Go Back   Android Forums > Android Community > The Lounge > Politics and Current Affairs
Politics and Current Affairs All things political.

Find everything you need for the Galaxy S5 and discuss it in our S5 forum!
Have you seen that OnePlus One's awesome camera?? The forum is over here!

test: Reply
 
LinkBack Thread Tools
Old April 5th, 2012, 09:02 PM   #1 (permalink)
Reformed PH
Thread Author (OP)
 
Steven58's Avatar
 
Join Date: Feb 2010
Location: New Jersey, USA
Gender: Male
Posts: 32,312
 
Device(s): AOKP JB
Carrier: Verizon

Thanks: 8,578
Thanked 26,462 Times in 6,833 Posts
Default iTrojan? Oh Snap!!!

Flashback Trojan Hits 550,000 Macs | News & Opinion | PCMag.com


Analysis of a recent Java flaw exploited by the Flashback Trojan reveals that more than 550,000 Macs were affected in the U.S. and abroad, according to anti-virus vendor Doctor Web.
"This once again refutes claims by some experts that there are no cyber-threats to Mac OS X," Doctor Web said in a Tuesday blog post.
About 56.6 percent of the infected computers, or 303,449, are located in the U.S., while 19.8 percent are in Canada, 12.8 percent are in the U.K., and 6.1 percent are in Australia, Doctor Web said. For more, see the map below.
As PCMag's Security Watch noted yesterday, Mac users did not have to download or even interact with the malware to become infected. Websites exploited a Java flaw that let Flashback.K download itself onto Macs without warning. It then asked users to supply an administrative password, but even without that password, the malware was already installed.
"The exploit saves an executable file onto the hard drive of the infected Mac machine. The file is used to download malicious payload from a remote server and to launch it," Doctor Web said.
Doctor Web posted a list of some of the websites containing the malicious code, including ustream.rr.nu, bestustreamtv.rr.nu, ironmanvideo.rr.nu, godofwar3.rr.nu, and more. But in all, "links to more than four million compromised web-pages could be found on a Google SERP at the end of March," the firm said.
Some of those who posted to the Apple forums also reported being infected after visiting dlink.com.
The attacks started in February via two particular exploits before switching to another one in March. Apple didn't patch the problem until April 3, however. Doctor Web recommended that all users install the update to prevent infections.
Oracle fixed the same security flaw for Java for Windows, Linux, and Unix in February, Security Watch said.
As Sophos noted in a Wednesday blog post, this is the second widespread malware attack infecting Apple's OS X in the last year. The first one popped up in the first half of 2011, but after a Russian cybercriminal Pavel Vrublevsky was arrested, the "problem appeared to be solved," wrote Sophos analyst Chester Wisniewski.
With this latest threat, Wisniewski said Sophos "received a reasonable amount of criticism (as we do every time we discuss Mac threats) about over-hyping the risk and trying to scare people into installing our *free* protection." But, he continued, the "number of attack reports from our customers increased dramatically in the last few days."
Wisniewski also suggested that users install the Apple update, but insisted that "Mac users can no longer rely on simply updating their computers. Preventative protection is an essential defense mechanism to detect and thwart future attacks."

__________________
==============================


My old signature went here ^^
Steven58 is offline  
Reply With Quote
The Following 2 Users Say Thank You to Steven58 For This Useful Post:
9to5cynic (April 5th, 2012), ocnbrze (April 6th, 2012)
sponsored links
Old April 5th, 2012, 10:46 PM   #2 (permalink)
Senior Member
 
9to5cynic's Avatar
 
Join Date: Feb 2011
Location: /home/
Posts: 4,858
 
Device(s): Galaxy S3 (Verizon) Evo 4G - retired/rooted
Carrier: Verizon

Thanks: 3,066
Thanked 1,762 Times in 1,189 Posts
Send a message via AIM to 9to5cynic
Default

Quote:
It then asked users to supply an administrative password, but even without that password, the malware was already installed.
How would you guys take that? Without supplying the password, that malware is just taking up space right? Can it interact with the system if no root password is supplied?

