×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Backdoor Trojan For Windows Ported To Mac OS

CmdrTaco posted more than 3 years ago | from the run-for-cover dept.

Desktops (Apple) 263

An anonymous reader writes "A Remote Access Trojan (RAT) for Windows, known as darkComet, has been ported to Mac OS X. The new backdoor Trojan is not yet finished, but it could be indicative of more underground programmers attempting to take advantage of Apple's growing market share."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

263 comments

Besides missing link, summary isn't accurate.. (5, Informative)

intellitech (1912116) | more than 3 years ago | (#35338992)

darkComet (aka darkComet-RAT) [darkcomet-rat.com] is the name of a remote administration tool, which BlackHoleRAT's control functionality is derived from. The trojan is actually called BlackHoleRAT, but regardless, here's an article link [tgdaily.com].

And, while I'm going, the distortion of the term "trojan" is starting to test my patience. A trojan horse [wikipedia.org] is a piece of software that is deceptive in nature, one which appears to perform a desirable function, but, in fact, steals information or harms the system its occupying. This application, darkComet-RAT, is referred to as a trojan itself all over the web in news articles relating to this beta of "BlackHoleRAT," which is NOT the case. darkComet-RAT is a legit remote administration tool, similiar in functionality to VNC, and should be treated as such.

I understand this butchering of the acronym "RAT," between its use as "Remote Administration Tool" and "Remote Access Trojan" may be confusing, as with all acronyms that use the same letters, but please, for the love of god, do some damn fact checking, and this would be less likely to happen.

Grumble grumble grumble.

Re:Besides missing link, summary isn't accurate.. (5, Funny)

hax4bux (209237) | more than 3 years ago | (#35339066)

Looks like someone has a case of the Mondays

Re:Besides missing link, summary isn't accurate.. (0)

Anonymous Coward | more than 3 years ago | (#35339202)

Looks like someone has a case of the Mondays

Watched that movie last night. Thinking the same thing.

Re:Besides missing link, summary isn't accurate.. (1, Informative)

commodore6502 (1981532) | more than 3 years ago | (#35339068)

>>>do some damn fact checking

"What's that?" - thousands of journalists and their professors. I don't think this is a deliberate misuse of the word trojan - just non technical people getting confused between DarkComet and BlackHole. Similar to how some non-tech people call megabits per second a "bandwidth" or 9.8 meters per second the "force" of gravity.

Re:Besides missing link, summary isn't accurate.. (3, Funny)

Yvan256 (722131) | more than 3 years ago | (#35339112)

And I measure the speed of my car in fractions of parsec.

Re:Besides missing link, summary isn't accurate.. (5, Funny)

JustOK (667959) | more than 3 years ago | (#35339368)

slow car. I once did a kettle corn run in less than 12 fathoms.

Re:Besides missing link, summary isn't accurate.. (1)

MikeDirnt69 (1105185) | more than 3 years ago | (#35339542)

I measure speed using "Yo Mama"s per second. But I never get more that 1 YM/s, I'm afraid to colapse the universe.

Re:Besides missing link, summary isn't accurate.. (2)

by (1706743) (1706744) | more than 3 years ago | (#35339470)

...or 9.8 meters per second the "force" of gravity.

Or think gravity is, dimensionally, a velocity...

Re:Besides missing link, summary isn't accurate.. (1, Flamebait)

zill (1690130) | more than 3 years ago | (#35339074)

darkComet? RAT?

At least they didn't name it NigerianPrince.

And here I thought GIMP was the only FOSS project with a name problem.

Re:Besides missing link, summary isn't accurate.. (0)

Anonymous Coward | more than 3 years ago | (#35339312)

hehehe, trojan is also a name for a weinie wrapper

Re:Besides missing link, summary isn't accurate.. (2)

squizzar (1031726) | more than 3 years ago | (#35339452)

Always thought of that as an odd brandname - I always associate it with a trojan horse. A thing that appears to be for pleasant purposes but once taken into an inner sanctuary will allow something nasty to escape that will ruin your day. I can't say it's a reassuring thought...

Re:Besides missing link, summary isn't accurate.. (2)

RadioElectric (1060098) | more than 3 years ago | (#35339596)

It's accurate in that you don't want this particular Trojan to open and release all of your little Greeks into your partner's Troy.

Re:Besides missing link, summary isn't accurate.. (2, Informative)

Anonymous Coward | more than 3 years ago | (#35339338)

Well, darkcomet isn't technically a trojan anymore than CoDC's Back Orifice is, but both are designed to be installed by subverting OS security restrictions and run stealthily. And while both have legitimate remote administration functions, they also have some not-so-legitimate ones well (i.e keyloggers). Let's face it, darkcomet and its ilk are designed to be used by black hat (wannabes). I doubt you would ever find them installed by any responsible IT dept for RA of business desktops.

