funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Bin Laden death brings malware explosion

From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Tue, 03 May 2011 21:57:44 +1200
Jeffrey Walton wrote:


"With the biggest news in a decade dominating the Internet, it didn't
take long for rogue viruses, Trojans and other malware to mess with
[...]

http://technolog.msnbc.msn.com/_news/2011/05/02/6570503-bin-laden-death-brings-malware-explosion


What's funny about that?

It's totally predictable and expected...

What was a tad funnier on that site was this:

   http://technolog.msnbc.msn.com/_news/2011/05/02/6570126-malware-attack-specifically-targets-mac-users

and the presumably/supposedly/whetever "somehwat security expert" 
author of the piece above linking to it thus:

   So be extra careful on the Interwebs today, kids. Don't do what I
   did - click on a link that I thought was legitimate, only to be hit
   with a rogue installation of a Windows "Total Security Removal"
   Trojan that flashed fake security alerts and installed itself on my
   computer without my permission.

   I'm working to get if off the laptop right now, and writing this on
   another computer. It's a Mac, but from colleague Rosa Golijan's
   report today, I see that's not safe, either.

Web drive-by malware sites with Windows/Mac browser detection and 
serving different pages, or at least the same come-on page (usually of 
the "you need to install a new codec/Flash update to play this video" 
kind) but with (apparent) OS-appropriate malware was new, what four, 
maybe even five?, years ago.

Oh, and auto-installing malware on a Mac -- could be for real (there 
are certainly many older (particularly Safari) Mac browser vulns that 
could be used for that) but most likely this power user was running 
Safari and had the anti-security "autorun signed downloads" setting 
enabled (you know -- the setting that even Microsoft was never so 
stupid as to put in their browser...).

It's pleasing to see that tech sites assign their most security 
conscious and experienced reporters to cover our little corner of the 
world, isn't it...



Regards,

Nick FitzGerald



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: