Apple's First Trojan Horse aimed at iTunes
PostPosted: Fri Apr 09, 2004 10:26 pm
[url]http://www.c
CAA: Christian Anime Alliance
The place for Christians who like anime.
http://navi.flactem.com/
Apple's First Trojan Horse aimed at iTunes
Page 1 of 1
PostPosted: Fri Apr 09, 2004 10:48 pm
i figure with the poularity of ipods and itunes more of the same is bound to occur. especilly since apple bost about their securtity
PostPosted: Sat Apr 10, 2004 12:07 am
The virus is so harmless no wonder they're handling it well (even though the code can be reworked to actually be malicious). It looks like the virus writer was showing what could be done. Here's an article from Symantec telling you what it actually does with a screen cap: http://securityresponse.symantec.com/avcenter/venc/data/mp3concept.html . But, yeah, pretty much anything popular on the net is going to get hacked one way or another.
PostPosted: Sat Apr 10, 2004 12:23 am
Blah. This is *not* a virus, and it's not even a particularly good Trojan horse (to do any real damage, it would require you to enter the admin password and couldn't do it on its own). The whole thing is a little scheme cooked up and propagated by Intego to try and make a quick buck on what turns out to be at most an interesting little hack. It can't propagate by itself, and even if it could, it has to be sent in a double-forked format like apple/double which most mailers don't support or natively understand, and in OS X, to do any real damage (as I said), it would require admin access which it can't achieve on its own.
Here's a URL to look at:
http://macnn.com/news/24167
Key point to take away from the article: "This trojan is almost pure social engineering, and not really an "exploit": it's one step away from merely creating a malicious Carbon application and giving it an mp3 icon, which is trivial, and merely naming it with a .mp3 extension" (which, by the way, is possible to do in Windows, too; giving it an .exe extension with an mp3 icon is fully possible, and since extensions are hidden by default in Windows, it wouldn't look any different either).
EDIT: Here's another good one I just found.
http://www.boingboing.net/2004/04/08/first_malware_for_os.html
This puts a bit more perspective on what's even possible with this technique, even if someone really did go out and construct something malevolent with it.
Here's a URL to look at:
http://macnn.com/news/24167
Key point to take away from the article: "This trojan is almost pure social engineering, and not really an "exploit": it's one step away from merely creating a malicious Carbon application and giving it an mp3 icon, which is trivial, and merely naming it with a .mp3 extension" (which, by the way, is possible to do in Windows, too; giving it an .exe extension with an mp3 icon is fully possible, and since extensions are hidden by default in Windows, it wouldn't look any different either).
EDIT: Here's another good one I just found.
http://www.boingboing.net/2004/04/08/first_malware_for_os.html
This puts a bit more perspective on what's even possible with this technique, even if someone really did go out and construct something malevolent with it.
PostPosted: Sat Apr 10, 2004 1:36 pm
So in the end??? was it
PostPosted: Sat Apr 10, 2004 9:34 pm
Well, you know what I'd say it is. 
I think this is worth posting -- this was from comp.sys.mac.advocacy, appearing here slightly edited for grammar, and is a reply to the usual drivel that Macs don't get viruses because no one bothers to write a virus for a smaller population of machines (the point being that there's something about the modern Mac running OS X -- and not their number -- that makes them more resistant).
I think this is worth posting -- this was from comp.sys.mac.advocacy, appearing here slightly edited for grammar, and is a reply to the usual drivel that Macs don't get viruses because no one bothers to write a virus for a smaller population of machines (the point being that there's something about the modern Mac running OS X -- and not their number -- that makes them more resistant).
comp.sys.mac.advocacy wrote:From: zurg <zurg@fakeaddress.com>
Newsgroups: comp.sys.mac.advocacy
Message-ID: <100420041533340581%zurg@fakeaddress.com>
User-Agent: Thoth/1.5.9 (Carbon/OS X)
Organization: Comcast Online
Date: Sat, 10 Apr 2004 22:33:35 GMT
In article <4077ada4$1_1@127.0.0.1>, Super Spinner <someone@noplace.com> wrote:
> So, since December 2003 I've installed six Mac OS X Security Updates vs five
> Windows XP Security/Critical Updates. It doesn't look like either OS has a
> security advantage over the other. If Macs were as popular as Windows, and
> therefore were as large a target of attacks, there's little evidence that
> Macs would be any less vulnerable than Windows. Macs are more "secure"
> because nobody targets them, pure and simple. Security via obscurity. ] Apache web server? The latter is in much bigger
market than the former and yet it's the *one with the smaller market*
that has more security issues and viruses. Why doesn't Apache outpace
IIS with security issues? Isn't it clear that MS produces incredibly
shoddy software? Why is this so difficult to accept?
Bear in mind also that most of the security issues typically corrected
by Apple involve the open source software that ships with Darwin. There
are countless Unix/Linux boxes out there along with OS X machines
running these things and that greatly [increases] the number of machines
available for being exploited. When an SSH vulnerability is found, all
those machines are open to attack, not just OS X. When you talk of OS X
security issues, you're talking about *nix security issues and that's a
much bigger platform, all combined, than Mac alone.
PostPosted: Sat Apr 10, 2004 9:54 pm
*Hugs his ma