The Mac Observer

Skip navigational links

Choose text size: Select small text. Select medium text. Select large text.

DealsOnTheWeb Daily Deal: J&R ComputerWorld's Weekend Sale - Save on TVs, Digital Cameras, Games & Tons More

New Mac Malware Surfaces

by , 8:55 AM EST, November 21st, 2008

A new Mac OS X malware application, dubbed OSX_LAMZEV.A, has apparently surfaced, and computer security company Trend Micro claims it has the potential to allow hackers to take control of infected Macs. The malicious application is not, however, a virus, and requires users to launch the app so it can install its payload, and it even goes so far as to ask which firewall port it can use.

According to Trend Micro, "Mac users may be infected when they access remote websites hosting this backdoor. The backdoor may also be disguised as a legitimate application and may be installed and executed on systems."

Like other Mac OS X-based threats that have surfaced, this one requires user interaction -- meaning users have to launch the installer application and give it permission to install its payload. In this case, the standard safety rules apply: Don't visit Web sites that you don't trust, and don't install applications that you aren't sure are legitimate or safe.

Observer Comments

Show: Subjects Only | Full Comments
Close Name:Tiger Posts: 1018 Joined: 17 Jun 2003
Fri Nov 21, 2008 10:12 am Subject: so, basically....

It's like a vampire sitting at your window asking to be let in to bite you.

Let's see how many people are willing to actually let it in.


 Reply | Quote
Close Name:Guest
Fri Nov 21, 2008 10:42 am Subject: Trend, and others, are mistaken, apparently
Close Name:jbruni Posts: 105 Joined: 14 Jul 2006
Fri Nov 21, 2008 12:14 pm Subject: Lame

I have to download and run an application which prompts me to open a hole in the firewall?

Please...


 Reply | Quote
Close Name:geoduck Posts: 1922 Joined: 30 Dec 2003
Fri Nov 21, 2008 12:54 pm Subject:

Yes it would be logical to assume that users would be smart enough to see this for what it really is. But...

This morning a note was sent to several hundred employees in the company I work for. You know the one; it says Bill Gates is going to pay you so much for each copy of the e-mail you forward. I've come to call it the stupidity test message. Anyway, I received one copy of the e-mail which I immediately trashed. In the last hour however I've received at least a hundred copies that either were forwarded to me (note that the recipients were in CC not BCC so these morons could have seen everyone that got it), or they hit Reply to All and added the note "Delete me from this list".

I've learned not to bet on the side of intelligence with users.


 Reply | Quote
Close Name:daemon Posts: 344 Joined: 17 May 2007
Fri Nov 21, 2008 2:52 pm Subject:

All trojan horses need to be installed by the user, that's what makes it a trojan horse and not a virus. (Who brought the Trojan Horse into Troy, the Greeks or the Trojans?)


 Reply | Quote
Close Name:Tommy Peters Posts: 4 Joined: 29 Dec 2006
Fri Nov 21, 2008 9:30 pm Subject: Site Advisor

.... standard safety rules apply: Don't visit Web sites that you don't trust ... A Site Advisor configured in Safari will certainly help. It would offer a clearer view of the road ahead. The net is like driving a fast car constantly braking, honking and swerving to avoid mishaps.


 Reply | Quote
Close Name:iJack Posts: 313 Joined: 13 Jun 2001
Sat Nov 22, 2008 12:23 am Subject:

Quote
daemon wrote:
All trojan horses need to be installed by the user, that's what makes it a trojan horse and not a virus. (Who brought the Trojan Horse into Troy, the Greeks or the Trojans?)
The Athenians built (and hid within) the horse, the Trojans pulled it into the Citadel.


 Reply | Quote
Close Name:salparadise Posts: 17 Joined: 02 Apr 2008
Sat Nov 22, 2008 5:03 am Subject: User account.

Number 1 lesson learned from 5 years of Linux use...

Admin mode is for maintenance only.

Day to day use requires Limited User Account.

(sniggering at windows users who believe that OSX doesn't get viruses cus it's only used by a few thousand people is acceptable, and enjoyable)


 Reply | Quote
Comment on this Article


Guest Posts Visible. Hide Them.
Back to top  Page 1 of 1    

You cannot edit your comments.   You cannot delete your comments.
Log in | Register | Having Problems? Reset TMO Cookies & Try Again
Username:   Password:   Log me on automatically each visit   

You are not logged in, and this post will appear as "Guest." Log in with your username and password from the TMO forums. If you do not have a username, you can register here.
Please note that guests are limited to including a maximum of two URLs per post.

Post A Comment
  Subject


  Your Comments



Please enter the word exactly as you see it in the image above. Registered users aren't prompted for this. Having trouble reading the image get a new one.

The Mac Observer Reader Specials

Apple iTunes