Apple is separating the new smartphones into its usual low-cost versus high-cost categories, with big differences between the two models coming down to the camera, display, and battery life.
iOS 13 & watchOS 6 Now Available
Flashback Trojan Returns With a Multi-Pronged Infection Strategy
Last year, we profiled a Mac trojan horse known as "Flashback" that was masquerading as a Flash Player installer. While Apple has taken steps to protect users from the threat using its File Quarantine system under which users' computers initiate daily checks for updated malware definitions, the malware's authors have continued to tweak the trojan to improve its ability to both infect systems and evade detection.
Security firm Intego has issued a report on a new variant of the trojan, known as Flashback.G, which adopts a multi-pronged strategy in attacking users' systems. The first two methods rely on vulnerabilities in Java, and while the vulnerabilities are patched in systems running up-to-date versions of Java, outdated systems can be silently infected through these security holes.
Flashback.G's self-signed certificate seeking to trick users into allowing installation
On up-to-date systems lacking the Java vulnerabilities, Flashback.G presents a self-signed certificate claiming to be from Apple in an attempt to fool users into allowing the trojan to be installed on their systems. Once installed, the trojan begins searching for user names and passwords it can relay to the malware's authors.
Intego recommends that users on Mac OS X Snow Leopard make sure that Java is fully up-to-date by running a check through Software Update, and for all users to be aware of the social engineering trick the trojan uses in attempting to gain permission for installation. The company of course also recommends that users equip their systems with antivirus software.
While malware has not been a tremendous threat to Mac users so far, its presence has been growing. Apple has stepped up its efforts to combat malware by enhancing its File Quarantine system to provide for the daily definition checks. OS X Mountain Lion will see another significant step with the introduction of Gatekeeper, a system by which users can limit installation of apps to sources such as the Mac App Store and developers who have registered with Apple as "identified developers".
Apple's Developer-ID program will utilize digital signatures on applications to link applications with a specific developer. If the developer is later discovered to be distributing malware or otherwise behaving improperly, installations of its existing apps can be deactivated by Gatekeeper. Gatekeeper does have its limitations, however, as it only scans applications downloaded through a handful of mechanisms such as browsers and can not detect applications that are modified by malware after their initial launch.
Security firm Intego has issued a report on a new variant of the trojan, known as Flashback.G, which adopts a multi-pronged strategy in attacking users' systems. The first two methods rely on vulnerabilities in Java, and while the vulnerabilities are patched in systems running up-to-date versions of Java, outdated systems can be silently infected through these security holes.
Flashback.G's self-signed certificate seeking to trick users into allowing installation
On up-to-date systems lacking the Java vulnerabilities, Flashback.G presents a self-signed certificate claiming to be from Apple in an attempt to fool users into allowing the trojan to be installed on their systems. Once installed, the trojan begins searching for user names and passwords it can relay to the malware's authors.
This malware patches web browsers and network applications essentially to search for user names and passwords. It looks for a number of domains – websites such as Google, Yahoo!, CNN; bank websites; PayPal; and many others. Presumably, the people behind this malware are looking for both user names and passwords that they can immediately exploit – such as for a bank website – as well as others that may be reused on different sites.Notably, Intego reports that the trojan aborts its own installation if it detects the presence of any of several antivirus applications on a user's Mac, presumably seeking to remain below the radar while focusing on vulnerable systems.
Intego recommends that users on Mac OS X Snow Leopard make sure that Java is fully up-to-date by running a check through Software Update, and for all users to be aware of the social engineering trick the trojan uses in attempting to gain permission for installation. The company of course also recommends that users equip their systems with antivirus software.
While malware has not been a tremendous threat to Mac users so far, its presence has been growing. Apple has stepped up its efforts to combat malware by enhancing its File Quarantine system to provide for the daily definition checks. OS X Mountain Lion will see another significant step with the introduction of Gatekeeper, a system by which users can limit installation of apps to sources such as the Mac App Store and developers who have registered with Apple as "identified developers".
Apple's Developer-ID program will utilize digital signatures on applications to link applications with a specific developer. If the developer is later discovered to be distributing malware or otherwise behaving improperly, installations of its existing apps can be deactivated by Gatekeeper. Gatekeeper does have its limitations, however, as it only scans applications downloaded through a handful of mechanisms such as browsers and can not detect applications that are modified by malware after their initial launch.
[ 186 comments ]
Top Rated Comments
(View all)
99 months ago
and this is why the 2 most important parts of computing are:
1. keep your computer up-to-date
and
2. use a little common sense when something pops up (though I admit that is easier to more knowledgeable people like us than the wider 'mass' consumer)
1. keep your computer up-to-date
and
2. use a little common sense when something pops up (though I admit that is easier to more knowledgeable people like us than the wider 'mass' consumer)
99 months ago
Apple computers do not get a virus. Yeah right. (as the Tui advertisment goes).
Trojan != Virus
99 months ago
Whatever, still malware.
It sounds pedantic, but it is sort of an important distinction to make. Viruses can be spread without any user input, while trojans still require the user to at some point (albeit unknowingly) permit them.
99 months ago
Apple computers do not get a virus. Yeah right. (as the Tui advertisment goes).
First off, no one in any position of authority has ever said Macs don't or can't get viruses.
Secondly, this is a trojan, so talking about viruses here is kind of beside the point.
And to think people said that the fact that OS X lacked malware had nothing to do with it's marketshare.
Their computer marketshare is far, far larger than their malware market share.
So yeah, I'm STILL saying that there are other factors at play. If that wasn't true you'd see malware market share matching sales market share. And that hasn't happened.
99 months ago
And to think people said that the fact that OS X lacked malware had nothing to do with it's marketshare.
The argument has usually been applied to viruses. Trojans require user input and can effect anything. Yes, security holes are taken advantage of to make this Trojan look legit, but there is no defense for the most basic Trojan. If I wrote and app that said you'll be granted three wishes after you enter your password, but instead I use your password to delete all files on you computer, that is a Trojan. There is no defense for such things expect common sense.
Whatever, still malware.
It's a huge distinction.So for those of us who got their parents Macs..
Anyone recommend a good A/V program while we wait for ML to come out?
99 months ago
Why is "Continue" the default choice when the root certificate is not trusted?
99 months ago
And to think people said that the fact that OS X lacked malware had nothing to do with it's marketshare.
They're right.
What do we get? Two per year?
And these aren't even viruses.
99 months ago
not as many as Windows but not as little as you would like to think Mr. LTD
OS 9 had a far smaller share and more malware.
OS X has been on the market for nearly twelve years and all we have are a handful of trojans. And all this despite over 50 million users.
The old market-share argument dictates that we should have at least 1000 viruses by now, and that's being conservative. Right now we still have zero viruses and a few trojans.
The iDevice ecosystem (and the rapid proliferation thereof) has rendered this entire virus discussion moot anyway.
[ Read All Comments ]
Burst Mode refers to when the camera on your iPhone captures a series of photos in rapid succession, at a rate of ten frames per second. It's a great way to shoot an action scene or an unexpected...
Apple's Portrait Mode has become a popular way of taking impressive shots using a depth-of-field effect known as bokeh, allowing iPhone users to shoot a photo that keeps the subject sharp with a...
Apple has redesigned the native Camera app on the iPhone 11 and iPhone 11 Pro to make space for the various additional shooting options available in its new flagship phones, and one particularly...
Apple's massive launch week has come to a close, with the iPhone 11, iPhone 11 Pro, iPhone 11 Pro Max, and Apple Watch Series 5 all debuting on Friday. And as if that wasn't enough, Thursday...
With the arrival of the iPhone 11, iPhone 11 Pro and iPhone 11 Pro Max, Apple has introduced an optional new camera feature in iOS 13 that's designed to allow you to correct the alignment of...
For this week's giveaway, we've teamed up with AnyTrans to offer MacRumors readers a chance to win one of Apple's new iPhone 11 Pro Max devices and a lifetime AnyTrans license.
For...
Due to Apple seeding the iOS 13.1 beta prior to the public release of iOS 13, upgrading to a new iPhone may be a bit trickier this year.
In a support document, Apple has provided instructions...
Apple today the golden master version of an upcoming tvOS 13 update to developers, one week after seeding the eleventh beta and more than three months after unveiling the tvOS 13 software at the...