It may not be a trojan itself, but it's designed to be used as a payload for trojan software.

Re:Besides missing link, summary isn't accurate.. (-1)

Anonymous Coward | more than 3 years ago | (#35339824)

Ding! Ding! Ding! We have a winner!

I for one wish the guys porting darkcomet to the Mac the very best of luck.
I also wish those who hope and intend to use it maliciously against Mac users the very best of luck at backdooring those smug assholes.
This has been a long time coming.

Re:Besides missing link, summary isn't accurate.. (1)

Quiet_Desperation (858215) | more than 3 years ago | (#35339866)

Yes, let's hope for a whole new legion of compromised computers because of your dislike of an operating system.

And they call Mac users selfish.

Re:Besides missing link, summary isn't accurate.. (0)

Anonymous Coward | more than 3 years ago | (#35339888)

No shit, 15 years of trumpeting how secure the Mac OS is, when in reality it was an issue of market share. Why create malicious software for a product with small market share? Makes no sense....

Re:Besides missing link, summary isn't accurate.. (0)

Anonymous Coward | more than 3 years ago | (#35339894)

darkComet (aka darkComet-RAT) [darkcomet-rat.com] is the name of a remote administration tool, which BlackHoleRAT's control functionality is derived from. The trojan is actually called BlackHoleRAT, but regardless, here's an article link [tgdaily.com].

And, while I'm going, the distortion of the term "trojan" is starting to test my patience. A trojan horse [wikipedia.org] is a piece of software that is deceptive in nature, one which appears to perform a desirable function, but, in fact, steals information or harms the system its occupying. This application, darkComet-RAT, is referred to as a trojan itself all over the web in news articles relating to this beta of "BlackHoleRAT," which is NOT the case. darkComet-RAT is a legit remote administration tool, similiar in functionality to VNC, and should be treated as such.

I understand this butchering of the acronym "RAT," between its use as "Remote Administration Tool" and "Remote Access Trojan" may be confusing, as with all acronyms that use the same letters, but please, for the love of god, do some damn fact checking, and this would be less likely to happen.

Grumble grumble grumble.

Well that changes everything!

Attention Whores (-1, Flamebait)

Anonymous Coward | more than 3 years ago | (#35339028)

Macfags probably ported it themselves. They just feel left out, you know?

Or... (2, Insightful)

vague disclaimer (861154) | more than 3 years ago | (#35339034)

...it could be Sophos trying to drum up trade...

Re:Or... (0)

Anonymous Coward | more than 3 years ago | (#35339116)

Sophos don't /need/ to drum up trade, this is an inevitable step. More people are using apple products, thus programs such as this will be ported.
Sophos don't need to write these, because there are enough people doing it for them :)

Re:Or... (3, Informative)

vague disclaimer (861154) | more than 3 years ago | (#35339158)

I didn't say they wrote it.

But Sophos has pushed out alarmist trolling press releases every quarter or so for years now all implying how OSX is about to be hit by a tidal wave of viruses, worms etc (other sites have credited Sophos as the source of this story - not Slashdot though, it seems.

Am I insane? (5, Insightful)

Scorch_Mechanic (1879132) | more than 3 years ago | (#35339042)

Normally, I'd read The Fine Article just to get a hint of what this story means, but there isn't any links and the summary is vapid and useless. It is a non-story. Allow me to distill its meaning: "A piece of malware (a remote access backdoor ill-defined thingy that probably isn't a trojan) for windows was ported to mac. This is probably bad. Considering Apple's 'growing market share', what could it mean?"

Bravo slashdot. A new low.

Re:Am I insane? (1)

pushing-robot (1037830) | more than 3 years ago | (#35339564)

I read it as a remote access tool that installs as a trojan.

In other words, it relies on social engineering to get the user to run it in the first place, but after being installed it gives control of the system to an attacker.

Re:Am I insane? (1)

NatasRevol (731260) | more than 3 years ago | (#35339690)

And the point he was making:

Really? A remote access tool, once installed, allows...wait for it...remote access!

Shouldn't be on Slashdot.

If they want Apple's market share... (0)

Anonymous Coward | more than 3 years ago | (#35339048)

...they should note that the vast, VAST majority of it is iOS, not Mac OS X...

VNC, SSH, Telnet, RSH, FTP... (1)

Anonymous Coward | more than 3 years ago | (#35339086)

Beware, the sky is falling. All those other eeevul backdoor programs like SSH also work on a Mac.

It was just a matter of time (-1, Troll)

metrix007 (200091) | more than 3 years ago | (#35339092)

As much as people want to think otherwise, there is a direct causal link between marketshare and the amount of malware for a given OS.

