PDA

View Full Version : Security: Mac Trojan


Faolan
2nd of June 2010 (Wed), 06:52
This is a bit more serious than usual as it's embedded in shareware apps.:

Spyware Trojan (http://arstechnica.com/apple/news/2010/06/spyware-trojan-hitching-ride-on-third-party-mac-screensavers.ars)

Unless you have a AV/AT protection you wouldn't know you've got it.

MaxxuM
2nd of June 2010 (Wed), 16:00
I'm curious how many people were infected by this little trojan. Surly not enough to put the risk level at "High". Intego is really hyping this up.

Faolan
2nd of June 2010 (Wed), 16:57
The problem with Mac's is that it's nearly impossible to tell infection rate. It's a classic chicken and the egg situation without Trojan/AV that most Mac owners say the don't need they just simply won't know unless they use a packet sniffer. Therefore we can only ever speculate and guess.

With Windows you have have some protection against this but even then it's not proof against a dumb click or two. The traditional 'dumb user' attacks are now being ported across to OS X that's been prevalent on PCs for years. Most PC users are now wary about installing apps. Can we say that about OS X users?

This trojan has been around since the beginning of the year but apparently attacks/payloads are on the increase from what I understand.

MaxxuM
2nd of June 2010 (Wed), 17:58
The sites themselves can give AV company's download numbers, users can be polled, AV software cure rates can be monitored and internet traffic can be studied to get a general idea of what the threat level should be placed at. These software packages are pretty obscure and it requires voluntary (root) access to a 'market research' tool.

Agreed... You're never going to be able to save the Darwin Award winners.

Staszek
2nd of June 2010 (Wed), 18:09
Interesting. Hopefully my only downloaded screensaver (Drop clock) is safe, though I didn't download it from the sites mentioned.