funsec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: mac trojan in-the-wild

From: Gadi Evron <ge () linuxbox org>
Date: Sat, 3 Nov 2007 08:30:10 -0500 (CDT)
On Sun, 4 Nov 2007, Nick FitzGerald wrote:

Larry Seltzer wrote:


So how would we know if this malware were successful?


Well, we'd make all Mac users -- who historically have thought they did
not need to -- install some reliable and up-to-date form of malware
detecting software, and have that software reliably and uniquely report
their infected-/affected-ness to a central repository.
While we wait for them to install AV so we can count them, I'd just take the alternative - counting days until the next sample shows up up to the point it becomes hours. 



We'd then debate, approximately forever, whether 0.01% of all Mac
users, or 1% or whatever counted as "successful".

Meanwhile, the Russian organized crime scum behind this would be
spending the money they made from their Mac infections updating to the
next wave/version and on whatever it is that floats their boats.

Or, in simple terms:

  Russian Mafia 1
  Mac fanboyz nil


Regards,

Nick FitzGerald

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: