Hackers debut adware that only affects Mac OS X 10

zekrahminator · Nov 25, 2006, 03:28 PM

F-Security labs has discovered how to install adware on Macintosh OS X 10. The adware (called iAdware) loads itself with each program as a system library. The adware only needs copy permissions to install, so it does not need administrator privileges to be installed. Compared to some adware for the PC, iAdware is relatively harmless. The proof-of-concept bug launches a web browser window when any program is launched. F-Secure says that a prompt to install system library files would effectively stop iAdware from installing.

Source: F-Secure

Dippyskoodlez · Nov 25, 2006, 03:33 PM

Problem is, it has to be installed.

And how is that going to be done?

Steevo · Nov 25, 2006, 04:06 PM

By the same means that idiots install "free" stuff on a PC. A better idiot has been built again.

Dippyskoodlez · Nov 25, 2006, 04:28 PM

Quote:

Originally Posted by Steevo

By the same means that idiots install "free" stuff on a PC. A better idiot has been built again.

problem is, installing stuff on OS X involves copying it to your aplication folder, and executing it manually, or running an install program that copys it over for you...

In other words, if the user has to manually execute the exploit, its not an exploit in my book. Just an end user security issue caused by idiots.

yeah, if I open a command window from windows and delete my windows folder, does that mean its a security risk too?

(then again, thats why we don't give users a command prompt ability in a networked enviroment... too bad it has to manually disabled too.)

Steevo · Nov 25, 2006, 04:35 PM

Trust me, it will happen.

Dippyskoodlez · Nov 25, 2006, 04:51 PM

Quote:

Originally Posted by Steevo

Trust me, it will happen.

Thats like saying trust me, windows will fail too.

Its impossible to protect against the idiot user...

Which is why i have a job.

Thing is, its much more difficult in OS X to do something that is trivial in windows, with an exploit like this.

You cannot just "add" it to startup, as that prompts for the user password... eliminating that way of executing the file..

so unless the user authorizes its addition, AND manually executes it, it cant be exploited by any known means...

But if the user authorizes it and manually executes it................Its not different than anything else..

jocksteeluk · Nov 25, 2006, 05:29 PM

CONGRATS SPYWARE MAKERS, you pieces of s**t

newtekie1 · Nov 25, 2006, 05:31 PM

It just has to be copied, which can easily be done using a script file embedded with a "safe" program. The same way the large majority of spyware/adware is installed on PCs. As Apple gets more users, they will get more idiot users, the biggest security flaw affecting Windows.

lemonadesoda · Nov 26, 2006, 02:44 AM

Agreed. As soon as Apple users get bored of their pre-installed software, start using download sites or P2P and keygens to install (pirate) software, they open thenselves up to this.

I had to laugh at iAdWare, just like I will laught at iVirus, and iDiots.

Dippyskoodlez · Nov 26, 2006, 09:39 AM

Quote:

Originally Posted by lemonadesoda

Agreed. As soon as Apple users get bored of their pre-installed software, start using download sites or P2P and keygens to install (pirate) software, they open thenselves up to this.

I had to laugh at iAdWare, just like I will laught at iVirus, and iDiots.

Thing is, aside from limewire.... most mac users don't "want" to find oddball software...... just music..

Muhad · Nov 26, 2006, 01:16 PM

Adware, viruses and anything else secretly put onto a persons computer needs to be taken more seriously. These clowns that do this need to be sent to prison.

b1lk1 · Nov 26, 2006, 01:21 PM

LOL! Poor Apple users. Looks like your perfect OS is getting the attention it doesn't deserve. Funny how flaws can be found so easily in this perfect OS when people try. Sure this one isn't a major one, but once they start, it will be hacked up like Winblows in no time. HAHAHAHAHAHA!!!!!!!!!!

