Sunday, November 04, 2007

New Apple Trojan Means Mac Hunting Season Is Open

New Apple Trojan Means Mac Hunting Season Is Open

It was only a matter of time. So there is now a trojan that is Mac unique. To sum up, it goes this way, a person with a Mac want to watch a video, a box pops up and informs the person they have to download a special codec to watch. When they do that, a trojan is installed on their computer and their secure machine is now compromised.

As you read the article you will note that experts in the field argue whether or not this is an exploitation of a hole or exploits human weakness. May I suggest it doesn't matter, because trojans, malware are where its at when it comes to security. For the most part the classic virus is a thing of the past. The good days when you open up a email, or stick in a infected floppy and infect your computer is probably a thing of the past. I will not say there are no virii, because as long as a person can download the Virus Laboratory and make your own, it will always be the case.

However it is the trojan that has the potential of turning a computer into a zombie machine that becomes a means of pumping out spam and other nastiness is where it is.

One comment:
Unlike many Windows-based attacks, the Trojan doesn't exploit a hole in Apple's software, and it can't install itself. Instead, it relies on social engineering, tricking users into downloading the codec, and requiring that they type in the administrator password to install it.

This is true but consider this, it's got to start sometime. Once the hackers realize there is a vulnerability they will become more aggressive.

Now there is someone who disagrees with all this:
But Carl Howe, an Apple analyst at Blackfriars Communications, disputes the security researchers' theories. He thinks that OS X's Unix heritage makes Apple systems less vulnerable to attack than Windows-based platforms. He argues that even if hacking Macs hasn't been profitable in the past, attackers would have done it anyway if they'd been able -- just for the attention.

"I think the market-share thing has always been a myth," Howe said. "It's a good story to talk about."

It's a good thought but may I make a suggestion to this, I believe Apple has been able to enjoy it's hacker past for many years. After all Jobs and Woz were hackers, they were phone phreaks and all that good stuff, so it may have been an aura that surrounded Apple. "They were one of us", the hackers may have thought. While it's doubtful many hackers have a romantic view of the past, it may have been simple market share plus the cost of hardware. After all, to hack Windows, you needed a Windows computer and they price for a very good Windows machine is probably 1/2 that of Apple. But Apple Computers are coming down in price and their market share is growing. So if more hackers get their hands on Apple machines, they will begin to look around and try and find exploits. Once they start, they won't stop.

There's another reason, Apple is arrogant and complacent. While people are lauding Leopard, others are noticing there are problems. Is it the case Apple has a lot of irons in the fire. If you consider there has been the iPhone, newer and better iPods, all of which is taking time from developing secure software. As well, Apple has turned against the good hacker community, with their recent firmware upgrade which turned many iPhones into very expensive paper weights, some one is going to get angry and then figure out how to get back.

Remember, when Safari was installed on Windows, hackers had a field day. They know they can exploit the software, it will only be a matter of time.

Apple fan, get used to having Norton installed on your machine.

No comments: