Full Disclosure mailing list archives
Re: mac trojan in-the-wild
From: Paul Schmehl <pauls () utdallas edu>
Date: Thu, 01 Nov 2007 16:10:49 -0500
--On Thursday, November 01, 2007 13:27:07 -0600 Steven Block <scblock () ev-15 com> wrote:
You're an idiot. Save this as a script and run it, it will give you unlimited power: # !/bin/sh sudo rm -rf / Enter your password if you are prompted. Oh look, malware.
If you don't think this is an issue, you're not very aware of what's going on these days. The vast majority of present successful attacks on Windows are not exploiting vulnerabilities in Windows but taking advantage of the gullibility of users. There is no reason to believe that Mac users will be any less gullible than Windows users and plenty of reason to believe they will be less aware of the potential pitfalls of social engineering, because, until now, they haven't been targeted. This attack is real and will be successful to the degree that Mac users fall for the fake codec scam. This same scam has worked quite well on Windows users and patch level, etc. is irrelevant. The only chance a gullible person has is *if* they are running anti-virus software and *if* that software detects this malware and *if* they pay attention to the warnings and do not install the "codec". How many people who own/use Macs even have anti-virus software installed, much less up to date? Yes, *you* might not fall for it. Plenty of people have and will continue to do so, just as they fall for 419 scams and all the other crap the bad guys inundate them with. Judging by the reactions of Mac (and some security) "experts", this attack should be wildly successful. -- Paul Schmehl (pauls () utdallas edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- mac trojan in-the-wild Gadi Evron (Nov 01)
- Re: mac trojan in-the-wild nnp (Nov 01)
- Re: mac trojan in-the-wild reepex (Nov 01)
- Re: mac trojan in-the-wild Steven Block (Nov 01)
- Re: mac trojan in-the-wild Nick FitzGerald (Nov 01)
- Re: mac trojan in-the-wild reepex (Nov 01)
- Re: mac trojan in-the-wild Paul Schmehl (Nov 01)
- Re: mac trojan in-the-wild reepex (Nov 01)
- Re: mac trojan in-the-wild Nick FitzGerald (Nov 01)
- Re: mac trojan in-the-wild Nick FitzGerald (Nov 01)
- Re: mac trojan in-the-wild nnp (Nov 01)
- Re: mac trojan in-the-wild Paul Schmehl (Nov 01)
- Re: mac trojan in-the-wild Alex Eckelberry (Nov 01)
- Re: mac trojan in-the-wild nnp (Nov 01)
- Re: mac trojan in-the-wild Dude VanWinkle (Nov 01)
- Re: mac trojan in-the-wild nnp (Nov 01)
- Re: mac trojan in-the-wild Dude VanWinkle (Nov 02)