funsec mailing list archives
RE: mac trojan in-the-wild
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Thu, 01 Nov 2007 17:06:13 +1300
Larry Seltzer wrote:
It just blows me away that nobody's bothered do mount a concerted attack yet,
Traditionally we have talked in terms of ROI. After the "bad old days" of Mac viruses (including the first "data viruses") the _very_ occasional piece of Mac malware had the, ahem "advantage" of making quite a media splash even if it never actually made it "in the wild". To the malware author, the ROI was not so much getting a media headline of the "worst/fastest/biggest" kind but more of boasting rights for a "first" (no matter how puerile). When these odd (usually really just PoC) malwares appeared, the Mac fanboyz went into overdrive expending huge effort denying that these examples showed their historically moronic view of Macs as "virus proof", etc, etc and more latterly "designed secure", etc, etc were clearly, at a minimum, gravely flawed... Historically we have tended to say that Mac OS would have to achieve (possibly much) greater market share before it would ever start to look like it was worth the malware writers' efforts. However, with Windows int-duh-net users possibly approaching malware infestation saturation, how bad can the ROI of whipping up a few simple scripts into an OS X installer, packaging that up as a disk image and tweaking a few malware web server scripts to serve the Mac version to "suitable" browser user agent clients really look? Sure, it may only pull a few hundred more victims, but that's money for jam in the brave new world of organized crime-ware...
... but once it comes it's going to be smallpox and the native americans all over again. Mac users have been trained to think they're invulnerable.
Yep -- the unconscionable leading the (largely) ineducable. Mac fanboyz have a lot to answer for... Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RE: mac trojan in-the-wild, (continued)
- RE: mac trojan in-the-wild David Harley (Oct 31)
- Message not available
- Re: mac trojan in-the-wild Gadi Evron (Oct 31)
- RE: mac trojan in-the-wild David Harley (Oct 31)
- Re: mac trojan in-the-wild Dude VanWinkle (Oct 31)
- RE: mac trojan in-the-wild David Harley (Oct 31)
- Re: mac trojan in-the-wild Dude VanWinkle (Oct 31)
- RE: mac trojan in-the-wild Alex Eckelberry (Oct 31)
- RE: mac trojan in-the-wild Gadi Evron (Oct 31)
- RE: mac trojan in-the-wild Larry Seltzer (Oct 31)
- Re: mac trojan in-the-wild Brian Loe (Oct 31)
- RE: mac trojan in-the-wild Nick FitzGerald (Oct 31)
- Re: mac trojan in-the-wild der Mouse (Oct 31)
- Re: mac trojan in-the-wild Dude VanWinkle (Oct 31)
- Re: mac trojan in-the-wild Dr. Neal Krawetz (Nov 01)
- Re: mac trojan in-the-wild Drsolly (Nov 01)
- RE: mac trojan in-the-wild Alex Eckelberry (Nov 01)
- Re: mac trojan in-the-wild Valdis . Kletnieks (Nov 01)
- Re: mac trojan in-the-wild Dude VanWinkle (Nov 01)
- RE: mac trojan in-the-wild David Harley (Nov 02)
- RE: mac trojan in-the-wild Alex Eckelberry (Nov 02)
- RE: mac trojan in-the-wild David Harley (Nov 02)