RE: mac trojan in-the-wild

[Gadi Evron <ge () linuxbox org>]

On Wed, 31 Oct 2007, Alex Eckelberry wrote:
> Some might get it, like WebWasher, which is a gateway-only scanner.
>
> But I thought I made that clear in the blog post that it's not
> surprising that there's zero detection.

I disagree. Even if it was for a martian computer and useless, AVs will 
detect it for the sake of detecting it. Them not doing so is just another 
example of how useless the AV *itself* is unfortunately becoming--more and 
more.

This means one thing: Apple's day has finally come and Apple users are 
going to get hit hard. All those unpatched vulnerabilities from years past 
are going to bite them in the behind.

I can sum it up in one sentence:  OS X is the new Windows 98. Investing in 
security ONLY as a last resort losses money, but everyone has to learn it 
for themselves.




> Alex
>
>
> -----Original Message-----
> From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org]
> On Behalf Of Dude VanWinkle
> Sent: Wednesday, October 31, 2007 6:30 PM
> To: Gadi Evron
> Cc: funsec () linuxbox org
> Subject: Re: [funsec] mac trojan in-the-wild
>
> On 10/31/07, Gadi Evron <ge () linuxbox org> wrote:
> > http://sunbeltblog.blogspot.com/2007/10/screenshot-of-new-mac-trojan.h
> > tml
>
> > Not surprisingly (it is, after all, a Mac virus), VirusTotal has zero
> detection on this
>
> err doesn't virustotal only detect windows viruses?
>
> They dont have virex listed in the scanners, but ClamAV could be the BSD
> version.. I guess
>
>
>
> -JP
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.