1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Secure Apple Macs Fall Prey To Linux DDoS Trojan

Discussion in 'News' started by qubit, Oct 28, 2011.

  1. qubit

    qubit Overclocked quantum bit

    Joined:
    Dec 6, 2007
    Messages:
    9,821 (4.08/day)
    Thanks Received:
    3,479
    For years Apple Mac users have felt smug that their computers didn’t need any security software installed, unlike their poor Windows counterparts which were always coming down with a cold. This they believed is because their beloved operating system is inherently more secure than leaky old Windows (which it used to be). This smug feeling has been especially strong over the last decade, since the release of Mac OS X in 2001, as it's based on Unix which has always had security baked into it. They therefore felt safe from the multitude of viruses, keyloggers, trojans and various other nasties that the bad guys like to infect operating systems with. However, there have been successful attacks in the past on every Apple Mac operating system since the first one in 1984, just nowhere near the number of attacks as on Windows. Of course, what Windows users, Linux users and other OS users have also been saying for years is that Apple's operating systems simply weren't popular enough to bother with and aren't particularly secure. After all, the hackers do this for fun and financial profit, so why aim for a little teeny tiny target, when you can aim for a big, fat one like Windows?

    Well, Apple's OS certainly has increased in popularity somewhat since the debacle that was Windows Vista and hence is now a larger attack target than before, attracting more attention from criminal hackers. This appears to be dispelling the myth that Mac OS X is "secure", what with the latest malware attack. This new kid on the block is a trojan called "Tsunami", which has now been discovered on infected Mac OS X systems. What makes this particular malware different is that it appears to be a port of all things, of a Linux DDoS trojan called Troj/Kaiten. This little beauty herds infected Apple computers into a botnet which DDoS's whatever victim website the criminal hackers choose to instruct it to, using an IRC channel. Lovely.

    Graham Cluley of Sophos, has taken this trojan apart and shown how it can be instructed to attack any website. He has reproduced the code snippet below:

    [​IMG]

    He then says:
    [​IMG]

    So, it sounds like this nasty requires a little bit of social engineering to get on the machine, like many do for Windows. However, that hardly sounds like a challenge does it, given the general lack of basic technical skills and security knowledge of ordinary computer users? The Apple ones perhaps even more so, as the platform is designed for "ease of use" and aimed specifically at people who are not tech savvy at all and want a computer "that just works". They'll have no idea why their beautiful Mac inexplicably runs slugglishly and unstably, with their ISP possibly disconnecting them for the garbage pumped out by their infected Mac.

    Some people reading this will make the rallying cry "Of course Sophos will say it's vulnerable, they have a product to sell!" and they have a point. However, this doesn't take away the fact that threats to the Mac platform are real, out there and growing. Even if a Mac user doesn't want to run security software they should still practice safe computing habits, which is just another way of saying to use their common sense.

    A short and interesting history of Apple malware can be found at this Sophos article.

    Source: Sophos
    Last edited: Oct 28, 2011
    mlee49, AphexDreamer, Mussels and 6 others say thanks.
  2. Moose

    Moose New Member

    Joined:
    Sep 1, 2007
    Messages:
    306 (0.12/day)
    Thanks Received:
    26
    Location:
    UK
    "It just works" is the biggest fail of a slogan that a company has had the stupidity to make. "You can't configure me" would be more better.
  3. timta2

    Joined:
    Jan 16, 2008
    Messages:
    809 (0.34/day)
    Thanks Received:
    111
    Location:
    Milwaukee, Wisconsin, USA
    The information is from Sophos, who relies on fear in order to sell their products. I've yet to see any Mac malware that in the the real word is a threat. You aren't going to trick me into typing in my system password to install your malware. Try again.

    In a final note, as an experienced Mac user, I find this "article" insulting. There are quite a few of us longtime Mac users that have more technical experience than 99% of the Windows PC users out there.
  4. pantherx12

    pantherx12 New Member

    Joined:
    Jan 2, 2009
    Messages:
    9,714 (4.82/day)
    Thanks Received:
    1,699
    Location:
    ENGLAND-LAND-LAND
    It's always just been a case of market share anyway, if macs had windows market share they'd have plenty of viruses.
    Red_Machine and jmcslob say thanks.
  5. xBruce88x

    xBruce88x

    Joined:
    Oct 29, 2009
    Messages:
    2,356 (1.37/day)
    Thanks Received:
    544
    Well... many, if not most, of us at TPU that use windows do not fall into that 99%, sorry.

    Though qubit could have worded it differently... say for example instead of... "For years Apple Mac users have felt smug that their computers..." He could put "For years many Apple Mac users have felt smug that their computers..."

    moose has a fair point.

    and pantherx12 as well, If Mac or Linux computers were as widespread as Windows PCs, then there'd probably be just as many hackers, etc, using those systems or attacking those systems.