Dippyskoodlez · Nov 26, 2006, 04:09 PM

Quote:

Originally Posted by b1lk1

LOL! Poor Apple users. Looks like your perfect OS is getting the attention it doesn't deserve. Funny how flaws can be found so easily in this perfect OS when people try. Sure this one isn't a major one, but once they start, it will be hacked up like Winblows in no time. HAHAHAHAHAHA!!!!!!!!!!

Now if only these flaws didnt involve a large portion of user idiocy to be exploited, unlike windows.......

Again, reading the post helps you fully understand what it is... Its a THEORETICAL flaw, that has yet to actually be exploited. Chances are it will get a patch before anyone has the chance to find a flaw that allows direct exploitation.

The chances of a zero day impacting os x, or windows is still significantly larger on the windows side, so I really don't see your point.

Makaveli · Nov 26, 2006, 04:24 PM

His point is OS X is finally getting the attention from the spyware monkies. its only a matter of time before it gets worse. And he laughs, cause of all the stupid mac zealots who think there OS is untouchable. As the Mac install base gets bigger, more people will start to expliot it.

zekrahminator · Nov 26, 2006, 04:26 PM

Quote:

Originally Posted by Makaveli

His point is OS X is finally getting the attention from the spyware monkies.

One problem- It's a security firm who found a potential exploit, not a zombie nerd who is actually exploiting it

.

Dippyskoodlez · Nov 26, 2006, 04:55 PM

Quote:

Originally Posted by zekrahminator

One problem- It's a security firm who found a potential exploit, not a zombie nerd who is actually exploiting it

.

Exactly. Its like the police breaking into your house when you're not home, through a secret passage way...

Not exactly helpful to someone wanting to do harm

Alcpone · Nov 26, 2006, 07:15 PM

Quote:

Originally Posted by zekrahminator

One problem- It's a security firm who found a potential exploit, not a zombie nerd who is actually exploiting it

.

Fair play F-Secure, thats why I use there software, also I got it for free for 48months through my bank!

Nov 25, 2006, 03:28 PM	#1
zekrahminator McLovin Join Date: Jan 2006 Location: My house. Posts: 6,280 (2.36/day) Thanks: 105 Thanked 340 Times in 246 Posts System Specs	Hackers debut adware that only affects Mac OS X 10 F-Security labs has discovered how to install adware on Macintosh OS X 10. The adware (called iAdware) loads itself with each program as a system library. The adware only needs copy permissions to install, so it does not need administrator privileges to be installed. Compared to some adware for the PC, iAdware is relatively harmless. The proof-of-concept bug launches a web browser window when any program is launched. F-Secure says that a prompt to install system library files would effectively stop iAdware from installing. Source: F-Secure Last edited by W1zzard; Nov 25, 2006 at 07:15 PM.

Processor:	AMD Athlon 64 X2 4800+ Brisbane @ 2.8GHz (224x12.5, 1.425V)
Motherboard:	Gigabyte sumthin-or-another, it's got an nForce 430
Cooling:	Dual 120mm case fans front/rear, Arctic Cooling Freezer 64 Pro, Zalman VF-900 on GPU
Memory:	2GB G.Skill DDR2 800
Video Card:	Sapphire X850XT @ 580/600
Hard Disk:	WD 160 GB SATA hard drive.
Optical Drive:	Lite-On DVD-RW.
CRT/LCD Model:	Hanns G 19" widescreen, 5ms response time, 1440x900
Case:	Thermaltake Soprano (black with side window).
Sound Card:	Soundblaster Live! 24 bit (paired with X-530 speakers).
PSU:	ThermalTake 430W TR2
Software:	XP Home SP2, can't wait for Vista SP1.

Nov 25, 2006, 03:33 PM	#2
Dippyskoodlez Join Date: Jul 2005 Location: Ohio Posts: 4,349 (1.51/day) Thanks: 16 Thanked 237 Times in 194 Posts System Specs	Problem is, it has to be installed. And how is that going to be done? __________________ CPU-Z validation sig pics temporarily blocked

Processor:	Intel i5 2500k@ 5ghz
Motherboard:	Gigabyte UD3P
Cooling:	Water
Memory:	2x XMS3 4Gb, 2x Gskill 2Gb
Video Card:	2x Xfx Radeon 5850 1Gb
Hard Disk:	120gb Mushkin Chronos, 2x 2tb+3x1Tb
Optical Drive:	DVDRW
CRT/LCD Model:	24" Dell 1920x1080, 24" Acer
Case:	NZXT Stretch 810
PSU:	NZXT HALE90 850W
Software:	Windows 7 x64
Benchmarks:	2900Mhz 2500+ Barton mobile air cooled. 5Ghz 2500k Water cooled.

Nov 25, 2006, 04:06 PM	#3
Steevo Eligible for custom title Join Date: Nov 2005 Posts: 5,567 (2.02/day) Thanks: 238 Thanked 979 Times in 729 Posts System Specs	By the same means that idiots install "free" stuff on a PC. A better idiot has been built again. __________________ “it would have been perfect....its got trains and the line"tech your kids not to do what iv done"(or similar) because i had obviously done something to warrent 2 e-thugs to come 4000miles out of their way and kill me.” -Solaris17 “yeah i failed. i noticed the "coming soon" part after i posted.” -Mussels “people are just stupid.” -W1zzard Yes I am evil, yes you can have some.

System Name:	MoFo
Processor:	AMD PhenomII 1100T @ 3.7Ghz/4.1Ghz Turbo
Motherboard:	Asus M3A32-MVP Deluxe 2202 BIOS
Cooling:	Swiftec 655 pump, Apogee GT, MCW60-R GPU, MCR360mm Rad, 1/2 loop.
Memory:	G-Skill 1200Mhz 5.5.5.15 2T
Video Card:	HD5870 1Gb HIS custom BIOS watercooled & VRM-R4
Hard Disk:	2 Agility 3 SSD RAID 0 on highpoint 640, 2 3TB RAID 0, 1 2TB and one failing 750Gb
Optical Drive:	Lite-On DL DVD
CRT/LCD Model:	Asus 1920X1200 60Hz 25.5" LCD, 46" 1080P Toshiba LCD
Case:	Rosewill R6A34-BK modded (thanks to MKmods)
Sound Card:	On Board
PSU:	750W PC Power & Cooling modded (thanks to MKmods)
Software:	Vista X64 Ultimate/Win 7 Ultimate
Benchmarks:	780 MBps read on HDD's 1052 core on 5870.

Nov 25, 2006, 04:35 PM	#5
Steevo Eligible for custom title Join Date: Nov 2005 Posts: 5,567 (2.02/day) Thanks: 238 Thanked 979 Times in 729 Posts System Specs	Trust me, it will happen. __________________ “it would have been perfect....its got trains and the line"tech your kids not to do what iv done"(or similar) because i had obviously done something to warrent 2 e-thugs to come 4000miles out of their way and kill me.” -Solaris17 “yeah i failed. i noticed the "coming soon" part after i posted.” -Mussels “people are just stupid.” -W1zzard Yes I am evil, yes you can have some.

Nov 25, 2006, 05:29 PM	#7
jocksteeluk Join Date: Jan 2006 Location: The 13th room on the 13th floor of the 13th building. Posts: 1,427 (0.53/day) Thanks: 22 Thanked 48 Times in 39 Posts System Specs	CONGRATS SPYWARE MAKERS, you pieces of st __________________ XXXI III MCMLXXXII**

Processor:	custom dupont risk chip cpu prototype
Motherboard:	custom ibm x5 solid state carbon mainboard
Cooling:	industrial technologies prototype dupont custom heat transfer unit
Memory:	6x 2gig prototype ecc hnc ddr4
Video Card:	prototype low energy version nvidia 9 series unnumberd card
Hard Disk:	1tb solid state hdd
Optical Drive:	prototype hybrid Lg hd-dvd 30x + Blu-ray30x drive
CRT/LCD Model:	44 inch samsung plasma screen tv/monitor
Case:	custom ibm mobile home server case
Sound Card:	custom Yamaha sound processing processor in spm format
PSU:	1200watt deli cord custom made dupont type psu
Software:	sun unix/windows type v