The zealotry was on show yesterday in the OS X article where it was stated that OS X is more insecure than windows. This has been known for a long time...due to the lack of marketshare distributed attacks are not prevalent, but due to Apple's shitty security practices it was trivial to take over OS X at any given time with a targeted attack. Have they even gotten around to having full ASLR and DEP yet? No.

People persecuting MS for poor security are living in the past. Windows is now a fine secure OS, while OS X doesn't even have basic protections in place and claims to be secure, simply taking advantage of the fact that they are not targeted as much.

Hopefully as marketshare increases they will take responsibility and secure their OS, if for no other reason than to maintain their image.

Now I'm just waiting to be modded troll....

Re:It was just a matter of time (5, Informative)

chaim79 (898507) | more than 3 years ago | (#35339176)

Hmm, you spout off on some stupid controversial opinion without even checking if it has anything to do with the topic on hand, yes you are a troll.

Though part of the fault is that whoever made this summary is also a troll, DarkComet is a Remote Administration Tool (Emphasis on TOOL) similar to VNC, SSH, etc. There is nothing about this that is Virus or Trojan related.

Re:It was just a matter of time (-1, Flamebait)

Richard_at_work (517087) | more than 3 years ago | (#35339238)

How many people use it as a remote admin tool over Windows Remote Desktop, VNC etc etc? Now, how many people use it as a silently installed backdoor into a computer that they can use without the owners permission?

You can bitch about it all you want, but at the end of the day the usage demographic is what defines the tools market - and I have only ever heard of this "tool" in the context of removing it from unsuspecting users computers, the same as any other virus, trojan or rootkit.

Re:It was just a matter of time (1)

Anonymous Coward | more than 3 years ago | (#35339428)

The same thing can be done with VNC, troll. Your argument is redundant.

Re:It was just a matter of time (1, Interesting)

Richard_at_work (517087) | more than 3 years ago | (#35339506)

Fine evidence that you didn't even read my post - yes, the same thing can be done with VNC, however I am not routinely removing VNC from unsuspecting users computers (infact, I have never come across a VNC install that the user didnt expressly know about in the first place).

Re:It was just a matter of time (0)

Richard_at_work (517087) | more than 3 years ago | (#35339800)

Ahhh, I get a flamebait mod because some idiot doesn't like what I said.... Suck it up, your favourite tool is generally regarded as a nuisance. Just because you don't like being told that doesn't mean its not true.

Mod me whichever way you like, it won't change anything in the long run - your favourite tool has a poor reputation.

Re:It was just a matter of time (-1, Troll)

metrix007 (200091) | more than 3 years ago | (#35339244)

a) It's not a controversial opinion, it's a consensus, b) TFS refers to market share and an increasing appearance of malware.

Sorry.

P.S. does anyone know why /. never honours the first paragraph tag in posts?

Re:It was just a matter of time (0)

Anonymous Coward | more than 3 years ago | (#35339258)

Fanboi

Re:It was just a matter of time (1)

pandrijeczko (588093) | more than 3 years ago | (#35339630)

Hey! Watch it with all that foam and spittle, will ya? That was almost in my eye, that one!

Re:It was just a matter of time (3, Interesting)

ModernGeek (601932) | more than 3 years ago | (#35339724)

Not to mention that face that GP didn't even take into account that MacOS 9, with a much smaller deployment base than MacOS X, had TONS of viruses for it. Deployment base != Infection rate. If this were the case, Linux Servers would be riddled with viruses. I'm pretty sure the GP is a troll, his last sentence is a troll within itself.

Re:It was just a matter of time (1, Interesting)

catmistake (814204) | more than 3 years ago | (#35339236)

People persecuting MS for poor security are living in the past. Windows is now a fine secure OS,

Actually, due to backwards compatibility, you too are living in the past. Windows is hardly more secure than it used to be. I bet anything most still operate as admin... undermining all the new security features. In fact, judging by the summary, it's security is so bad it makes other operating systems less secure.

Re:It was just a matter of time (0)

metrix007 (200091) | more than 3 years ago | (#35339296)

Incorrect. Regular and consistent updates including out of band when needed. The 2nd most secure browser included with the OS. Basic MAC in place, as well as DEP and ASLR. The introduction of UAC which means far far less people simply running as administrator. Sorry, Windows blows OS X out of the water as far as security is concerned.

Re:It was just a matter of time (1)

Anonymous Coward | more than 3 years ago | (#35339784)

Ah UAC which was copied from the oh let's see Mac OS X and can be turned off unlike on the Mac OS. DEP and ASLR are actually not complete or either platform (as of Windows 7 and OS X 10.6) though Microsoft is ahead for now. How about code signing? Yep both have it sort of. Ability to be centrally controlled? again both have it, kinda... You know the laundry list of features does not make something secure. Just look at IE, no matter what features it supports Active X Controls, vulnerable plugins and an over willingness to install toolbars make it insecure. Windows is not more secure, it is just harder to manage due to all the "security features" which is one part of why end users are so bad at managing Windows while Apple with it's "lack" features is more secure because the features that are implemented are implemented in a way that my grandma can understand.

