Second Virus Attacks Mac OS X

http://www.redherring.com/Article.aspx?a=15777&hed=Second+Virus+Attacks+Mac+OS+X§or=Industries&subsector=SecurityAndDefense
Security researchers said Friday they have found a second virus that affects Apple computers running the Mac OS X operating system, further eroding the long-held belief that Mac machines are more impervious to attacks than Microsoft’s Windows-based personal computers.



Symantec said it has identified a new worm, “Inqtana,” that spreads through a vulnerability in the operating system. The worm has not affected any users thus far and is considered to be a “proof of concept” or a prototype that can be developed to launch more malicious versions.



“While this particular worm is not fully functional, the source code could be easily modified by a future attacker to do damage,” said Vincent Weafer, senior director at Symantec Security Response. “Macintosh users should be diligent about installing patches to their operating systems as this will prevent attacks of this type.”




‘Most people think the situation is going to get worse for Macintosh users.’

-Graham Cluley,

Sophos


Inqtana attempts to use Bluetooth connections to spread itself by searching for other Bluetooth-enabled devices that will accept requests when the computer is restarted, said security experts. If a Bluetooth connection is found, the worm attempts to send itself to those remote computers.

Yikes!

or IM - so far so good.

I get so sick of that pretentious attitude of Mac users. Happy little consumers that will argue for their favorite company.

Enjoy your viri. More will surely be coming.

"The worm has not affected any users thus far"

"But security experts believe that it may not be able to spread successfully, and damage from the worm could be extremely low."

Pretentious Mac user pretentiously arguing for my favorite company :hi:

No system is immune.

And Apple users have left themselves wide-open with their pants down.

So have Linux users. But at least Novell and a handful of other companies have put up defenses first... where's Apple? Masturbating with their ipods and finding new locations to cheaply dump the dead batteries in...

It was a completely different kind of attack on OSX that requires two levels of willing approval by the computer owner before the malware could do anything. In other words, you have to be an IDIOT to suffer any damage from it.

Is this latest report of a "virus" -- which has not infected or harmed even one Mac so far -- turns out to be valid, they you can do your stomp dance on the Mac.

Until then, you are stuck with your crappy MS system, and you will just have to live with the population of obsequious, but perfectly safe and content, Mac owners. Mac works. Over and over and over, problem free. MS? i have been there and done that. Mac rules. Totally.

by the operator. OS doesn't matter.

1)Stage One:
The system must be directly connected to some outside source.

2)Stage Two:
The operator must execute a process that activates the virus.

No difference between Mac or PC here.

to activate this bugger.

That's a big difference. Macs much more secure, much freer of problems. They work. All the time.

OK, let's see here, and compare differences between these two OS types and Windows XP. OK, so you have a BAD program that you downloaded on the internet, you don't know that, but what the hell, it could be a script (batch to Windows users) to delete the "/boot"("C:\Windows" for Windows users) directory on your system. Now, the default setup for Mac and *nix systems is a limited user account, and a root account, for Windows its a user account with "superuser privileges" and the an Admin account, only accessible by booting into safe mode. OK, so under the default Mac or *nix setup, you run this virus or whatever, doesn't really matter what the format of it is(binary, python or bash scripts, whatever), it will do either nothing or you get a password prompt. This is usually a BIG red flag, and to put in your password to run any unknown code is simply stupid. Now, what happens under Windows? That's easy, you run it, it destroys your system, you reformat and reinstall.

Never had any virus problems, always connected to the internet via broadband. If the operating system WAS to crash (as I have seen happen), I can repair, retrieve data, THEN reinstall. Haven't had luck with that on a Mac - generally had to reinstall if there was no boot.

And if the Mac OS is so safe, why has Apple released security patches due to this issue? Probably because "Maxxuss" was right. Good thing he made it public, or there could be BIG trouble for you guys.

"February 15, 2006

Apple has updated its OS X Tiger operating system, fixing numerous issues on both Intel and PowerPC based Macs.

The OS X Tiger 10.4.5 update comes after Russian hacker "Maxxuss" claimed that version 10.4.4 for Intel possessors had been cracked."

honk and wave at each other?

:)

LOL

My Macs have been virus and spyware free for 20 years.

If one actually happened to me after all that time, I'd still feel pretty damn good about the last two decades.

Windows users that stay with Windows after the millions of attacks over the years are suckers.

Worms or trojans included.

I know that isn't the norm, but that's why the M$ bashing amuses me. If you take the time to learn how to stay protected, Windows is just fine. And I still get to use my 3d modeling programs, and game development tools.

