XYMer's Home away from Home

When http://bbs.xlr8yourmac.com is down (i.e. always)
It is currently Tue Sep 13, 2016 4:46 am

All times are UTC - 8 hours




Post new topic Reply to topic  [ 3 posts ] 
Author Message
PostPosted: Sat Apr 17, 2010 8:29 am 
Offline
User avatar

Joined: Thu May 15, 2008 8:01 pm
Posts: 2676
Just a heads-up

http://news.techworld.com/security/3220 ... or-attack/
" Able to infect both PowerPC and newer Intel-based Macs thanks to being written as a universal binary, OSX.HellRTS.D sets out to take complete control of an infected machine, setting itself up as a server capable of doing pretty much what it wants "

Looks like it's easy to check for it. Probably just a publicity stunt from Intego

_________________
"Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid".


Top
 Profile  
 
PostPosted: Sat Apr 17, 2010 12:32 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 8656
Location: Suburbia
(sigh) I get real tired of journalists inventing terms when perfectly worthwhile terms exist. This isn't a backdoor attack. This is a trojan horse. It masquerades as something you want, you run it, it does whatever it wants. A backdoor attack would exploit a security vulnerability in OSX and spread from system to system by exploiting that vulnerability (AKA back door).

Trojan horses exist on every OS, the problem on Windows is the trojan horses get drowned out by sheer volume, so most are never reported to AV companies. And the Linux guys just laugh and say "don't run as root, always have good backups."


Top
 Profile  
 
PostPosted: Sat Apr 17, 2010 4:18 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9439
Location: North of the State of Jefferson
The trojan vs. virus vs. backdoor vs. whatever nomenclature isn't always ideal. It may often fail to reflect the blended nature of a modern malware, in that a malware package may behave in a variety of ways ways, and on account of the likelihood that a package may be delivered by any number of infection vectors.

For example, if this package were delivered by masquerading as a legitimate, or at least desired program, then it would conventionally be a considered a trojan, but at the same time there's no technical reason that it could not be delivered by exploiting a security vulnerability; in other cases a malware package may initially be delivered by one vector, but propagate itself by others. Something that provides remote control might even be updated over the course of an infection to behave very differently than when it initially infected a machine.

It's important then to recognize different infection vectors and to understand what kinds of mischief a package may undertake, but I'm skeptical of the value of pigeon-holing malware.

In any case, standard precautions apply (not an all inclusive list): be careful of what you're downloading and running; keep your software up to date; minimize security holes; run with the least necessary privileges; avoid complexity; and be aware of common routes of infection.

- Anonymous


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group