Maggie's Farm

We are a commune of inquiring, skeptical, politically centrist, capitalist, anglophile, traditionalist New England Yankee humans, humanoids, and animals with many interests beyond and above politics. Each of us has had a high-school education (or GED), but all had ADD so didn't pay attention very well, especially the dogs. Each one of us does "try my best to be just like I am," and none of us enjoys working for others, including for Maggie, from whom we receive neither a nickel nor a dime. Freedom from nags, cranks, government, do-gooders, control-freaks and idiots is all that we ask for.

Our Recent Essays Behind the Front Page

Much Sorry with Delays
Birth, Death and All That Stuff in Between
How to Honor Labor Day, Every Day
My Yom Kippur Miracle (Repost from 2010)
Good intro to fly casting
Peach update, with pie
NYC update
Easy for you to say: To the elites on mass immigration
For NYC on 9/11, Sailors' Snug Harbor
Pickled Peaches
Water Shoes
Labor Costs in U.S.
Your "identity"
Good news about The Great Courses
Uses of Hot Pepper Jelly/Sauce, Chutneys, and Jams
A Saturday Drive to Litchfield County, CT
How to Pick a Kayak
Civilized: Fruit forks and knives
Loads of kayaking on Cape Cod
Psychology Experiments' Questionable Results

Categories


All categories

Quicksearch

Links

Blog Administration

Open login screen

RSS Readers

Add to Google

Subscribe with Bloglines

Thursday, September 6. 2012

Big Mac attack, pt. MMCLXXIV


This week's Mac virus is brought to you by the makers of BackDoor.Wirenet.1, a delightful little keylogger that has drawn rave reviews wherever it goes.


Keyloggers, to remind you, record all of your keystrokes and then periodically send them home to mama.  A program then looks for 16 entered numbers in a row (your credit card) followed by 3 more numbers (your security code), then it's off to cadillac.com and some early Christmas shopping.


It also steals passwords:



The malware "also operates as a keylogger (it sends gathered keyboard input data to intruders); in addition, it steals passwords entered by the user in Opera, Firefox, Chrome, and Chromium, and passwords stored by such applications as Thunderbird, SeaMonkey, and Pidgin."



(Odd he'd mention the other browsers but not Safari?)


The fix is fairly simple.  You delete some files on your computer and then block access to a certain IP address.  Details are in the above link and one method to block the IP address is here, more info here.  Even if you don't have the bad files on your system, you should still block the IP address.


Recommended reading:


Apple Releases Major Security Update for OS X
Apple Triggers 'Religious' Reaction in Fans' Brains, Report Says
Is Apple Fandom a Religion?
Are Apple Product Launches Like Religious Revivals?
Apple to Support Staff: Don't Discuss Mac Malware
Researchers Find Signs of Zombie Macs
Android, Apple Face Growing Cyberattacks
Apple is the New Hacker Bulls-Eye
Computer Hacking Group Targets Apple in Latest Attack
Apple Macs Hit by Scareware Attacks
Malware Attack Specifically Targets Mac Users
Apple Macintoshes Targeted by Porn-Based Computer Virus
Hidden Security Worms May Loom in Apple's Future
New Trojan Swipes Mac Passwords
Kaspersky Labs: Apple's Security 10 Years Behind Microsoft
Managers Can't be Afraid to Toss Out Bad Apples


From one of the articles:



I miss the good old days when Mac users felt a smug superiority over Windows users who had to deal with this stuff…



Yeah, I'll bet you do.

Posted by Dr. Mercury in Dr. Mercury's Computer Corner at 09:30 | Comments (8) | Trackbacks (0)

Trackbacks
Trackback specific URI for this entry

No Trackbacks

Comments
Display comments as (Linear | Threaded)

Odd he'd mention the other browsers but not Safari?

From the scant* info provided in the article it seems this targets only non-apple applications.



*i ain't clicking through to the website of a russian company.
#1 Mr. Bingley (Link) on 2012-09-06 13:01 (Reply)
Your link to LetMeBy doesn't tell you how to block an IP address, in this case the address to which the virus sends all the information it has stolen from you. Instead, the link tells you how to hide your own address in/from your browser. Those are two different things.
#2 Agent Cooper on 2012-09-06 15:55 (Reply)
Ah, thanks much. I figured blocking an IP was blocking an IP. Turns out it's not quite as easy as it sounds. I ended up glancing over a number of Google hits and finally found a free program that'll do it.
#2.1 Dr. Mercury on 2012-09-06 16:09 (Reply)
FUD.

http://linuxforums.org.uk/index.php?topic=10389.0
#3 Anna on 2012-09-06 16:29 (Reply)
Up until now OS developers have permitted user convience to trump security. Security problems will continue until that practice stops.
#4 John on 2012-09-06 18:27 (Reply)
Good point, and this isn't a Mac-specific issue by any means. The problem lies in convenience. Cookies are the best example. Without cookies, we'd have to log back in to practically every site we visit, or at least those we might want to comment on. So, we sacrifice security for convenience.

In all fairness, though, anti-malware technology is always a step behind; always reacting to the latest threat, simply because there's no way to anticipate the next badness to come along. Heuristics only goes so far.

And you also have to cede how clever some malware is, like the one that imitated a Flash update. You've just clicked on seven Flash updates over the past two months -- why not click on another? I'm not sure if anything can be done about that except altering human nature.
#4.1 Dr. Mercury on 2012-09-06 18:37 (Reply)
Logic fail. A handful of issues do not suddenly make OS X's security model suddenly worse than Windows'. I can't say I find such reasoning unusual though, especially for anti-virus companies, who have no significant handhold in the OS X market. If it looks like doomsday, Kasperspy or Norton or whomever to the rescue.
#5 InRussetShadows (Link) on 2012-09-07 01:12 (Reply)
Who said OS X's security model was worse than Windows'? How about "they're both bad"? Will you settle for that?
#5.1 Dr. Mercury on 2012-09-07 08:00 (Reply)

Add Comment
(Your e-mail will not show in your comment)

By commenting on this site you agree to the site rules listed here. Email
addresses will not be displayed and will only be used for email notifications.

Quick reference guide: [i] italics [/i], [b] bold [/b], [u] underline [/u],
[url] (web address) [/url]. More tips here.

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

BBCode format allowed
 
 
A Chris Southern Consulting website.