[~~~~~~~~~~~]

I recently heard that an OSX version of Zeus was made, so it seems to me that the 'virus-free*' nature of OSX is about to go to the wayside.

Interesting to say the least.
9to5cynic is offline  
Reply With Quote
Old April 6th, 2012, 02:43 AM   #3 (permalink)
你好
 
mikedt's Avatar
 
Join Date: Sep 2010
Location: Xilinhot, China 中国锡林浩特
Posts: 8,740
 
Device(s): Samsung Galaxy Win Duos, Lenovo P700i
Carrier: China Mobile, China Unicom.

Thanks: 2,971
Thanked 2,511 Times in 1,804 Posts
Send a message via Skype™ to mikedt
Default

Quote:
Originally Posted by 9to5cynic View Post
How would you guys take that? Without supplying the password, that malware is just taking up space right? Can it interact with the system if no root password is supplied?
I believe malware can run on a Mac without the admin/root password, it's just running with user privileges rather than admin/root privileges. Probably can still do damage, like trashing all the user's documents.

I'm sure these days Windows is much more secure, and probably harder to infect. MS is regularly patching and extensively documenting (Knowledge Base) any problems. Not like the early days of XP.

Maybe Macs are a soft target? Apple seems to wait for months before releasing patches for OS X, e.g. Java vulnerabilities, and even then they're rather vague about what the problem actually is.
__________________
The People's Guide to Android in the People's Republic.
Honorary Grand Poobah Shenzhen University English Corner.
http://welcometomychina.tumblr.com/
There are nine million bicycles in Beijing.
There are nine million Androids in Shenzhen.
mikedt is online now  
Last edited by mikedt; April 6th, 2012 at 02:55 AM.
Reply With Quote
The Following User Says Thank You to mikedt For This Useful Post:
9to5cynic (April 6th, 2012)
Old April 6th, 2012, 09:58 AM   #4 (permalink)
Senior Member
 
A.Nonymous's Avatar
 
Join Date: Jun 2010
Posts: 7,061
 
Device(s): Motorola Razr M, Galaxy Tab 10.1 I/O edition
Carrier: Not Provided

Thanks: 66
Thanked 970 Times in 704 Posts
Default

The thing that strikes me about this is how Apple took two months to patch the exploit. That is way, way, way too long.
A.Nonymous is offline  
Reply With Quote
Old April 6th, 2012, 10:36 PM   #5 (permalink)
Senior Member
 
9to5cynic's Avatar
 
Join Date: Feb 2011
Location: /home/
Posts: 4,858
 
Device(s): Galaxy S3 (Verizon) Evo 4G - retired/rooted
Carrier: Verizon

Thanks: 3,066
Thanked 1,762 Times in 1,189 Posts
Send a message via AIM to 9to5cynic
Default

^ agreed. Especially when their site claims (or at least did so in the past) that any security issues are addressed immediately - because they *really* care.

9to5cynic is offline  
Reply With Quote
Old April 6th, 2012, 11:21 PM   #6 (permalink)
Mr. Logic Pants
 
IOWA's Avatar
 
Join Date: Dec 2009
Location: Chicago
Posts: 8,828
 
Device(s): GS5 GS4 TF101 GS3
Carrier: Sprint

Thanks: 1,897
Thanked 2,343 Times in 1,209 Posts
Ask and ye shall receive!
Default

People are also forgetting about social engineering, which is how most Windows malware gets Admin rights. The malware itself doesn't 'hack' or 'break' into Admin/Root status, the user gives it to the malware willingly.
__________________
Useful links: The Rules | The Team | FAQ | Unanswered Threads |
IOWA is offline  
Reply With Quote
Old April 7th, 2012, 07:23 PM   #7 (permalink)
Senior Member
 
A.Nonymous's Avatar
 
Join Date: Jun 2010
Posts: 7,061
 
Device(s): Motorola Razr M, Galaxy Tab 10.1 I/O edition
Carrier: Not Provided

Thanks: 66
Thanked 970 Times in 704 Posts
Default

Quote:
Originally Posted by IOWA View Post
People are also forgetting about social engineering, which is how most Windows malware gets Admin rights. The malware itself doesn't 'hack' or 'break' into Admin/Root status, the user gives it to the malware willingly.
It does run under user priviliges though and works under those privileges. I still think it's ridiculous that they waited two months to fix it. Microsoft would be roasted on every forum in the world if they had a known security exploit out there and waited two months to fix it.
A.Nonymous is offline  
Reply With Quote
The Following 2 Users Say Thank You to A.Nonymous For This Useful Post:
9to5cynic (April 7th, 2012), IOWA (April 7th, 2012)
Old April 8th, 2012, 04:25 PM   #8 (permalink)
Under paid Sasquatch!
 
SamuraiBigEd's Avatar
 
Join Date: Nov 2009
Location: San Antonio, Texas
Posts: 4,098
 
Device(s): HTC One Max, waiting for root! Asus Transformer 16GB
Carrier: Not Provided

Thanks: 3,061
Thanked 1,988 Times in 1,047 Posts
Default

Maybe more Mac owners will finally fess up that Apple products aren't immune...yeah...right...

We all know the real issue is the big evil company, not the users...whatever product you are using!
__________________
Have you seen me in a kilt?
Site Rules/Guidelines
Use the !Report button to report spam or objectionable posts.
If you find a post helpful please use the button!
SamuraiBigEd is offline  
Last edited by SamuraiBigEd; April 9th, 2012 at 07:19 PM.
Reply With Quote
The Following User Says Thank You to SamuraiBigEd For This Useful Post:
B2L (April 9th, 2012)
Old April 9th, 2012, 08:29 AM   #9 (permalink)
B2L
Senior Member
 
B2L's Avatar
 
Join Date: Jan 2011
Location: Salt Lake City, UT
Posts: 1,835
 
Device(s): Galaxy S4, Galaxy Note
Carrier: Sprint

Thanks: 1,243
Thanked 662 Times in 440 Posts
Default

Wait, I can has trojan too? Anyone who thinks they're inevitable to malware shouldn't be on any computer.
B2L is offline  
Reply With Quote
Old April 10th, 2012, 09:29 PM   #10 (permalink)
Senior Member
 
9to5cynic's Avatar
 
Join Date: Feb 2011
Location: /home/
Posts: 4,858
 
Device(s): Galaxy S3 (Verizon) Evo 4G - retired/rooted
Carrier: Verizon

Thanks: 3,066
Thanked 1,762 Times in 1,189 Posts
Send a message via AIM to 9to5cynic
Default

Okay, so here's a bit more info that I was reading about.

FlashBack:
>600,000 infected (~2% of all Macs)
>The infected hosts are now members of a botnet ( yay!...?)
>The trojan also injects lines into applications such as Skype for additional phishing purposes (everyone loves phishing right?)
> It was spread via a JavaScript payload that would start up a Java applet to install the trojan on the hosts.
>There is a tool to check if you are infected (written by a Garmin [GPS] employee)

9to5cynic is offline  
Reply With Quote
sponsored links
Old April 13th, 2012, 01:39 PM   #11 (permalink)
Senior Member
 
Join Date: Jul 2010
Posts: 1,568
 
Device(s):
Carrier: Not Provided

Thanks: 261
Thanked 127 Times in 111 Posts
Default

Go Italy. Android vulnerability debugged

"A group of Italian researchers have discovered and neutralized a serious vulnerability present in all versions of Android, the popular operating system developed by Google specifically for smartphones and tablet computers."
OutofDate1980 is offline  
Reply With Quote
Reply


Go Back   Android Forums > Android Community > The Lounge > Politics and Current Affairs
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -5. The time now is 04:11 AM.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.