costa Rica @ Stock for now P8P67 PRO 3.0 Inno3d GTX 660 (Nvidia Reference design) 4x2GB G-Skill Ripjaws X @ 1600Mhz CAS7 
Hard DriveHard DriveHard DriveOS
WD5000AAKX (OS) WD5000AAKS Barracuda 1TB 7200.12 Windows 7 Ultimate 
MonitorKeyboardPowerCase
Dell U2312HM Ducky DK1008 Cherry Blue Corsair AX650 NZXT Phantom White 
MouseMouse Pad
X-710BH QCK 
  hide details  
Reply
Karthe-TransAM
(15 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500k Costa Rica @ Stock for now P8P67 PRO 3.0 Inno3d GTX 660 (Nvidia Reference design) 4x2GB G-Skill Ripjaws X @ 1600Mhz CAS7 
Hard DriveHard DriveHard DriveOS
WD5000AAKX (OS) WD5000AAKS Barracuda 1TB 7200.12 Windows 7 Ultimate 
MonitorKeyboardPowerCase
Dell U2312HM Ducky DK1008 Cherry Blue Corsair AX650 NZXT Phantom White 
MouseMouse Pad
X-710BH QCK 
  hide details  
Reply
post #6 of 122
Sounds like another case of a company that sells anti-virus software spreading FUD to sell its products to me.
post #7 of 122
I've yet to run into one yet on my MacBook, which is now on 3 years, or know anyone who has a Mac pick up any of the Trojans that's appeared over the past few years. Even a person I know, who is known to pick up every single kind of Windows virus/trojan/worm on those machines never had one on her iMac.

UNIX is a solid framework for OS X and the way Apple has installations work on it, you must enter your password in order for it to install. Where as in Windows, mainly XP, anything can install even without your knowledge or permission. UAC in Vista and W7 has helped lower the "bad stuff" from installing on your system without your authorization.
post #8 of 122
Quote:
Originally Posted by ComradeNF View Post

but... but... the guy at the apple store told me that macs don't get viruses

And yet, this still isn't a virus. I'm not sure if you're trying to troll the thread because it relates to Apple or what. OS X has as of yet still not seen an actual virus. Trojans? Malicious Scripts? Vulnerabilities? Yes. But not an actual virus.
post #9 of 122
Quote:
Originally Posted by Lareson View Post

I've yet to run into one yet on my MacBook, which is now on 3 years, or know anyone who has a Mac pick up any of the Trojans that's appeared over the past few years. Even a person I know, who is known to pick up every single kind of Windows virus/trojan/worm on those machines never had one on her iMac.
UNIX is a solid framework for OS X and the way Apple has installations work on it, you must enter your password in order for it to install. Where as in Windows, mainly XP, anything can install even without your knowledge or permission. UAC in Vista and W7 has helped lower the "bad stuff" from installing on your system without your authorization.

Actually, UAC has been bypassed by malware for a long time now. All it does, is annoy the user. Make sure you have some kind of Anti-Virus running. MSE is pretty good.
post #10 of 122
So it runs on a Java exploit.

People do realise theres plenty more Java exploits for Windows....right?
Again, quite simply its down to common sense.

Most people who have Macs don't have Anti-Virus due to the "Macs dont get Viruses" theory rolleyes.gif, and this virus will affect those users. However, think about it this way, if a Windows box didn't have Anti-Virus, just think how much crap you'd find on the system
    
CPUMotherboardGraphicsRAM
i7 Haswell @ 2.6Ghz Yes GT 750M 16GB Corsair 
Hard DriveHard DriveOSMonitor
512GB SSD 1TB Buffalo Drivestation OSX Mavericks 15" 2880 x 1800 IPS 
MouseOther
Magic Mouse Mobee Magic Charger 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7 Haswell @ 2.6Ghz Yes GT 750M 16GB Corsair 
Hard DriveHard DriveOSMonitor
512GB SSD 1TB Buffalo Drivestation OSX Mavericks 15" 2880 x 1800 IPS 
MouseOther
Magic Mouse Mobee Magic Charger 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [El Reg] New password-snatching Mac Trojan spreading in the wild