Re:It was just a matter of time (0)

Anonymous Coward | more than 3 years ago | (#35339848)

Awesome! So I no longer need to use AV??? That's fantastic. I'm telling everyone they no longer need to run those pesky antivirus programs that sllllooooowww down the boot time.

Re:It was just a matter of time (0, Flamebait)

pjh3000 (583652) | more than 3 years ago | (#35339400)

The average Windows user doesn't know how to run as Admin in Windows 7. The Admin account is hidden by default. Oh, you didn't know that? And the backwards compatibility you speak of is only in the Pro version, not the Home version. Face it, you don't actually have a point to make, you just wanted to bash Windows. Is this typical of Mac Users?

Re:It was just a matter of time (1)

Anonymous Coward | more than 3 years ago | (#35339740)

Yet Windows 7 still gets viruses on a daily basis. Some installed silently. Some installed just by clicking on a web page. Some just by surfing the internet. Still none for Mac.

How is that more secure?

Re:It was just a matter of time (2)

catmistake (814204) | more than 3 years ago | (#35339914)

How is that more secure?

Quite obviously, it increases the security of one's occupation, as Windows will forever have security issues, thus, there will always be a need for a Windows guy to say "hey, our ship is tight." Meanwhile, the true security experts that are in the midst of massive Windows installations does indeed have trouble sleeping at night. Or... at least he should.

Re:It was just a matter of time (5, Insightful)

david.emery (127135) | more than 3 years ago | (#35339252)

The medical model for disease works for computer viruses too. You need both a vulnerability and a vector. The number of potential hosts increases the attractiveness of the host for a virus (whether through natural evolution or malice aforethought.) The number of hosts also increases the vector span. But there still has to be a vulnerability!

Similarly, we need for the countermeasures to be demonstrated as both "safe and effective." My personal experience with Mac OS 9 and earlier anti-virus applications is that they were not very "safe", they caused a lot of problems. For OS X, I'm waiting for some reasonable demonstration of "effective" based on real-world threats. Predictions of doom from anti-virus vendors (who most certainly have a vested financial interest) that are not substantiated with real-world experiences are not persuasive to me.

By the way, what is the measured track record for successful penetrations observed by third parties, i.e. "in the real world", for both Win 7 and Mac OS? The argument that "Mac OS claims to be secure ... [by] not targeted as much" rings hollow to me. You'd think if vulnerabilities exist in a platform that is growing by leaps and bounds at the -high end- of the market would have garnered some successful penetrations, if nothing else than for the "glory of hacking the supposedly secure platform."

dave

Re:It was just a matter of time (1, Insightful)

vague disclaimer (861154) | more than 3 years ago | (#35339386)

The medical model for disease works for computer viruses too.

Except it doesn't. Biological viruses are not driven by self-aware controllers with a financial interest, nor do they evolve in the biological sense.

But apart from that, a sound analogy.

Re:It was just a matter of time (2)

countertrolling (1585477) | more than 3 years ago | (#35339802)

"financial interest", reproductive "interest". What's the difference? Rich guys get the babes. A complex life form is motivated by precisely the same principles as a single string of DNA. We are nothing more than an accretion of symbiotic life forms with a bit more centralized control than a jelly fish. And besides, everything we create is a result of a biological brain. So computer viruses are very "biological" within in its own framework.

Re:It was just a matter of time (1)

pandrijeczko (588093) | more than 3 years ago | (#35339872)

You should have read the opening sentences of his post a bit more carefully:

The medical model for disease works for computer viruses too. You need both a vulnerability and a vector.

That's the first line from the book "The Bluffer's Guide To Computers for Personnel Managers".

Re:It was just a matter of time (0)

Anonymous Coward | more than 3 years ago | (#35339274)

HAHAHAHAHAHA good one. Now my turn to tell a joke. Windows is more secure than Linux!

Re:It was just a matter of time (5, Interesting)

benwiggy (1262536) | more than 3 years ago | (#35339314)

I'm still not convinced by the "market share" argument. The traditional rebuff is that Mac OS 9 had more malware than OS X, despite a smaller market share.

There may well be large gaping holes in Mac security. The question is: why is no one exploiting them? I don't mean winning a competition, but maliciously or criminally using them.

At what percentage of market share does it become viable to start writing malware? 25%? 50%? 75%?

Regardless of percentage, there are reckoned to be c. 94 million OS X users. Is that still not enough? As we all know, Mac users are computer illiterates with far more money than sense. Surely this sector would seem ideal for targeting by malware writers?

Assuming the reason for the lack of malware is NOT the inherent robustness of the OS; and it's NOT the market share: then what IS it?

