Mac Attack Targets Porn Surfers
 |
 |
|
ENEMY AT THE GATE: Reports surfaced earlier this week of a malicious new Trojan Horse-like piece of software that has the potential to let cyber thieves take control of infected Mac computers. |
|
Be warned: Apple's comeback in the world of personal computing brings with it a heightened level of security risks for its customers, not unlike those Microsoft Windows devotees have faced for years. Reports surfaced earlier this week of a malicious new Trojan horse–like piece of software found on several pornography Web sites that has the potential to let cyber thieves take control of infected Mac computers so they can steal personal information.
Trojans are known for their ability to appear to be legitimate and necessary pieces of software that turn malicious once installed. Although the new Mac Trojan is easy to avoid because it is mostly limited to porn sites (and who visits those?), computer security experts say this piece of malware has the hallmark of being written by professional cyber criminals and is likely to be a sign of more bad things to come for Apple fans.
"This one comes from a professional source that's testing the water—maybe to see how Mac users react and how difficult it is to get Mac-specific malware out into the world," says David Harley, a computer security consultant based in England. "From the analyses that I've seen, it's got the fingerprints of the Zotob malware that's been around for awhile." Zotob, a type of computer infection called a worm, was written by a pair of programmers who were arrested shortly after its release in 2005. Zotob spawned a number of variant worms that continue to infect Windows PCs by spreading malicious code from computer to computer and installing backdoor programs that give cyber attackers access to personal information. These worms also allow attackers to remotely control the infected computers, which means they can use them as a launching pad for spam e-mail without the knowledge of the computers' owners.
 |
|
|
DON'T DO IT!: Web surfers visiting a Web site infected with the Trojan will be greeted with a deceptive message stating that a special video codec is required to view free pornographic videos. |
|
The Mac Trojan uses "simple social engineering, which works time and time again on Windows users, and I see no reason why it won't work with Mac users as well," Harley says.
The most dangerous security threat to computer users is one that takes advantage of software flaws before Apple, Microsoft or any other software company is aware these defects exist. Although Microsoft Windows users have been dealing with such so-called zero-day threats for years, Apple Mac users have generally been spared by cyber attackers because there are simply more Windows users to target.
This new Trojan, however, affects Mac computers running OS X versions 10.4 (Tiger) and 10.5 (Leopard), according to reports from about a dozen information technology security research firms, including Austin, Tex.–based Intego, which first discovered the problem. Of course, such companies also sell software used to combat computer security threats and have been routinely criticized by Apple, Microsoft and other companies for pointing out security flaws (legitimate as they may be) in order to sell more of their security products. Apple did not respond to a request to be interviewed for this story.
The good news is that Web surfers can prevent infection simply by not downloading the fake codec software, or by avoiding porn sites altogether—whichever is easier.
| 10 | 2024/11 | 12 |
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
| 1 | 2 | |||||
| 3 | 4 | 5 | 6 | 7 | 8 | 9 |
| 10 | 11 | 12 | 13 | 14 | 15 | 16 |
| 17 | 18 | 19 | 20 | 21 | 22 | 23 |
| 24 | 25 | 26 | 27 | 28 | 29 | 30 |
◆Chat
◆Micro TV