Nov 25, 2006, 05:31 PM	#8
newtekie1 Semi-Retired Folder Join Date: Nov 2005 Location: Indiana Posts: 17,735 (6.49/day) Thanks: 780 Thanked 5,110 Times in 3,702 Posts System Specs	It just has to be copied, which can easily be done using a script file embedded with a "safe" program. The same way the large majority of spyware/adware is installed on PCs. As Apple gets more users, they will get more idiot users, the biggest security flaw affecting Windows. __________________ Rig1: System Specs. Rig2: A8-5600K@4.4GHz / AsRock FM2A75 Pro4 / 8GB Corsair DDR3-1600 9-9-9-24 / HD7560D / Samsung DVD-Burner / 1.5TB WD Green + 3x3TB WD RED in RAID5 Rig3: Athlon X2 4200+ / M4A79 Deluxe / 4GB G.Skill Pi DDR2-800 4-4-4-12 / GT430 / Sony DVD-Burner / 500GB WD Rig4: Phenom II x6 1605T @ 3.6GHz / Asus M5A99X Evo / 8GB PNY DDR3-1600 9-9-9 / GTX470 & GTX470 / Samsung DVD-Burner / 1.5TB Seagate

Processor:	Intel Core i7 875K@4.0GHz(200x20)
Motherboard:	eVGA P55 FTW 200
Cooling:	Thermalright Ultra-120 Extreme w/ Corsair SP120 High Performance Edition
Memory:	8GB Corsair DDR3-1600 7-7-7-20
Video Card:	ASUS GTX 670 4GB DirectCU II @ 1015/3600
Hard Disk:	1TB Seagate 7200.12(OS), 3x 1.5TB Seagate 7200.11 in RAID 5
Optical Drive:	Lite-On Blu-Ray Combo Drive IHES108
CRT/LCD Model:	HP 25" 2509m 1080p LCD
Case:	Lian-Li Lancool Metal Boned K7 w/ Windowed Side Panel
Sound Card:	Onboard is good enough for me
PSU:	Corsair HX850
Software:	Windows 7 x64 Professional

Nov 26, 2006, 02:44 AM	#9
lemonadesoda Eligible for custom title Join Date: Aug 2006 Posts: 5,337 (2.18/day) Thanks: 749 Thanked 960 Times in 710 Posts System Specs	Agreed. As soon as Apple users get bored of their pre-installed software, start using download sites or P2P and keygens to install (pirate) software, they open thenselves up to this. I had to laugh at iAdWare, just like I will laught at iVirus, and iDiots.

System Name:	ICE-QUAD // ICE-CRUNCH
Processor:	Q6600 // 2x Xeon 5472
Memory:	2GB DDR // 8GB FB-DIMM
Video Card:	HD3850-AGP // FireGL 3400
CRT/LCD Model:	2 x Samsung 204Ts = 3200x1200
Sound Card:	Audigy 2
Software:	Windows Server 2003 R2 as a Workstation

Nov 26, 2006, 01:16 PM	#11
Muhad Join Date: Nov 2006 Posts: 261 (0.11/day) Thanks: 4 Thanked 19 Times in 17 Posts System Specs	Adware, viruses and anything else secretly put onto a persons computer needs to be taken more seriously. These clowns that do this need to be sent to prison.