    The more you have, the more likely someone will want some of it (or mess with it in some way)

    Regardless, thanks for the info qubit, Mac users should appreciate the heads up. Many Mac users may be used to software simply being safe to use on their OS, so seeing this may at least teach them to have some caution with 3rd party apps and such.
  6. Freedom4556

    Freedom4556

    Joined:
    Dec 22, 2009
    Messages:
    78 (0.05/day)
    Thanks Received:
    16
    Location:
    AR, USA
    I think you typified the smugness perfectly. :laugh:
  7. Damn_Smooth

    Damn_Smooth New Member

    Joined:
    May 16, 2011
    Messages:
    1,435 (1.25/day)
    Thanks Received:
    478
    Location:
    A frozen turdberg.
    The first rule about Apple having viruses, you don't talk about Apple having viruses.
    chris89, Red_Machine, 1c3d0g and 2 others say thanks.
  8. FordGT90Concept

    FordGT90Concept "I go fast!1!11!1!"

    Joined:
    Oct 13, 2008
    Messages:
    13,310 (6.35/day)
    Thanks Received:
    3,339
    Location:
    IA, USA
  9. Breit

    Breit

    Joined:
    Jun 4, 2004
    Messages:
    194 (0.05/day)
    Thanks Received:
    31
    if you think of yourself as one of the 'more (technically) skilled' mac users, than perhaps its just lame to compare yourself to the average user of the opposing team. just take the challenge and compete to the 'more (technically) skilled' windows users and see if thats gonna work out... :rolleyes:
    otherwise its just a stupid meaningless phrase.

    good fight, good night!
    Red_Machine says thanks.
  10. Inceptor

    Inceptor

    Joined:
    Sep 21, 2011
    Messages:
    497 (0.49/day)
    Thanks Received:
    119
    Yes, there ARE some Mac users who can make nearly every member of this forum look like technical idiots...but they're extremely rare.
    And there ARE Mac users who are much more technically literate and knowledgeable than the average 'just works' Mac user... but they're very uncommon and much smaller in number than PC 'enthusiasts'.
    And there ARE Windows PC users who are just as much technical morons as the average Mac users that are made fun of on forums like this... and they're just as common as the uninformed Mac users. Some of them even sign up for membership here and ask silly questions. Just as their Mac counterparts do on Mac forums.

    But I'll say this, as the owner of an old Gen 3, Revision 1 Macbook that has gone back to PC and Windows 7:
    OS X has its ease of use, dumbed down, pluses, but even with the extra features not normally loaded in a normal OS X install, it lacks the granularity of even Windows, not to mention Linux.
    If you're using OS X simply for ease of use and actually doing something productive with it, like coding, or content creation, good for you. But for anything else, really, It's better to use Windows or Linux on a desktop or workstation. Even if you run into the occasional snafu, it's a learning experience and will teach you something about your system and about the Windows OS, even old hoary DOS, that will stand you in good stead in the future. It's the 'what doesn't kill me, makes me stronger' learning mode. This is why Mac users are denigrated.

    Really, Macs being targeted for trojans and botnet roundups, it's kinda lame isn't it though?
    The cluelessness of the Mac user to actually click on something that installs the thing is what makes it worthwhile to even attempt.
    With Windows XP users, it's just a case of an insecure OS and hundreds of millions of OS installs, the probability of corralling a sufficient number of systems for a large botnet is much higher and much easier to do.
    That says quite a bit about the perceived and demonstrated knowledge of Mac users, no?
  11. xtremesv

    xtremesv

    Joined:
    Mar 11, 2010
    Messages:
    115 (0.07/day)
    Thanks Received:
    11
    I can notice the sarcastic tone on qubit's writing but he has a very plausible point.

    I can say that I know both Windows and Mac users and even the less tech savvy ask me to install an antivirus on their Windows PCs. On the other hand, most Mac users always reply they don't need antivirus software.
  12. 95Viper

    95Viper

    Joined:
    Oct 12, 2008
    Messages:
    4,284 (2.04/day)
    Thanks Received:
    1,531
    Location:
    στο άλφα έως ωμέγα
    Oh Wow! I can see where this thread is heading!

    [​IMG]

    Back on topic:

    Apples, Macs, OSX boxes, or whatever you call 'em, can and do get viruses, not that many out there, but Apple is always plugging vulnerabilities in that O/S, too.

    This is just my opinion and, yes, I have used Macs before... And, I, personally, was not impressed.
    Apple has the "Deny everything, also, don't mention it and it never happened" attitude.
    And, the fan(atic) base follows and drinks the Kool-aid. They will not accept anything, other than, they are the elite, with a Teflon operating system.

    It is funny though, even your precious Apple recommends you may want to run an anti-virus program:eek:, see Mac OS X 10.7 Help > Protect your computer from harmful applications

    Quote from the page:
    No O/S is 100% virus/trojan/worm/idiot proof, eventually, someone, somewhere, will try to ruin your happiness and try to make of dollar of the situation.