Re:It was just a matter of time (1)

CannonballHead (842625) | more than 3 years ago | (#35339418)

Regardless of percentage, there are reckoned to be c. 94 million OS X users. Is that still not enough?

One cannot hope to reach 100% of users. It's easier to hit X users if there are 50X users.

As we all know, Mac users are computer illiterates with far more money than sense.

Yeah, I agree that's an over-generalization.

Re:It was just a matter of time (2)

metrix007 (200091) | more than 3 years ago | (#35339546)

Malware these days is about money. Malware is deployed through distributed attacks such as browser or pdf flaws.

Why spend time developing an exploit that will target at an extreme maximum 10% of the market, when you can spend the same time and effort and target 80% of the market? Given an equal amount of work, would you not choose the option that yeilds a significantly larger ROI?

Re:It was just a matter of time (0)

Anonymous Coward | more than 3 years ago | (#35339372)

People persecuting MS for poor security are living in the past. Windows is now a fine secure OS, while OS X doesn't even have basic protections in place and claims to be secure, simply taking advantage of the fact that they are not targeted as much.

Not even basic protections? Then why a trojan, where the user has to give explicit permission to install and run?

Re:It was just a matter of time (2)

metrix007 (200091) | more than 3 years ago | (#35339560)

Because a user does not have to give explicit permissions. Trojans don't have to run as admin, it depends on what they are trying to do. Simply sending out spam or recording keystrokes doesn't require admin access.

Re:It was just a matter of time (0)

Anonymous Coward | more than 3 years ago | (#35339660)

You must be a microserf. You obviously don't know what you're talking about.

Re:It was just a matter of time (1)

Relayman (1068986) | more than 3 years ago | (#35339382)

Your comments are bogus until you tell me how the malware is installed on my Mac. Oh, I have to enter an administrator password to allow it? Well, then, shame on me for allowing it in! If it can sneak in without my explicit permission, then your comments are valid.

Re:It was just a matter of time (1)

pandrijeczko (588093) | more than 3 years ago | (#35339746)

Ahem!

Buffer overflowing a network daemon so it drops to a root shell prompt without any form of password access can be done without your permission.

Re:It was just a matter of time (0)

Anonymous Coward | more than 3 years ago | (#35339548)

It's always interesting to see the number of anti-Apple posters increases on work days, while on the weekends the fanboys reign. Does it pay well to post "comments" on public forums? I guess it doesn't pay enough to work on weekends...

Re:It was just a matter of time (1)

pandrijeczko (588093) | more than 3 years ago | (#35339772)

We have to be at work on weekdays - we can't get our kicks snickering at you from behind our cappucinos when you sit there posing with your MacBooks in coffee shops.

See? Simple explanation really...

Badly formed argument (4, Insightful)

hellfire (86129) | more than 3 years ago | (#35339680)

Anti Troll missiles locked on.

As much as people want to think otherwise, there is a direct causal link between marketshare and the amount of malware for a given OS./

Sitation please? If you are going to make such a statement, please site studies and facts. In fact there is NO direct causal link, and you are abusing the statement without facts and citations. That said, I would agree that I think there is causal link, but you are further abusing the statement by not citing the magnitude, which is where proper citations would help. Windows has thousands of variants of malware. Mac OS X is in the dozens still, if that. No system is completely secure, and there will always be attempts to compromise a system, but saying ONE piece of malware suddenly brings Apple crashing in flames and "zOMG Mac OS X is teh insecurez they will be pwned!" is the worst kind of hyperbole imaginable.

The zealotry was on show yesterday in the OS X article where it was stated that OS X is more insecure than windows

I looked for an article yesterday on slashdot and the only article I found was one about how Apple is inviting security experts to look at their system. Sounds like a pretty responsible thing if you ask me, and I found no mention of this yesterday. Perhaps you'd like to review your citations?

People persecuting MS for poor security are living in the past.

Again, no citations. You sound like a MS schill. MS still has a poor record, period. Sure it's getting better but it's massive exaggeration to try to say that somehow MS gets a pass because 6 years ago they were utterly shitty shitty shitty, and suddenly now it's okay because they have improved to stinky farty smelly.

Hopefully as marketshare increases they will take responsibility and secure their OS, if for no other reason than to maintain their image.

How odd, Marketshare doesn't seem to have an effect on how secure an operating system is, because 90% marketshare never encouraged Microsoft. I do hope security remains forefront on Apple's mind, because they are the underdogs here and it will only continue to help them to be focused on security as they continue to compete for more marketshare, but here's another example of how off kilter your rant is.

Now I'm just waiting to be modded troll....

