Page 1 of 2

Apple Virus?

Posted: Tue May 24, 2011 3:26 pm
by DaddyHoggy
If this is Apple's response, as a non-Apple customer, all I can ask of those who are... Why?

http://nakedsecurity.sophos.com/2011/05 ... e-process/

Re: Apple Virus?

Posted: Tue May 24, 2011 3:45 pm
by Rxke
Hm?

That scanned document looks strange -badly translated- to me. It this the way people phrase stuff in helpdesk- I.T. circles?

Has this been verified? Sophos isn't necc. impartial in reporting stuff like this.

I can see them telling not to visit bb's IF they have a waterproof solution handy.

(which does not seem to be the case, so it does seem strange...)

People 'getting' this trojan might get in even deeper trouble following unofficial (read: patchy) instructions from well-meaning people who explain things too complexy for an average websurfer.

Re: Apple Virus?

Posted: Tue May 24, 2011 3:50 pm
by Staer9
The virus at least is legit: http://arstechnica.com/apple/news/2011/ ... umbers.ars

there are many sites which talk about it, the above is just one.

of course as soon as someone says something is failproof, someone will make it fail.

Re: Apple Virus?

Posted: Tue May 24, 2011 4:29 pm
by maik
Here is a more in depth piece from Ars: http://arstechnica.com/apple/news/2011/ ... e-mac.ars/

Re: Apple Virus?

Posted: Tue May 24, 2011 5:51 pm
by Rxke
wow, people actually give their credit card information to stuff like this???

There really is no cure for stupid. :(

Re: Apple Virus?

Posted: Wed May 25, 2011 9:55 am
by maik
Apple just posted information about how to get rid of it: http://support.apple.com/kb/ht4650.

And here is an interesting analysis of Apple's behaviour when responding to problems. Makes sense to me.

Re: Apple Virus?

Posted: Wed May 25, 2011 10:16 am
by ClymAngus
It's the go away mind set. Some people will always pay money to see a problem go away, even if that problem is non-existent.

Re: Apple Virus?

Posted: Wed May 25, 2011 5:16 pm
by CommonSenseOTB
You want a real conspiracy theory? The anti-virus software companies create the problem just so they can sell the software to everybody. How is it possible that every virus(save the ones that are attributed to hackers, possibly from foreign countries, and targetting specific companies or organizations) seem to have a cure for them as soon as they are detected or even before(as in the form of making sure you have your virus protection up to date or you will face the consequences) :?:

You guys can take that and run with it if you want. I just pony up the dough for the software renewal each year. I have no choice, if I want to interact with the world outside my house. None of us do!

Even in a perfect world I find it hard to believe that anti-virus software could be as effective as it is without knowing what is coming out before it comes out. Realistically, all(most) computers should be virus infected before a solution is available. Anti-virus software companies are not god and cannot see all possibilities...or can they?(see what they are about to unleash on all of us that is)

Just a rant this is.(product of strong coffee and donuts) :)

Re: Apple Virus?

Posted: Wed May 25, 2011 5:42 pm
by Staer9
And the thing about this virus is that if apple made it they could get extra money from the people who put credit card numbers in!

Re: Apple Virus?

Posted: Sat May 28, 2011 12:02 pm
by JensAyton
Staer9 wrote:
the thing about this virus
There is no virus.

Re: Apple Virus?

Posted: Tue May 31, 2011 8:24 pm
by JensAyton
Followup: Apple just released Security Update 2011-003, which removes MacDefender and checks for it in quarantined files.

Re: Apple Virus?

Posted: Wed Jun 01, 2011 12:12 am
by Commander McLane
Got it. :)

Re: Apple Virus?

Posted: Wed Jun 01, 2011 6:03 am
by Rxke
Commander McLane wrote:
Got it. :)
you got MacDefender??? :shock: :shock: :wink:

Re: Apple Virus?

Posted: Wed Jun 01, 2011 6:59 am
by Commander McLane
Rxke wrote:
Commander McLane wrote:
Got it. :)
you got MacDefender??? :shock: :shock: :wink:
I am the only Mac Defender around here. :wink:

Nope, I hadn't downloaded or installed anything fishy that required me to enter my credit card data. Surprisingly I am also steadfastly refusing to accept any deal with rich Nigerian widows with cancer who want to make me the sole heir of their late husband's estate. I am a little stubborn in this regard. :wink:

What I was saying is that I ran software update and installed the security update, which is something I usually don't do by hand, but rather wait for the automatic weekly (or two-weekly, or monthly? I have no idea actually) notification.

Re: Apple Virus?

Posted: Wed Jun 01, 2011 8:05 pm
by Cmd. Cheyd
@CommonSenseOTB - I work in network security, so take this as a semi-professional opinion. Not all viruses have solutions immediately - These are called Zero-Day Exploits. The thing is - They're RARE and HIGHLY VALUABLE. The Stuxnet worm used six Zero-Day's, and that is what tipped most folks to the fact it was created by a nation-state. They're that valuable. Because Zero Day Exploits are so rare, most everything that hits public awareness is for an exploit that is already known to the manufacturer and has patches available. You also have a large army of individuals who are "white hats". Hackers / Security researchers / consultants that actively search for these zero-days and responsibly report them to the proper channels (usually manufacturers - MS, APL, Adobe, etc.). This is done usually privately, the manufacturer is given a certain amount of time to prepare a patch, and then the researcher agrees to release their findings publicly with knowledge the mfg is ready to patch consumers immediately with a good, regression-tested patch.

So, it's not a conspiracy. Just a lot of hard working folks who behave responsibly and are looking out for the public's well good.

That said, I have to admit - I didn't use an A/V program for YEARS, over a decade. Still wouldn't if MS Security Essentials wasn't free. Know how many viruses / trojans / worms / etc I got in that time? One - From a corporate network I was VPN'd into, it wasn't even from the 'internet-at-large'. A GOOD firewall combined with safe computing can do AMAZINGLY well.