I have to admit that I never have. The only precaution I take is to not open attachments in unknown email. A stupid thing on any platform.

And yet there are never stories of mass problems in the Mac world. That may change, but in the meantime I'll keep my nose high in the air.

10 year user, six boxen on my network, zero infestations. I too have to laugh at the haters.

In 15 years, I have had TWO Macs. My hubby, who is a PC person, has had at least 6 PCs in that same time. Make that 7 - he just told me his puter is messed up yet again.

At school, we have Macs for the kids to use and the teachers all have PCs. Guess which ones are used more? And get more abuse? Guess which ones we have less trouble with?

It's not about the viruses.

recommending that we switch to Macintosh, and she got familiar with their products because she worked in education. However, my software engineer husband says, "No way."

In peace,

Radio_Lady

Mac viruses to date - 2
PC viruses to date, estimated - 1,000,000,000,000,000,000,000,000,000,000,000,000,000,000

still haven't been affected by it. i've been using my mac since switching from PCs a couple years ago and have never had a problem. It was the best computer-related move I ever made. Oh, and the plural of virus is viruses, not "viri."

meaning man. Vir (nominative singular) man, viri (nominative plural) men.

words? Why not join us in putting your $ where your heart is-in a progressive co.?

My friends there are already working on this vulnerability...

This is why OSX is the safest OS choice you can make.

Not invulnerable, just FAR MORE invulnerable than anything Microsoft is capable of producing.

and THEY have no vested interest, do they?

http://www.symantec.com/home_homeoffice/products/internet_security/nav10mac/index.html

their antivirus products.

that they sell almost no Mac Virus tools as a result of the lack of viruses...

But as this will be closed later this week, and as most macs do not have bluetooth, and as those that do seldom have it turned on, and as the hole is closing in days... I cannot see this going anywhere.

However, if you want to bet twenty-five US cents on it, I'm in.

Last June's security update (2005-06) fixes this vulnerability.

So if you are current with Mac OS X updates, then this is moot.

including one possible vulnerability, so I assumed that must be this.

Thanks for the update.

The first "virus" they found wasn't a virus at all--it was a program you had to run and actually enter your Admin password to enable.

And this "virus" isn't even fully functional? :wtf:

So that's all of two possible "threats" you would actually have to help do destruction, versus how many thousand that can infect Windoze just by opening the wrong email?

And this moron writes that Macs are no longer any more impervious than PCs to viruses. What a load of pro-Microsoft propaganda bull.

And if you need to enter the admin person, you're a real fool then. (not you personally, the ones who'll do so to run it because they're the same nitwits who'll click on links to solicited web sites containing a malignant payload... :dunce: )

Not a virus as easy as the Windows side, but you still had to fuck around in order to get it... :D

Hypnotoad, people have a vested interest in making the OSX platform look to be just as vulnerable as the Windows Nightmare, but it just isn't so. And I speak as somebody with considerable internals (device driver) experience in both platforms.

having also programmed assembly language extensively on both platforms.

What proved to be a tremendous asset to Microsoft early on--compatibility with generic machines--has come back to bite them in the ass.

Instead of starting Windows from scratch they built in software "overhead" to maintain compatibility with DOS. It's buggy, performance is mediocre, and it's far less secure.

This one reminds me of another one from awhile back.

It's a prototype, which may or may not ever go into the wild (like the earlier proof-of-concept one that didn't as far as I know).
See http://www.wired.com/news/mac/0,2125,63000,00.html about the old one, interestingly enough also spotlighted (promoted?) by an anti-virus company.

Apple Security Updates already closed the hole for some of the susceptible OS's awhile back.

You'd have to do quite a few things to actually have it affect you.

It's being brought up by someone (Symantec) who wants to sell something and something that has been particularly buggy on Macs in the past at that. See this http://www.theregister.co.uk/2005/05/10/symantec_mac_false_alarm/ or just search for variants of Mac, Norton, problem.

Still, it does make one remember to update security and to use caution and good judgment in opening files.

Edited for typos

This proof of concept worm only works if you have Bluetooth AND have NOT applied last June's security update (2005-006).

A new install that has not run software update, for example, or somebody who refuses to let software update update the OS.

All in all, you'd not be able to get this to spread under these conditions.

Total Bullshit.

Figured this was BS.

I'll take my chances with OS X.

--further eroding the long-held belief that Mac machines are more impervious to attacks than Micronut’s Windoze-based personal computers.--

I guess there's a good bonus being offered.

Savvy Mac users have always been aware of their vulnerability.

Here's a link to an article about Basic Mac OS X security. The article also provides links to more information.

http://www.macgeekery.com/tips/security/basic_mac_os_x_security

You know. The email that says you have been "infected" so please delete one file, and pass the email on to friends.

These so called virii need the willing help of the user, and still can't do the damage that a windows virus does.

read this article on leap-a and how hard these guys had to work to get any damage at all.

http://www.macworld.com/news/2006/02/17/leapafollow/index.php?lsrc=mwrss


Funny how this all started after OSX came out on Intel chips.

It's a lot of smoke to convince people to stay with windows.

Bill Gates needs to hire better hackers if he wants to damage Apple.

Is EVERYTHING a conspiracy with DUers?

For your sake, I'll assume you were kidding.

Guess not since I'm typing this on my elegant G4. First Microsoft drones were so superior but now it's "you're gonna get viruses like us too."

Yeah we're getting viruses, ... because Macs are getting so popular.

Even my techie friends are switching to the Mac Unix based platform. The Intel chip just clinches the deal for many. But who cares, you keep your brutish ugly MS and I'll keep my cool Mac OS. And being cool is always more important.


Made on a MAC.

Restart? What's that? Do people actually turn off their Macs? I remember doing that once to install a ram upgrade. And once to move my desk. Otherwise, this seems to be distinctively different than any Windows virus I've ever heard of. With Window's virii, you usually seem to need only two things to be vulnerable. 1) Your computer is ON, and 2) you're running Windows.

This Mac virus sounds like the others I've heard of...if the moon is in the seventh house and Steve Jobs is not wearing a turtleneck, and you start your computer while standing on your left foot and hit the ON button just as the onboard clock is in its 43,217th oscillation, then immediately respond to an e-mail from a Nigerian millionaire...well, you might be vulnerable.

Be careful out there fellow Mac users!

Do you ever restart?

I thought you were supposed to turn it off to give it a rest. Is that not true?

There are a couple of schools of thought, as with most things, but I think this advice is even more true with newer, more efficient computer designs. Many will tell you that it is more wearing on a computer's power supply to power-up and down. Others say nonsense, that's what it is designed to do.

Either way, the sleep mode is usually sufficient, if it works right. On my Mac, after a set amount of time the hard drive will spin down. After another set amount of time, if no activity is detected the whole thing goes into a deep sleep. It saves everything right where you left it and shuts down the display and the CPU, and essentially turns itself off. Click the mouse or keyboard, and it will spring to life in a couple of seconds, right where you left it, instead of having to spin up the hard drive, and wait for it to load the OS and desktop and everything.

I had a candy iMac 400DV for five years which I never turned off, except for the obvious transport/upgrade times. I got a new one in October, and it hasn't been turned off yet, either. It's not all that mechanical, so it really doesn't need a "rest."

Even in hibernate/sleep mode, still drawing power. Conservation is a great thing.

In sleep mode, the iMac draws about 12 watts; about 2.5 even when OFF!

I'd like to get both those figures to 0, to be sure. I don't know whether it is true that the extra juice it takes to power-up repeatedly mitigates the savings of shutting down vs. sleeping, but the amount I use this machine, I wouldn't be surprised. Not to mention the hours of extra time I'd spend over the course of a year waiting for a cold start-up vs. a wake-from-sleep. This is my work machine to, and I work it a LOT!

G5 iMac power consumption

:yoiks:

I shut down or restart my Mac about once per week, just to flush out anything that may need a kick in the head.

There's also in the back of my mind, the 1970s energy crisis. My siblings and I used to get yelled at if we left the lights on in a room that wasn't being used.

There must be some amount of electricity being consumed while your computer is in sleep mode.

Is it a laptop? Just curious.

12w while in sleep mode, and about 2.5w even when it is off!

and Steve Jobs is not wearing a turtleneck, etc"

:rofl:

Would that make this the Age of Aquarius (non)worm, trojanish prototype?

"When the moon is in the Seventh House
And Jupiter aligns with Mars
Then peace will guide the planets
And love will steer the stars

This is the dawning of the age of Aquarius
The age of Aquarius
Aquarius!
Aquarius!"

running system umm......9.1. That's like driving a Studebaker on I-5. But.....I bounce around the net, porn sites too, download and use Shareware and Freeware all the time (try THAT on a PC and find out what happens). Oh and I have no, zero, updates, patches or anti-virus anythings. And no problems either.

So all you Windows users, nyah, nyah.......nyah!!!

Are you kidding me?

Better yet, I'm just going to unplug it quickly and dump it in the trash before my calculator and garage door opener get infected!

Sorry, DU, you won't see me again. THE RADIO! The RADIO might get infected too! :bounce:









:D