You will be, but just one more thing to nail the coffin shut. This is a goddamn fucking TROJAN HORSE!!! Do you know what that is? Do you remember the goddamn story of Troy? There's good movie released a few years back you should watch it. A virus is something getting in without your action or knowledge, but a Trojan horse requires the user perform an action, and the way it gets in is simply by deceiving a human being. You can inject a trojan horse into any system and hope to own it, Windows, Mac OS, UNIX, or other, just send the admin an email and hope he's stupid enough to open the attachment and do the work for you! You can't put a malware scan on the brain of an uneducated admin. It's not the fault of the OS makers if the admin is uneducated enough to open a file that they should not trust.

Like many rants before it, your rant is like buying the most secure home security system in the world, then giving the key to a random person on the street for safe keeping, and complaining to the security company when your house is robbed.

Re:Badly formed argument (1)

metrix007 (200091) | more than 3 years ago | (#35339930)

Are you for real? Your attempt at a well formed response goes out the window when you accuse me of trolling from the get-go. This may be news to you, but simply disagreeing with the majority zealot opinion is not trolling.

Now, you ask for citations, and I'm not going to go searching to provide them, but I will be happy to explain to you where you can find them.

Sitation please? If you are going to make such a statement, please site studies and facts

Well now, there are actually quite a lot of studies supporting this, and a quick look on Google will show this. The fact is we have over 20 years of data, and a consistent and reproducible trend where an OS with the largest market share is the most targeted, irrespective of how secure or insecure it may be.If you want, I will find you studies and peer reviewed papers and we can debate them, although I feel that would be a waste of time on my part going by your response thus far.

In fact there is NO direct causal link, and you are abusing the statement without facts and citations. That said, I would agree that I think there is causal link

Having trouble making up your mind?

but saying ONE piece of malware suddenly brings Apple crashing in flames and "zOMG Mac OS X is teh insecurez they will be pwned!" is the worst kind of hyperbole imaginable.

I made no such claim. Please don't put words into my mouth. If you have an argument, let it stand on it's own merits.

I looked for an article yesterday on slashdot and the only article I found was one about how Apple is inviting security experts to look at their system. Sounds like a pretty responsible thing if you ask me, and I found no mention of this yesterday. Perhaps you'd like to review your citations?

Nothing wrong with my citation here. The article you reference is the same article I was referring to. If you read the comments you will see nothing but Microsoft bashing refusing to acknowledge even the possibility that OS X is more insecure than Windows, despite objective evidence and expert testimony. Hence, zealotry.

Again, no citations. You sound like a MS schill. MS still has a poor record, period. Sure it's getting better but it's massive exaggeration to try to say that somehow MS gets a pass because 6 years ago they were utterly shitty shitty shitty, and suddenly now it's okay because they have improved to stinky farty smelly.

I don't think you understand what a citation is, do you? When I said people bashing MS for poor security are living in the past, that is an OPINION. Given that MS have had a pretty stellar security track record for the last 5 years, and certainly NOT worse than their competitors, I stand by my opinion. I can back mine up with evidence and the citations you so obsessively seek, can you?

How odd, Marketshare doesn't seem to have an effect on how secure an operating system is, because 90% marketshare never encouraged Microsoft

Again, putting words into my mouth. I never said that marketshare has an effect on how secure an OS is, or even implied that. Apple has security as aprt of their image, but that is reliant on having a low market share and not being a target. If that changes and they start to become a target, they will have to actually fix their security. Get it?

This is a goddamn fucking TROJAN HORSE!!!

Irrelivant. My post was not specific to this peice of malware, but regarding the general situation of OS X security, marketshare and malware.

Good day sir.

Re:It was just a matter of time (1)

wastedlife (1319259) | more than 3 years ago | (#35339798)

As much as people want to think otherwise, there is a direct causal link between marketshare and the amount of malware for a given OS.

Can you explain why there are far fewer exploits for Apache and *nix than for IIS and Windows? Linux and UNIX web servers are the vast majority in every marketshare evaluation that I have seen. Being that these servers can contain valuable information about hundreds or thousands of individuals instead of one desktop user, it would seem those should be the bigger target. It is true that Windows has gotten far more secure after they overhauled the code and adopted a similar security model to many *nix distributions, however there is still a huge marketshare of people that have not upgraded to those versions.

Re:It was just a matter of time (1)

0123456 (636235) | more than 3 years ago | (#35339810)

People persecuting MS for poor security are living in the past. Windows is now a fine secure OS

I would write a longer response, but I'm trying to help a friend get forty-eight viruses off their Vista machine without reinstalling the OS.

Re:It was just a matter of time (1)

_Sprocket_ (42527) | more than 3 years ago | (#35339864)

As much as people want to think otherwise, there is a direct causal link between marketshare and the amount of malware for a given OS.

