On Oct 27, 2011, at 11:38 AM, Thunder 1 wrote: > Everyone might want to check this out. > > http://www.msnbc.msn.com/id/45053071/ns/technology_and_science-security/#.Tqmfr2BNxqN
Sigh. This is not a "trojan". This is a piece of DDOS software which has interfaces to do other things (like run any bash command you want...). It's not weaponized, you have to seek it out and download it because you want to be a 1334 h4x0r like Anonymous so you grab any old skriptkiddie file you can find and install it. The big whoop: it's been compiled to run on OS X! <scary voice> Whoooooooooo!</sv> Probably by the deep and astonicshingly complicated formula of : ./configure make sudo make install Only the 1334est of the 1334 B1FF!! h4x0rz know this sekrit incantation!! (see the B1FF entry here for the full story...<http://www.suslik.org/Humour/Computer/Internet/nl1.html>, and I'll note, for the record, that my Kibo number is 1.) There's another alert out for malware stuffed into a pirated copy of Graphic Converter (which is really REALLY dumb. Do you want to use GC forever without ever paying? Just put up with the 30 second delay when you launch it. That's it. It's better all around if you pay for it, because Thorsten is a giant in the Mac software world, but there's no need whatsoever to pirate it.) Both are being hyped maximally by the AV and windoid security folks: "OMIGOD! DINT I TELL YOU! DINT I TELL YOU FOR THE LAST 15 YEARS!!!! EVENTUALLY THAT DAMN WOLF HAD TO SHOW UP!!!" They will go the way of all Mac malware: as minor curiosities in the history of malware, maybe even seen a handful of times in the wild. The one single most important thing you can do to secure your Mac is to turn of the single greatest security hole in OS X: Uncheck Safari's "Open 'safe' files after downloading" in the preferences. Out of the box, OS X has no services available from the outside; every box in the sharing control panel is unchecked. No, you will not get a virus form email. No, if your computer is acting funky it is not because of a virus. No, you cannot 'inadvertently' give some PC user a virus, it would have to be a delberate act on both your parts. Additionally, if that PC user does not have active and up-to-date av/as software, they're already infected. No, you really don't need to run av software on your Mac, and if a web page ever does pop up claiming you have one, (presuming you've done what I've said about turning off that Safari pref) laugh at them and close the window. If you absolutely MUST run AV software, at LEAST don't pad the wallets of the AV charlatans with your hard-earned dollars, use ClamXAv <http://www.clamxav.com/> Don't download software from anyplace that isn't the software authors home page. (well, or the Mac App store, if you want. It is safe, but not downloading from there is a political act, not a security one) So no Softpedia, Cnet, etc blah blah blah of the stupid software aggregators. Any software author worth her salt will include the web page in the About info, or under the Help menu. And don't steal it. There's never a reason to steal software, because there's always a free or cheaper alternative out there somewhere. -- Bruce Johnson University of Arizona College of Pharmacy Information Technology Group Institutions do not have opinions, merely customs -- You received this message because you are a member of the iMac Group, a group for those using Apple iMacs and eMacs. The list FAQ is at http://lowendmac.com/imac/list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to imaclist@googlegroups.com To leave this group, send email to imaclist+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/imaclist
