Hackers Paid to Hijack Macs

MeatPounder · 2009-09-26, 06:30 PM

A network of Russian malware writers and spammers paid hackers 43 cents for each Mac machine they infected with bogus video software, a sign that Macs have become attack targets, a security researcher said yesterday.

In a presentation last week at the Virus Bulletin 2009 security conference in Geneva, Switzerland, Sophos researcher Dmitry Samosseiko discussed his investigation of the Russian "Partnerka," a tangled collection of Web affiliates who rake in hundreds of thousands of dollars from spam and malware, most of the former related to phony drug sites, and much of the latter targeting Windows users with fake security software, or "scareware."

But Samosseiko also said he had uncovered affiliates, which he dubbed "codec-partnerka," that aim for Macs. "Mac users are not immune to the scareware threat," said Samosseiko in the research paper he released at the conference to accompany his presentation. "In fact, there are 'codec-partnerka' dedicated to the sale and promotion of fake Mac software."

One example, which has since gone offline, was Mac-codec.com , said Samosseiko. "Just a few months ago it was offering [43 cents] for each install and offered various promo materials in the form of Mac OS 'video players,'" he said.

Another Sophos researcher argued that Samosseiko's evidence shows Mac users, who often dismiss security as a problem only for people running Microsoft's Windows, are increasingly at risk on the Web.

"The growing evidence of financially-motivated criminals looking at Apple Macs as well as Windows as a market for their activities, is not good news -- especially as so many Mac users currently have no anti-malware protection in place at all," said Graham Cluley , a senior technology consultant at U.K-based Sophos, in a blog entry Thursday.

Mac threats may be rare, but they do pop up from time to time. In June 2008, for example, Mac security vendor Intego warned of an active Trojan horse that exploited a vulnerability in Apple's Mac OS X. Last January, a different Trojan was found piggybacking on pirated copies of Apple's iWork '09 application suite circulating on file-sharing sites.

Mac OS X's security has been roundly criticized by vulnerability researchers , but even the most critical have acknowledged that the Mac's low market share -- it accounted for just 5% of all operating systems running machines that connected to the Internet last month -- is probably enough protection from cyber criminals for the moment

Cleo · 2009-09-26, 06:46 PM

Fast easy money.
All they have to do is find people stupid enough to install their program ignoring the warning when they open it, then convince to install it by providing their user name and password.

BTW, I've got great news. Check out this email I got today.
(oddly it looks almost the same as the other thousands that I get each month)
Beneficiary.
It is a profound gratitude communicating
with you through this medium. We
SUPER ENALOTTO International wish
to inform you that your email address with
Ticket Number: 5-9-25-30-76-81,
Serial number 2443-05, File reference number:
EG/069713160012 won prize fund of
Ђ515,810.00 Euros categorically
in our lottery program.
Please contact our FOREIGN TRANSFER MANAGER.

It also seems that I need to go enter my user name and password at my banking site with the url that isn't actually my banks URL based on today's email.

Also in today's email It would also seem that some relative of mine that I never knew left me millions.

What I'm saying is I don't see why this is news. Since day one it has been possible to write a program that does something besides what it says it does. At least with a Mac you first have to agree to install it after agreeing to give out your user name and password, kind of just like the daily phishing scams that I get. Unlike some other operating systems that seem to get infected just by visiting a website or opening up and email.

Wake me up when there is actually a Mac viruses threat.

MeatPounder · 2009-09-26, 07:09 PM

My point is 95% of the so called Windows exploits have always been caused by the stupidity of the users...Macs with their small share did not face that issue as most of that small share was informed computer users

With the Mac's growing (though slow it is growing) popularity with the ill informed, computer illiterate masses (Due to their market share a huge part of the windows users), Macs are gaining exploits on par with their growth in market share.

A stupid user is a stupid user no matter if they are using macs, windows, or a flavor of linux...and they will get exploited

bDok · 2009-09-26, 10:37 PM

the great part is... the stupid user like my mom/dad/etc don't know their login password.

I remote desktop in if they need anything installed or fixed.