The problem with this is that there isn't much to back up the assertion. What proves that marketshare is the driver for malware? And before you trot out some numbers, can you be sure that marketshare is the reason? It's not that I can't accept the concept. And, in fact, I agree with your couching the idea by noting a "casual" relationship. Marketshare has to be part of the equation. Unless you have a very specific target, it stands to reason that an attacker going after targets of convenience is going to want a suitable enough pool of victims or the attacks won't be convenient. But what makes up that pool is the question.

Sometimes being a big fish in a little pool is very attractive. Yes - OS X stil commands a smaller marketshare than Windows (in it's various versions). But even then, we're talking about something on the order of 36 million targets (adding estimated sales since 2007). If OS X is an easy target, there's an entire pool just waiting to be exploited. Consider that we're counting infections in units of 10k with notable botnets in millions. OS X could easily provide a suitable pool for new (or existing if one wanted to extend a botnet) malware to flourish. But that has yet to happen to any great effect.

People persecuting MS for poor security are living in the past. Windows is now a fine secure OS, while OS X doesn't even have basic protections in place and claims to be secure, simply taking advantage of the fact that they are not targeted as much.

I agree with this point as well. I'm not a Windows or Microsoft fan. But Microsoft has been getting on board. Although I would be cautious with how generous one hands out that credit. Not everything Microsoft has done as been well executed or as effective as their PR would have one believe.

Hopefully as marketshare increases they will take responsibility and secure their OS, if for no other reason than to maintain their image.

This has been the ongoing theme for the past few years. The doom and gloom has yet to descend (despite some pretty horrible mis-steps on Apple's part).

Re:It was just a matter of time (1)

Dunbal (464142) | more than 3 years ago | (#35339938)

ue to Apple's shitty security practices it was trivial to take over OS X at any given time with a targeted attack.

Not only that but due to the complacency (Apple is immune to viruses) and ignorance (I don't want to know anything about computers which is why I bought an Apple) of the average Apple user base, it is an audience as extremely ripe for the picking as a classroom full of children with HIV is to the teacher with chicken-pox.

WHEN Apple gains enough market share to be interesting to write specific malware for, I expect to see infections on a massive scale. I must say it couldn't happen to a nicer bunch of people.

Condoms should always be used (0)

BobSixtyFour (967533) | more than 3 years ago | (#35339144)

Condoms should always be used when going in the back door. You never know what windows can spread if practicing unsafe sex!

Re:Condoms should always be used (0)

Anonymous Coward | more than 3 years ago | (#35339518)

Condoms also create less friction when used, plus easy clean-up for a more enjoyable frolic in the mud.

I Googled "backdoor+trojan" (0)

Anonymous Coward | more than 3 years ago | (#35339164)

Boy, what I got was not what I was after....

Re:I Googled "backdoor+trojan" (1)

Anonymous Coward | more than 3 years ago | (#35339316)

I know you are trying to be funny, but I got perfectly sane results. Maybe you should watch your porn in an incognito session.

Re:I Googled "backdoor+trojan" (1)

Yvan256 (722131) | more than 3 years ago | (#35339358)

To be fair, these days we always get these kinds of results no matter which search parameters we use.

Firefox Plugin (0)

Anonymous Coward | more than 3 years ago | (#35339186)

Last week I installed several FireFox plugins. One of them managed to send out spam to all my contacts, using each of my email accounts. This is on a fully up-to-date Mac. How in the world does a browser plugin get that much access?

Re:Firefox Plugin (0)

Anonymous Coward | more than 3 years ago | (#35339760)

Maybe because you allowed it on your computer in the first place? Next time check better what your new shiny app will do.

In other news (5, Funny)

michelcolman (1208008) | more than 3 years ago | (#35339198)

MacOS X actually comes bundled with a tool that is able to wipe the entire hard disk! Up till now this has not caused widespread mayhem yet, but considering Apple's growing market share...

Re:In other news (0)

Anonymous Coward | more than 3 years ago | (#35339242)

In order to rm on / you need so sudo. And if you sudo you are stupid.

Re:In other news (1)

pandrijeczko (588093) | more than 3 years ago | (#35339710)

Actually, it needs to be "rm -rf /" or "rm -Rf /" on some systems.

And if you are stupid then I would recommend using "sudo" as it is more than likely configured to only let you run some (and hopefully less harmful) commands as root.

But let me guess, you're the sort of person who laughs at an eight year old kid who needs stabiliser wheels on their first bike because they're not yet good enough for only two wheels, right?

Re:In other news (0)

Anonymous Coward | more than 3 years ago | (#35339668)

Umm do you mean Disk Utility will actually doesn't do as you suggest or dd and friends which you need administrative privileges to run on Mac OS X in the way you suggest and is not unique to the system? Or is this just a willful forgetting of FORMAT on Windows?

Is it possible? (0)

frieza79 (947618) | more than 3 years ago | (#35339204)

I wish I had the ability to mod down an entire article...

Re:Is it possible? (0)

Anonymous Coward | more than 3 years ago | (#35339326)

You do, the "-" negative sign right beside the articles title.

Haha observe the hypocrisy now (0)

Anonymous Coward | more than 3 years ago | (#35339210)

Obviously when its a windows malware being reported, its somehow an OS flaw and now watch people "educate" us as to how this malware would only affect the stupid people, "its not the operating systems" fault .. oh good heavens no. It just means people can be tricked into installing bad stuff now. Facts are really really really important when its not microsoft. Then the second wave of idiots come along to point out some drive by exploit in a version of IE which is 10 years old and already patched. Whats that? Safari, Firefox all have had drive by exploits in them? Oh hush ! Linux has had privilege escalation exploits? More than the latest version of windows? Blasphemy ! Facts are not important now !! bla bla bla I can't hear you.. we must compare a 10 year old unpatched version of windows with the current day's linux source tree. Hush now ! Everyone knows that all you have to do is send a programming source text file into a server and everything is fixed. Responsibility for making sure the thousands of apps still work after the fix? Pshaw ! We're all serious OS hackers here.. you idiot !

Re:Haha observe the hypocrisy now (1)

Yvan256 (722131) | more than 3 years ago | (#35339410)

And watch the hypocrisy in the parent post, which fails to realize that virus and drive-by exploits are not the same thing as a trojan.

No matter how secure you make your OS, as long as the user can override things, trojans will exist.

The only way to have a system 100% secure is to have the OS and all the programs in ROM. Not flash with limited write access... that's a security risk. You need ROM.

Heh (0)

Anonymous Coward | more than 3 years ago | (#35339234)

Maybe now the artfags will shut the fuck up for ten seconds about how superior their overpriced fetish objects are?

Or... not so much. 'Bout time malware people took an interest.

Let's be honest. (0)

Anonymous Coward | more than 3 years ago | (#35339286)

It's not like you would have read the article anyways.

But the important question (0)

Anonymous Coward | more than 3 years ago | (#35339310)

is which end do you start eating it from?

Oh, sorry, I misread that as Cornet.

This just in... (0)

Anonymous Coward | more than 3 years ago | (#35339322)

Viruses attack computers. Virus writers write viruses so they can attack more computers! SHOCKING!

As usual we Linux users are left behind (0)

Anonymous Coward | more than 3 years ago | (#35339366)

It's not fair

Shitty programs are shitty. (1)

GerbilSoft (761537) | more than 3 years ago | (#35339370)

From the program's website:

This software allow you to make hundreds of functions stealthly and remotely without any kind of autorisation in the remote process.

Real administrators have had this functionality for years, it's called "ssh" with public key authentication. (There's absolutely no legitimate use for remote access with zero authentication.)

DarkComet is design with the latest IDE of Delphi

No one uses Delphi for writing serious software.

Works in chinese systems : The client is coded in a full natif Unicode environement then it can easily use and traduce in China, also since version 2.1 it works in all kind of Chinese operating system and display the correct Unicode characters.

Congratulations, welcome to the 21st century! Unicode has been supported by pretty much all mainstream operating systems for years. The fact that they have to mention it is indicative of poor software quality. Oh yeah, and the UI looks like it was designed by a 10-year-old in Visual Basic 6.

tl;dr, this program isn't worth bothering with for *any* operating system for any use. It's just so poorly written that it'll probably break while being used.

Re:Shitty programs are shitty. (1)

GerbilSoft (761537) | more than 3 years ago | (#35339390)

Upon looking at it a second time, it seems that the UI comments only really apply to the Mac version. The screenshots of the Windows version don't look too horribly designed, but whatever.

Not yet finished?!?! (4, Funny)

Comboman (895500) | more than 3 years ago | (#35339422)

The new backdoor Trojan is not yet finished

What the hell, even malmare is vaporware now? Can I put in a pre-order for it to infect my computer sometime next year?

Increased marketshare? (0)

Anonymous Coward | more than 3 years ago | (#35339576)

Usage share of web client operating systems. (Source: Median values from Usage share of operating systems for January 2011.)
    Windows XP (41.70%)
    Windows 7 (25.42%)
    Windows Vista (15.43%)
    Mac OS X (6.92%)
    iOS (iPhone) (2.05%)
    Linux (1.64%)

Still below 10% even including iOS...

2001 called, they want their malware back. (0)

Anonymous Coward | more than 3 years ago | (#35339604)

Seriously? RAT? Next you'll be telling me SubSeven and Back Orifice 2000 will be ported. Guess what, no ones gives a shit about any of them, they're all ancient and obsolete.

Title does not match description (0)

Anonymous Coward | more than 3 years ago | (#35339672)

title say "ported" (past tense) and description says "not finished yet"

which is it?

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...