Mac threat - real or BS?

[SlinkyMike]

Received this email from someone I trust and wanted to know if anyone can provide more info... Apparently its malware that was embedded in cracked software (iWork '09 & Adobe CS 4), my question is: if you don't use cracked software are you still at risk of being infected by someone else's mac either via network or flash drive?

Email below:

*Know anyone that's a Mac User? *

Then let them know that malware researchers have discovered what appears to be the first Mac OSX botnet, aka MacBot or iBotnet and its receiving a substantial amount of industry and media interest.

Early estimates suggest that thousands of people have unknowingly downloaded the infected files. Don't let yourself be one of them...

In a nutshell the botnet is launching a number of malware variants inside pirated copies of popular Mac based software in order to /take control of the infected/ Mac machine.

First and foremost make sure that you and your fellow Mac users, exercise caution, have Mac specific security software installed and that your existing version of iAntiVirus <https://email.pctools.com/servlet/cc6?iJltkQWADQYVupgKloLJhthmjhMkhmgKxnuHptQJhuVaVC> is up to date - there's a free version or you can purchase <https://email.pctools.com/servlet/cc6?iJltkQWADQYVupgKloLJhthmjhMkhmgKxnuHptQJhuVaVD> a version with full functionality and support for only $29.95. It's also vital that you enable and install the latest Mac security updates.

Regards
*PC Tools Team *

 

[dj_jyno]

The original mail is just scare tactics to get you to buy their anti-malware software. There might be some truth to it, but I won't be worried. Just ensure you keep your Mac up to date, don't run suspicious files and you'll be fine (so the same as for Windows PCs, really).

 

[SlinkyMike]

Yea - any virus warning with the "$" character in it is highly suspect.

 

[Tsimo]

interestingly there is reports of the first Mac based bot net from symantec. im wondering how long until Apple starts recommending AV.

 

[d0b33]

These things are being spread by pirate software, people who pirate allow their systems to be infected by handing over their password.

So if you pirate the wrong software you're basically saying rape my mac.

Antivirus will not put an end to it, it's so easy to create a variation not detected by AV products and will only be found out once a new infection spreads so with or without AV products you're still at risk.

 

[PeterCH]

Here's how it works.

You download a dodgy file.
The dodgy file is a trojan horse.
Upon running it asks for additional privileges - ie it asks for the password.
You give it additional privileges.
The trojan horse does what it does - it keylogs your activity or some other activity.

In theory someone else could send you such a trojan horse but the only way to activate it would be to execute it and give it the password. Without that, it won't be able to run.

 

[PeterCH]

interestingly there is reports of the first Mac based bot net from symantec. im wondering how long until Apple starts recommending AV.

These are unsubstantiated reports and they're not even endorsed by Symantec themselves. It's just FUD. Viruses can't spread on UNIX OSes the way they spread on Windows.

 

[Moklet Kcuf]

Ditto, another BS warning.

If you are still paranoid - Install Little Snitch

It monitors your port activity for any applications calling out of your computer, that you might otherwise not be aware of or not want to Call Home. It then gives you an option to Block or Allow.

It's also good for finding out which Applications or Plug-ins are the culprits hogging your bandwidth.

 

[StbA]

Pro Tip - Dont install pirated software.

 

[Moklet Kcuf]

Pro Tip - Dont install pirated software.

...that you're unsure of