Posted by: Taylor Hoff | October 13, 2009

Ivory Tower Not So Ivory After All

You can’t tout being a hack-proof operating system for so long before people start to get interested in testing the theory. I predict a host of mac security applications on the horizon.
-TDH

Hackers Paid to Hijack Macs

Gregg Keizer, Computerworld

//

A network of Russian malware writers and spammers paid hackers 43 cents for each Mac machine they infected with bogus video software, a sign that Macs have become attack targets, a security researcher said yesterday.

botnetIn a presentation last week at the Virus Bulletin 2009 security conference in Geneva, Switzerland, Sophos researcher Dmitry Samosseiko discussed his investigation of the Russian “Partnerka,” a tangled collection of Web affiliates who rake in hundreds of thousands of dollars from spam and malware, most of the former related to phony drug sites, and much of the latter targeting Windows users with fake security software, or “scareware.”

But Samosseiko also said he had uncovered affiliates, which he dubbed “codec-partnerka,” that aim for Macs. “Mac users are not immune to the scareware threat,” said Samosseiko in the research paper he released at the conference to accompany his presentation. “In fact, there are ‘codec-partnerka’ dedicated to the sale and promotion of fake Mac software.”

One example, which has since gone offline, was Mac-codec.com , said Samosseiko. “Just a few months ago it was offering [43 cents] for each install and offered various promo materials in the form of Mac OS ‘video players,'” he said.

Another Sophos researcher argued that Samosseiko’s evidence shows Mac users, who often dismiss security as a problem only for people running Microsoft’s Windows, are increasingly at risk on the Web.

“The growing evidence of financially-motivated criminals looking at Apple Macs as well as Windows as a market for their activities, is not good news — especially as so many Mac users currently have no anti-malware protection in place at all,” said Graham Cluley , a senior technology consultant at U.K-based Sophos, in a blog entry Thursday.

Mac threats may be rare, but they do pop up from time to time. In June 2008, for example, Mac security vendor Intego warned of an active Trojan horse that exploited a vulnerability in Apple’s Mac OS X. Last January, a different Trojan was found piggybacking on pirated copies of Apple’s iWork ’09 application suite circulating on file-sharing sites.

Mac OS X’s security has been roundly criticized by vulnerability researchers , but even the most critical have acknowledged that the Mac’s low market share — it accounted for just 5% of all operating systems running machines that connected to the Internet last month — is probably enough protection from cyber criminals for the moment.

Samosseiko’s paper on Partnerka can be downloaded from Sophos’ site ( download PDF ).

Advertisements

Responses

  1. this is so your thing:) i love how you wrote everything. i love you taylor hoff. never give up on your dreams. they are all within your reach:)
    xo


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: