New Trojan (Windows and OS X)

Just be aware that a new Java Trojan is in the wilds, it's pretty nasty.

Boonana

This affects both Windows and OS X, disabling Java in your browser might be the best option. It totally bypasses the protection built into either OS. This is based off Koobface hence why it can target both systems. You may think that people don't click on these linsk but many do as the rate of infections show from past experience and most Apple users think they are secure.

Currently it's pretending to be mostly video codecs but there is also the likelihood of it pretending to a gallery viewer/software or an image uploader. Expect other social engineering terminology to be used.

This bounces off recent research from Microsoft that Java Malware is now on the increase.

Intego says it apparently doesn't work properly on OS X, so the threat is low: http://blog.intego.com …acebook-twitter-and-more/. Both websites are unclear about whether it bypasses the password requirement to run an installer in OS X.

It installs a rootkit, which by definition require superuser (root) privilege, which means you still need to enter a password in OS X...unless you're a moron and use root as your main account. What it bypasses is the password requirement to modify system files.

IOTW, it's nothing special on OS X. Trojans and DNS changers have been around for ages.

You'd think the same with PC users would not click things but a surprising amount of people did and still do, and the laid back attitude of Apple users thinking their OS is secure will make this all the more dangerous. Of course Mac users are all clever and au fait with security. Right? This trojan will evolve and the evil thing about it is that unlike many you won't know you're infected as most Mac users don't use any anti-malware software.

It's also a Java exploit which means there is a escalation bug that will grant Superuser abilities, so if it's using that then it's even more worrying. Especially as Apple maintains the Java installation on OS X.

Faolan wrote in post #11180290
You'd think the same with PC users would not click things but a surprising amount of people did and still do, and the laid back attitude of Apple users thinking their OS is secure will make this all the more dangerous.

Yeah, it's not smart to click "ok" when something you inadvertently download asks for permission to install a applet on your computer.

Yeah, your true feelings are now (as always) apparent - your distain of Apple and anyone who uses their products.

That's because at this point there's no need to have resource-hogging anti-malware on OS X computers. Just don't download illegally-obtained software and don't allow anything to install itself if its from a link you click on. Pretty simple.

Ho-hum....

Faolan wrote in post #11180290
...and the laid back attitude of Apple users thinking their OS is secure will make this all the more dangerous.

More dangerous than what? Apparently there isn't any real danger unless you're an airhead who ignores warnings like...

Tony-S wrote in post #11181347
Yeah, your true feelings are now (as always) apparent - your distain of Apple and anyone who uses their products.

Disdain not really, the Apple hardware is OK. Not the dogs proverbials but it's relatively solid kit. It's the actual Holier Than Thou Attitude many Mac users exhibit let alone the fact that the legion of Macolytes that shout down people when things go wrong for Apple, things like failing Time Capsules (user error), Antennae issues (you're holding it wrong), Security Issues (they don't exist). Let alone the Walled Garden mentality that's becoming so predominant and is likely to be part and parcel of OS X Lion.

I teach on primarily Windows, but I do teach on OS X. The simple fact of it most of the PCs I teach on run rings around the IMacs, maybe not the Pro's but that's another kettle o' fish. If I had a choice I'd be running Linux, but alas Adobe won't share their goodies with the Linux crowd.

This was simply an announcement of what could potentially be problem for users, and the many Mac owners. How many of you would click OK to a Java Gallery from Facebook, or even another trusted site? Or wait, what if a friend sends you a page saying 'hey look at my holiday snaps'? This is social engineering at work, they find reasons for people to click links.

You'd think Koobface would actually die a death after the last outbreak on the Windows side of things, but no. So I don't hold out much hope for OS X users, which to be blunt are less security aware than their Windows counterparts due to the the false mythos of OS X being 'secure'.

The last count I saw over 400,000 OS X computers on a BotNet, how many of those are running security software? How many of those users are even aware they are contributing to piracy, Spam and DoS attacks.

Plus the old adage of an AV slowing a system down is dated, most modern multi-core systems with plentiful RAM won't notice the overheads. Oh wait, Apple doesn't like to use the cutting edge hardware and gives out old kit and brand it as 'new' except in the Pro series but even then the choices are so underwhelming. So I can understand why you don't want to run a AV.

You're right that too many Mac users think they're immune, since they don't understand the distinction between a virus or worm (self-replicating, no permission necessary) and a trojan (permission is necessary). There are still no self-installing viruses for OS X, but there are plenty of trojans (which can potentially install whatever they want).

This trojan is more special because it overrides the password protection to modify system files, but it still requires installation permissions..or at least I don't see how it would bypass that, but I'm not about to try it for myself . I don't think it is a threat to anyone who is already conscious of what they install on their computer, just a bigger security issue for those who don't.

I find these posts to be a little disingenuous; especially when those most likely to benefit are the ones handing out this information. I'd trust Mac specific warnings from Mac Antivirus sites as much as I would trust Goodyear or Firestone saying there where x amount of accidents and only their tires could have prevented them.

I also find it funny that Mac malware gets this kind of attention. If someone were to post every newish Windows threat on this forum there would be room for little else

The lesson here is, don't give permission for anything to run that you do not personally download from a reputable site & don't log in with a super user account (use a restricted account).

A tidbit for those who might not know

If a Windows application launches with a pop-up that demands the user enter OK (most likely a hijacked web browser) to proceed the best strategy in Windows is to use CTL-ALT-DEL to bring up the application manager and terminate the application in question.