System Name:	Junkamatic
Processor:	i7 965 @ 4
Motherboard:	Asus Rampage II Extreme
Cooling:	Thermaltake 1366 RT w/2k fan
Memory:	Corsair 1866 CL7 6GB
Video Card:	Evga GTX480
Hard Disk:	2 Intel X25-M 160 SSD's, 4 Seagate Satas
Optical Drive:	Plextor 716AL
CRT/LCD Model:	LG W2753VC & Asus VW266H
Case:	Lian-Li A77B
Sound Card:	SupremeFX X-Fi riser card
PSU:	Corsair HX1000w
Software:	Vinders 7 Pro x64

Nov 26, 2006, 01:21 PM	#12
b1lk1 Join Date: May 2005 Location: Ontario, Canada Posts: 640 (0.22/day) Thanks: 4 Thanked 17 Times in 14 Posts System Specs	LOL! Poor Apple users. Looks like your perfect OS is getting the attention it doesn't deserve. Funny how flaws can be found so easily in this perfect OS when people try. Sure this one isn't a major one, but once they start, it will be hacked up like Winblows in no time. HAHAHAHAHAHA!!!!!!!!!!

System Name:	Money pit
Processor:	Q2Q Q8300
Motherboard:	ASUS P5E3 deluxe WIFI AP@N
Cooling:	120.2/Swiftech655/Apogee GT/DD Fillport & res
Memory:	OCZ PC3-1333MHZ 2X1GB/Kingston HYPERX PC3-1325MHz
Video Card:	Sapphire HD4830
Hard Disk:	Seagate 7200.11 1TB
Optical Drive:	ASUS DVD Burner
CRT/LCD Model:	Dell 2209WA
Case:	some crap 5 year old generic modded case
Sound Card:	X-FI fagtality
PSU:	PC P&C 510W
Software:	Vista Premium 64

Nov 26, 2006, 04:24 PM	#14
Makaveli Join Date: Feb 2006 Location: Toronto, Ontario Posts: 419 (0.16/day) Thanks: 51 Thanked 47 Times in 31 Posts System Specs	His point is OS X is finally getting the attention from the spyware monkies. its only a matter of time before it gets worse. And he laughs, cause of all the stupid mac zealots who think there OS is untouchable. As the Mac install base gets bigger, more people will start to expliot it.

System Name:	i7 Rig
Processor:	970 @ 4Ghz @ 1.24vcore
Motherboard:	Asus P6T Deluxe V2
Cooling:	Thermalright TRUE Black Rev.C + Scythe S-Flex 120mm 1600RPM x2 Push/Pull
Memory:	Muskin XP12800 12GB DDR3 1600 7-8-7-20 1T
Video Card:	Ati Radeon 6950 2GB + AC Accelero Twin Turbo Pro
Hard Disk:	Intel 160GB G2 SSD / WD640GB Blue 16mb / WD 1TB Black 32mb / ESATA WD 2TB 64mb Green
Optical Drive:	LG GH22NS50
CRT/LCD Model:	HP ZR24w
Case:	Cooler Master 690 II Advanced
Sound Card:	Creative X-Fi + Logitech Z-560 THX 400Watts
PSU:	Corsair Pro Series Gold AX750
Software:	Windows 7 64bit
Benchmarks:	Hyperthreading on. -= CPU Idle 40c Load 75c \| GPU Idle 36c Load 60c =-

System Name:	AMD '13
Processor:	FX-6300 @ 4.43GHz (1.35v)
Motherboard:	Gigabyte GA-970A-DS3 rev 1.0 (F6)
Cooling:	Cooler Master T2 + x2 case fans
Memory:	2x4Gb Crucial Ballistix Sport DDR3-1600 (Stock)
Video Card:	Gigabyte GTX650 Ti OC 2Gb @ 1110/1500
Hard Disk:	Corsair 240Gb SSD / Seagate 500Gb HDD + old skool IDE HDD's x 3
Optical Drive:	LG DVD-RW
CRT/LCD Model:	Acer 23'' LED
Case:	Billy Basic
Sound Card:	Onboard 8.1 HD
PSU:	Corsair CX600
Software:	Windows 7 Ultimate x64
Benchmarks:	Smenchmarks

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)