Apple's First Trojan Horse aimed at iTunes

The geek forum. PHP, Perl, HTML, hardware questions etc.. it's all in here. Got a techie question? We'll sort you out. Ask your questions or post a link to your own site here!

Apple's First Trojan Horse aimed at iTunes

Postby Fsiphskilm » Fri Apr 09, 2004 10:26 pm

[url]http://www.c
Last edited by Fsiphskilm on Sat Jan 14, 2017 10:51 pm, edited 1 time in total.
I'm leaving CAA perminantly. i've wanted to do this for a long time but I've never gathered the courage to let go.
User avatar
Fsiphskilm
 
Posts: 3853
Joined: Mon Nov 03, 2003 12:00 pm
Location: USA

Postby Shinja » Fri Apr 09, 2004 10:48 pm

i figure with the poularity of ipods and itunes more of the same is bound to occur. especilly since apple bost about their securtity
MATT
Matt blends in - and hates it.

Image

Give me a bike and a road by which to travel.
User avatar
Shinja
 
Posts: 1723
Joined: Wed May 28, 2003 4:00 am
Location: Where the grinkle grass grows.

Postby andyroo » Sat Apr 10, 2004 12:07 am

The virus is so harmless no wonder they're handling it well (even though the code can be reworked to actually be malicious). It looks like the virus writer was showing what could be done. Here's an article from Symantec telling you what it actually does with a screen cap: http://securityresponse.symantec.com/avcenter/venc/data/mp3concept.html . But, yeah, pretty much anything popular on the net is going to get hacked one way or another.
"As vinegar to the teeth and smoke to the eyes, so is a sluggard to those who send him." ~Proverbs 10:26
†
The Ideas Behind Anime |

The difference between intelligence and stupidity is that intelligence has its limits.
A proud member of P.I.E. -- Pictures of Inkhana for Everyone! Join the fight!
User avatar
andyroo
 
Posts: 815
Joined: Tue Jun 10, 2003 11:00 am
Location: Alabama

Postby shooraijin » Sat Apr 10, 2004 12:23 am

Blah. This is *not* a virus, and it's not even a particularly good Trojan horse (to do any real damage, it would require you to enter the admin password and couldn't do it on its own). The whole thing is a little scheme cooked up and propagated by Intego to try and make a quick buck on what turns out to be at most an interesting little hack. It can't propagate by itself, and even if it could, it has to be sent in a double-forked format like apple/double which most mailers don't support or natively understand, and in OS X, to do any real damage (as I said), it would require admin access which it can't achieve on its own.

Here's a URL to look at:

http://macnn.com/news/24167

Key point to take away from the article: "This trojan is almost pure social engineering, and not really an "exploit": it's one step away from merely creating a malicious Carbon application and giving it an mp3 icon, which is trivial, and merely naming it with a .mp3 extension" (which, by the way, is possible to do in Windows, too; giving it an .exe extension with an mp3 icon is fully possible, and since extensions are hidden by default in Windows, it wouldn't look any different either).

EDIT: Here's another good one I just found.

http://www.boingboing.net/2004/04/08/first_malware_for_os.html

This puts a bit more perspective on what's even possible with this technique, even if someone really did go out and construct something malevolent with it.
"you're a doctor.... and 27 years.... so...doctor + 27 years = HATORI SOHMA" - RoyalWing, when I was 27
"Al hail the forum editting Shooby! His vibes are law!" - Osaka-chan

I could still be champ, but I'd feel bad taking it away from one of the younger guys. - George Foreman
User avatar
shooraijin
 
Posts: 9928
Joined: Thu Jun 26, 2003 12:00 pm
Location: Southern California

Postby Fsiphskilm » Sat Apr 10, 2004 1:36 pm

So in the end??? was it
Last edited by Fsiphskilm on Sat Jan 14, 2017 10:51 pm, edited 1 time in total.
I'm leaving CAA perminantly. i've wanted to do this for a long time but I've never gathered the courage to let go.
User avatar
Fsiphskilm
 
Posts: 3853
Joined: Mon Nov 03, 2003 12:00 pm
Location: USA

Postby shooraijin » Sat Apr 10, 2004 9:34 pm

Well, you know what I'd say it is. :)

I think this is worth posting -- this was from comp.sys.mac.advocacy, appearing here slightly edited for grammar, and is a reply to the usual drivel that Macs don't get viruses because no one bothers to write a virus for a smaller population of machines (the point being that there's something about the modern Mac running OS X -- and not their number -- that makes them more resistant).

comp.sys.mac.advocacy wrote:From: zurg <zurg@fakeaddress.com>
Newsgroups: comp.sys.mac.advocacy
Message-ID: <100420041533340581%zurg@fakeaddress.com>
User-Agent: Thoth/1.5.9 (Carbon/OS X)
Organization: Comcast Online
Date: Sat, 10 Apr 2004 22:33:35 GMT

In article <4077ada4$1_1@127.0.0.1>, Super Spinner <someone@noplace.com> wrote:

> So, since December 2003 I've installed six Mac OS X Security Updates vs five
> Windows XP Security/Critical Updates. It doesn't look like either OS has a
> security advantage over the other. If Macs were as popular as Windows, and
> therefore were as large a target of attacks, there's little evidence that
> Macs would be any less vulnerable than Windows. Macs are more "secure"
> because nobody targets them, pure and simple. Security via obscurity. ] Apache web server? The latter is in much bigger
market than the former and yet it's the *one with the smaller market*
that has more security issues and viruses. Why doesn't Apache outpace
IIS with security issues? Isn't it clear that MS produces incredibly
shoddy software? Why is this so difficult to accept?

Bear in mind also that most of the security issues typically corrected
by Apple involve the open source software that ships with Darwin. There
are countless Unix/Linux boxes out there along with OS X machines
running these things and that greatly [increases] the number of machines
available for being exploited. When an SSH vulnerability is found, all
those machines are open to attack, not just OS X. When you talk of OS X
security issues, you're talking about *nix security issues and that's a
much bigger platform, all combined, than Mac alone.
"you're a doctor.... and 27 years.... so...doctor + 27 years = HATORI SOHMA" - RoyalWing, when I was 27
"Al hail the forum editting Shooby! His vibes are law!" - Osaka-chan

I could still be champ, but I'd feel bad taking it away from one of the younger guys. - George Foreman
User avatar
shooraijin
 
Posts: 9928
Joined: Thu Jun 26, 2003 12:00 pm
Location: Southern California

Postby Fsiphskilm » Sat Apr 10, 2004 9:54 pm

*Hugs his ma
I'm leaving CAA perminantly. i've wanted to do this for a long time but I've never gathered the courage to let go.
User avatar
Fsiphskilm
 
Posts: 3853
Joined: Mon Nov 03, 2003 12:00 pm
Location: USA


Return to Computing and Links

Who is online

Users browsing this forum: No registered users and 252 guests