2009-09-26, 06:30 PM	#1
MeatPounder Women might be able to fake orgasms But men can fake whole relationships Join Date: Oct 2003 Location: Fort Lauderdale, Fl Posts: 2,408	Hackers Paid to Hijack Macs A network of Russian malware writers and spammers paid hackers 43 cents for each Mac machine they infected with bogus video software, a sign that Macs have become attack targets, a security researcher said yesterday. In a presentation last week at the Virus Bulletin 2009 security conference in Geneva, Switzerland, Sophos researcher Dmitry Samosseiko discussed his investigation of the Russian "Partnerka," a tangled collection of Web affiliates who rake in hundreds of thousands of dollars from spam and malware, most of the former related to phony drug sites, and much of the latter targeting Windows users with fake security software, or "scareware." But Samosseiko also said he had uncovered affiliates, which he dubbed "codec-partnerka," that aim for Macs. "Mac users are not immune to the scareware threat," said Samosseiko in the research paper he released at the conference to accompany his presentation. "In fact, there are 'codec-partnerka' dedicated to the sale and promotion of fake Mac software." One example, which has since gone offline, was Mac-codec.com , said Samosseiko. "Just a few months ago it was offering [43 cents] for each install and offered various promo materials in the form of Mac OS 'video players,'" he said. Another Sophos researcher argued that Samosseiko's evidence shows Mac users, who often dismiss security as a problem only for people running Microsoft's Windows, are increasingly at risk on the Web. "The growing evidence of financially-motivated criminals looking at Apple Macs as well as Windows as a market for their activities, is not good news -- especially as so many Mac users currently have no anti-malware protection in place at all," said Graham Cluley , a senior technology consultant at U.K-based Sophos, in a blog entry Thursday. Mac threats may be rare, but they do pop up from time to time. In June 2008, for example, Mac security vendor Intego warned of an active Trojan horse that exploited a vulnerability in Apple's Mac OS X. Last January, a different Trojan was found piggybacking on pirated copies of Apple's iWork '09 application suite circulating on file-sharing sites. Mac OS X's security has been roundly criticized by vulnerability researchers , but even the most critical have acknowledged that the Mac's low market share -- it accounted for just 5% of all operating systems running machines that connected to the Internet last month -- is probably enough protection from cyber criminals for the moment

2009-09-26, 06:46 PM	#2
Cleo Subversive filth of the hedonistic decadent West Join Date: Mar 2003 Location: Southeast Florida Posts: 27,936	Fast easy money. All they have to do is find people stupid enough to install their program ignoring the warning when they open it, then convince to install it by providing their user name and password. BTW, I've got great news. Check out this email I got today. (oddly it looks almost the same as the other thousands that I get each month) Beneficiary. It is a profound gratitude communicating with you through this medium. We SUPER ENALOTTO International wish to inform you that your email address with Ticket Number: 5-9-25-30-76-81, Serial number 2443-05, File reference number: EG/069713160012 won prize fund of Ђ515,810.00 Euros categorically in our lottery program. Please contact our FOREIGN TRANSFER MANAGER. It also seems that I need to go enter my user name and password at my banking site with the url that isn't actually my banks URL based on today's email. Also in today's email It would also seem that some relative of mine that I never knew left me millions. What I'm saying is I don't see why this is news. Since day one it has been possible to write a program that does something besides what it says it does. At least with a Mac you first have to agree to install it after agreeing to give out your user name and password, kind of just like the daily phishing scams that I get. Unlike some other operating systems that seem to get infected just by visiting a website or opening up and email. Wake me up when there is actually a Mac viruses threat. __________________ Free Rides on Uber and Lyft Uber Car: uberTzTerri Lyft Car: TZ896289

2009-09-26, 10:37 PM	#4
bDok bang bang Join Date: Mar 2005 Location: SD/OC/LA Posts: 3,241	the great part is... the stupid user like my mom/dad/etc don't know their login password. I remote desktop in if they need anything installed or fixed. __________________ submit to Nymphotic submit to Moistlace

2009-09-26, 07:09 PM	#3
MeatPounder Women might be able to fake orgasms But men can fake whole relationships Join Date: Oct 2003 Location: Fort Lauderdale, Fl Posts: 2,408	My point is 95% of the so called Windows exploits have always been caused by the stupidity of the users...Macs with their small share did not face that issue as most of that small share was informed computer users With the Mac's growing (though slow it is growing) popularity with the ill informed, computer illiterate masses (Due to their market share a huge part of the windows users), Macs are gaining exploits on par with their growth in market share. A stupid user is a stupid user no matter if they are using macs, windows, or a flavor of linux...and they will get exploited