Intego Discovers New Mac OS X Threat, Apple Rolls Back Security Software Recommendations
According to Intego, company best known for their VirusBarrier X5 Mac security solution, a new threat for the Mac OS X has been detected in the wild. The threat, which has been identified as an RSPlug Trojan variant, has the potential of infecting Mackies that attempt to watch videos online. In related news, after the internet came alight with the Apple security software recommendations, the Cupertino based company has resorted to taking them down from their support page.
The security threat that Intego has discovered is very similar to the other threats we’ve seen lately, such as the Lamezev.A Trojan, and the SX/Jahlav-A Trojan, mainly in the way the spread of this malware is carried out. If you surf the web in search of pornographic material (isn’t that what the internet is for?), you may run into a web page that pretends to host some incredibly arousing video footage, but before you can do so you need to download a codec or Active X object. Once you get to this point you have only two options: either download the malware onto your machine, or close the browser altogether (since you will not be able to get rid of that annoying notification otherwise).
Intego explains: “This new version, however, has some interesting differences with the previous versions. The samples Intego has seen, named FlashPlayer.v3.348.dmg and FlashPlayer.v..dmg, contain code that refers to Intego. The actual malware code is encoded (using a standard routine called uuencode), and when it is decoded, a line of code is present saying: “begin 666 Intego”. This tells the system to create a file with read and write permissions (the 666 is a shortcut for Unix permissions, not anything to do with the “number of the beast”), and to create a file, containing the malicious code, named “Intego”. Intego wants to point out that the company obviously has nothing to do with the creation of this malware, and that the choice of this file name is a provocation from the creator of this malware.”
In related news, the Mac OS X security software recommendations we reported upon a little while back, are no longer hosted by Apple. As it turns out those recommendations were posted online since last year, just that in a somewhat different form and on another web page. After the intense media attention, Apple has come out and said that its Mac OS X has built in security features meant to protect users from online threats, and is as safe as it always was. Even though the recommendations may not have been new, this does not change the fact that Apple itself advised Mackies to install and run security software solutions on their Mac OS X.
The point that Apple tried to make with those recommendations is this: it is a good idea to use some form of security software on your Mac, just that Apple will not openly back just one manufacturer or just one product. Using just one security solution would not be a sound idea simply because someone with malicious intent would have less of a hard job; using several security solutions on the same machine is also not a good idea as it may lead to system slowdowns and compatibility issues. The idea is that one Mac user should employ a certain security solution; another user should use another security solution, and so on – with diversity comes and added level of security, as opposed to everyone using the same product (or everyone not using anything at all).
According to Graham Cluley from Sophos, there are several facts that one must keep in mind when it comes to Mac OS security: Apple’s market share is on the up and up, making it an attractive target for malware spreaders; some of the Windows security threats one can encounter online have the potential to infect Macs as well; Mackies have not been taking the issue of security as seriously as Windows users, even though they can just as easily be tricked into downloading malware onto their machines; last but not least, the number of security threats that target the Mac OS are only expected to rise in the future (just as Apple sales and the number of people that start using Macs).
Tags: Apple, Mac OS X, Trojan, Malware
The security threat that Intego has discovered is very similar to the other threats we’ve seen lately, such as the Lamezev.A Trojan, and the SX/Jahlav-A Trojan, mainly in the way the spread of this malware is carried out. If you surf the web in search of pornographic material (isn’t that what the internet is for?), you may run into a web page that pretends to host some incredibly arousing video footage, but before you can do so you need to download a codec or Active X object. Once you get to this point you have only two options: either download the malware onto your machine, or close the browser altogether (since you will not be able to get rid of that annoying notification otherwise).
Advertising
Intego explains: “This new version, however, has some interesting differences with the previous versions. The samples Intego has seen, named FlashPlayer.v3.348.dmg and FlashPlayer.v..dmg, contain code that refers to Intego. The actual malware code is encoded (using a standard routine called uuencode), and when it is decoded, a line of code is present saying: “begin 666 Intego”. This tells the system to create a file with read and write permissions (the 666 is a shortcut for Unix permissions, not anything to do with the “number of the beast”), and to create a file, containing the malicious code, named “Intego”. Intego wants to point out that the company obviously has nothing to do with the creation of this malware, and that the choice of this file name is a provocation from the creator of this malware.”
In related news, the Mac OS X security software recommendations we reported upon a little while back, are no longer hosted by Apple. As it turns out those recommendations were posted online since last year, just that in a somewhat different form and on another web page. After the intense media attention, Apple has come out and said that its Mac OS X has built in security features meant to protect users from online threats, and is as safe as it always was. Even though the recommendations may not have been new, this does not change the fact that Apple itself advised Mackies to install and run security software solutions on their Mac OS X.
The point that Apple tried to make with those recommendations is this: it is a good idea to use some form of security software on your Mac, just that Apple will not openly back just one manufacturer or just one product. Using just one security solution would not be a sound idea simply because someone with malicious intent would have less of a hard job; using several security solutions on the same machine is also not a good idea as it may lead to system slowdowns and compatibility issues. The idea is that one Mac user should employ a certain security solution; another user should use another security solution, and so on – with diversity comes and added level of security, as opposed to everyone using the same product (or everyone not using anything at all).
According to Graham Cluley from Sophos, there are several facts that one must keep in mind when it comes to Mac OS security: Apple’s market share is on the up and up, making it an attractive target for malware spreaders; some of the Windows security threats one can encounter online have the potential to infect Macs as well; Mackies have not been taking the issue of security as seriously as Windows users, even though they can just as easily be tricked into downloading malware onto their machines; last but not least, the number of security threats that target the Mac OS are only expected to rise in the future (just as Apple sales and the number of people that start using Macs).
Tags: Apple, Mac OS X, Trojan, Malware
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 10 Feb 2012
With the release of Wolfram|Alpha Pro, the team behind the popular computational knowledge engine took a very big step forward
By George Norman on 10 Feb 2012
Microsoft has just announced that this February, as part of the Patch Tuesday program, it will roll out a grand total of 9 security bulletins to all customers all over the world.Related News
By George Norman on 01 Feb 2012
Earlier this week software developer Piriform made a very exciting announcement – exciting for all the Mac users out there who 
By George Norman on 19 Sep 2011
This June Skype announced that it integrated Facebook in the Beta version of its Windows client. Skype 5.5 for Windows Beta, said Skype at the time, allows users to view Facebook friends in the contacts
By George Norman on 28 Oct 2011
Nullsoft, the developer behind the Winamp media player and the SHOUTcast MP3 streaming media server, announced earlier this week that the functionality Winamp has to offer is available for one more platform
By George Norman on 21 Sep 2011
It would seem that changing someone’s password is not a very difficult thing of that someone is on Mac OS X 10.7 Lion, the eight major release of the Mac OS X operating system. Patrick Dunstan, author of the Defence in Depth blog, uncovered thatAdvertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Intego Discovers New Mac OS X Threat, Apple Rolls Back Security Software Recommendations
HTML Linking Code
HTML Linking Code