    Oh, by the way, I see what you did here Q.:rolleyes:
  13. CJCerny

    CJCerny

    Joined:
    Nov 25, 2008
    Messages:
    837 (0.41/day)
    Thanks Received:
    241
    Location:
    Akron, OH
    First Mac wasn't released until May of 1984.
    CyberDruid, Red_Machine and qubit say thanks.
  14. mediasorcerer New Member

    Joined:
    Sep 15, 2011
    Messages:
    979 (0.95/day)
    Thanks Received:
    225
    Location:
    coast ,melbourne
    macs have there uses,i once needed a new boat anchor for my....just kidding,so long as we have "choices" i dont see the problem,ive had a few macs before and mostly they are good machines,if not overpriced and non configurable like windows,but taking sides? your really buying into the left/right paradigm when thinking in that kinda framework,and thats exactly how the market caters too your idealised perceptions,by coercing or encouraging the consumer to "take sides",
    personally,i buy out of that,and just go with-whatever makes me happy,regardless of "brand".

    as for security flaws,macs have always had them,all computers do,even fones,i may get another mac laptop in the future,for my foto/video editing on the fly etc,i get the best of both then,whats wrong with that?
    thanx for article too.
    jmcslob says thanks.
  15. xBruce88x

    xBruce88x

    Joined:
    Oct 29, 2009
    Messages:
    2,356 (1.37/day)
    Thanks Received:
    544
    hmm... i have that 1984 mac os emulated on my deskop... its fun to play with from time to time
  16. qwerty_lesh

    qwerty_lesh

    Joined:
    Jul 26, 2007
    Messages:
    531 (0.21/day)
    Thanks Received:
    41
    Location:
    Melbourne, Australia
    I don't want to live on this planet anymore.
    Nick89 says thanks.
  17. bill_d New Member

    Joined:
    Mar 9, 2008
    Messages:
    35 (0.02/day)
    Thanks Received:
    0
    next up apple patents the firewall
  18. DonInKansas

    DonInKansas

    Joined:
    Jun 2, 2007
    Messages:
    5,096 (1.96/day)
    Thanks Received:
    1,265
    Location:
    Kansas
    Apple Macs? As opposed to PC Macs? Maybe Big Macs? :roll:
    jmcslob and exodusprime1337 say thanks.
  19. eidairaman1

    eidairaman1

    Joined:
    Jul 2, 2007
    Messages:
    11,937 (4.65/day)
    Thanks Received:
    1,334
    Never Liked Macs- too confusing to use, even more confusing to fix

    Last Apple Product I enjoyed was the IIE.
  20. jmcslob

    Joined:
    Mar 14, 2009
    Messages:
    2,882 (1.48/day)
    Thanks Received:
    447
    Location:
    Internet Heaven
    I for one would like to see a coalition of Hackers get together and do nothing but harass & infect MAC users....

    Just for the LuLzzz...
  21. DaedalusHelios

    DaedalusHelios

    Joined:
    Feb 21, 2008
    Messages:
    4,920 (2.11/day)
    Thanks Received:
    812
    Location:
    Greensboro, NC, USA
    Well to be honest, qubit is right. I have used macs since 1998 and the "Apple community" has changed quite a bit over the years. It went from arrogance to out right ignorance. There are exceptions to all harsh generalizations so timta2 might be an exception despite the wild claim to be possessing "more technical experience than 99% of the Windows PC users". Just how would you quantify your technical experience to be that level? :confused:
    Last edited: Oct 28, 2011
    timta2 says thanks.
  22. bothaus New Member

    Joined:
    Oct 28, 2011
    Messages:
    2 (0.00/day)
    Thanks Received:
    1
    In all fairness, Sophos Mac AV is completely free for home use. So the motivation is quite nil except for mindshare. Virus' can hit Mac's, they can hit anything that reads out code. But every Month I service 400+ Mac's, maybe more, for the last 10 years and I have never, ever seen a virus on a Mac unless I put it there. People always say they have one but in the end it is something completely different. But no-one should start a fight with their guard down. Mac users are like Apollo Creed in Rocky IV. Drago is around the corner.
    timta2 says thanks.
  23. entropy13

    entropy13

    Joined:
    Mar 2, 2009
    Messages:
    4,892 (2.50/day)
    Thanks Received:
    1,182
    Blasphemers! The Almighty Mac is infallible! The Holy Apple are invincible to such underhanded methods! Such baseless accusations of weakness from heathens does not serve them well, only causing them to solidify the fact that they are infidels! Those liars must burn! Death to the non-believers! Glory to Apple! Hail Steve Jobs! Hail, Apple Triumphant! Hail, Apple Magnificent!
    qubit says thanks.
  24. Swansen New Member

    Joined:
    Nov 18, 2007
    Messages:
    182 (0.07/day)
    Thanks Received:
    9
    yeah basically right, i think its more entertaining that everyone overlooks something this common.

    also, the mac OS is based more-so on BSD. of which, i remember a hack fest no so long ago, to which apples os came in last, over windows and linux.
  25. qubit

    qubit Overclocked quantum bit

    Joined:
    Dec 6, 2007
    Messages:
    9,821 (4.08/day)
    Thanks Received:
    3,479
    Yes, quite. I meant to say "Apple". Thanks for the correction. :toast: Now fixed.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page