lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 01 Nov 2007 16:10:49 -0500
From: Paul Schmehl <pauls@...allas.edu>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: mac trojan in-the-wild

--On Thursday, November 01, 2007 13:27:07 -0600 Steven Block 
<scblock@...15.com> wrote:

> You're an idiot.
>
> Save this as a script and run it, it will give you unlimited power:
>
># !/bin/sh
> sudo rm -rf /
>
> Enter your password if you are prompted.
>
> Oh look, malware.

If you don't think this is an issue, you're not very aware of what's going 
on these days.  The vast majority of present successful attacks on Windows 
are not exploiting vulnerabilities in Windows but taking advantage of the 
gullibility of users.

There is no reason to believe that Mac users will be any less gullible than 
Windows users and plenty of reason to believe they will be less aware of 
the potential pitfalls of social engineering, because, until now, they 
haven't been targeted.

This attack is real and will be successful to the degree that Mac users 
fall for the fake codec scam.  This same scam has worked quite well on 
Windows users and patch level, etc. is irrelevant.  The only chance a 
gullible person has is *if* they are running anti-virus software and *if* 
that software detects this malware and *if* they pay attention to the 
warnings and do not install the "codec".

How many people who own/use Macs even have anti-virus software installed, 
much less up to date?

Yes, *you* might not fall for it.  Plenty of people have and will continue 
to do so, just as they fall for 419 scams and all the other crap the bad 
guys inundate them with.

Judging by the reactions of Mac (and some security) "experts", this attack 
should be wildly successful.

-- 
Paul Schmehl (pauls@...allas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