[NPMUG] Mac malware adopts porn video disguise

[Dave Sevick]

Mac malware adopts porn video disguise

Earlier today, Pob in SophosLabs blogged about the discovery of two  
new pieces of malware for the Apple Mac OS X operating system.

Although there is only a tiny amount of Mac malware compared to  
Windows viruses, that's going to be little consolation if your  
gorgeous new MacBook gets infected. And sadly we know that many Mac  
users still believe they are somehow magically immune from attacks.

As we've demonstrated before, and as we'll no doubt explain again, the  
Mac malware threat is real. Hackers are deliberately planting  
malicious code on websites, and using social engineering tricks to  
fool you into installing it onto your computer.

In the following video, which demonstrates one of today's new pieces  
of Mac malware, a video promising you hardcore pornographic videos  
pops up a message demanding that you install an ActiveX component to  
view more. Of course, if you do agree to install the program (it is  
quite insistent) you actually end up installing a Trojan horse, which  
effectively hands your computer over to whatever takes the whim of a  
remote hacker.


Is it safe to surf for porn on an Apple Mac? from SophosLabs on Vimeo.  
(Also available on YouTube)

You see, I've got a theory that although many people are undoubtedly  
buying Apple computers because they're beautifully designed and well- 
marketed, there will also be some people who have dumped Windows  
because they are fed up with all of the spyware, pop-ups and virus  
attacks.

Indeed, some of the people who may well have suffered a lot from those  
kind of attacks in the past may be exactly the same kind of folk who  
visit the grubbier areas of the internet in the wee small hours of the  
morning. And they may feel that one of the side benefits of switching  
to a Mac is that they now don't have to worry about all of those nasty  
things while they're err.. watching nasty things.

But if they think they are immune from attacks they're making a  
mistake. We're seeing more attacks against Mac users all the time,  
with hackers planting bear-traps that work out if you're visiting  
their page on a Windows or Mac computer, and deliver the appropriate  
malicious payload accordingly.

Interestingly, the discover of two new examples of Mac malware on the  
same day has happened just after Apple has shown off some of the new  
features of Snow Leopard, the next version of its Mac OS X operating  
system in San Francisco.

And after the debacle of last year when Apple was seen to be  
recommending its users run anti-virus software, only to quickly  
withdraw the advice, Apple has devoted a page to the security features  
of Snow Leopard.

And what do we find on that page? The following advice:

The Mac is designed with built-in technologies that provide protection  
against malicious software and security threats right out of the box.  
However, since no system can be 100 percent immune from every threat,  
antivirus software may offer additional protection.

"May offer additional protection?". Hmm.. Seeing as the attack  
mentioned above is not taking advantage of any OS vulnerabilities and  
just exploiting human weakness, I think Apple would be wise to change  
that "may" to a "will definitely".
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://davesevick.com/pipermail/npmug/attachments/20090610/8674330f/attachment.htm