Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Adware/Spyware on Mac/OS X

From: "Gargac. Jeff" <jgargac () MARYVILLE EDU>
Date: Mon, 4 May 2009 12:54:59 -0500
There have also been cases of malware being bundled with torrents of
Apple software.  I have not personally seen an infected Mac, but I have
heard personal stories of Macs with pop up ads from being infected.  

Sophos currently provides a client for OS X as part of their Endpoint
Security and Control product.  Thanks,

Jeff

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Joel Rosenblatt
Sent: Monday, May 04, 2009 12:49 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Adware/Spyware on Mac/OS X

We rarely, if every actually see the compromised systems - we track
behaviors, and I know that from help desk reports, people have claimed
that "it can't be my 
machine sending out that spam ... I'm using a Mac (also, the MAC address
belongs to Apple.)" I know we have captured infected Macs, but as to
what they were 
infected with, I leave that to places with a better staff to machine
ratio :-)

Joel

--On Monday, May 04, 2009 1:38 PM -0400 Gene Spafford
<spaf () cerias purdue edu> wrote:


But what software is involved?  Are those machines also running

Windows in a VMware type environment?   I have been monitoring various
news outlets and

samples, and have yet to see a real threat running in the wild.

(Leaving out the attack that is included in pirated software that leads
to the botnet.)



On May 4, 2009, at 1:19 PM, Joel Rosenblatt wrote:


Only if you believe everything you see on TV :-)

We are seeing Mac's sending spam, scanning, etc.  ... all of the
things that you see in a good Windows box.

My 2 cents.

Joel Rosenblatt

Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel


--On Monday, May 04, 2009 1:03 PM -0400 Caroline Couture

<caroline () POBOX UPENN EDU

wrote:



Hi!

I thought that the general thinking was to have anti-virus on the
Mac to prevent it from being a transmission vector for things like
macro viruses, I can see
tripwire helping with compromises of Darwin.
Is that no longer the thinking?

Caroline

Caroline Couture
College House Computing
3702 Spruce Street
Philadelphia, PA 19104

You must never confuse faith that you will prevail in the end --
which you can never afford to lose -- with the discipline to
confront the most brutal facts
of your current reality, whatever they might be. -- Vice Admiral
James Bond Stockdale





Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel







Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel
Previous By Date Next
Previous By Thread Next

Current thread: