back to article Apple to support reps: Don't confirm Mac infections

Apple officials have instructed members of the company's support team to withhold any confirmation that a customer's Mac has been infected with malware or to assist in removing malicious programs, ZDNet's Ed Bott reported on Thursday. He cited an internal document titled "About 'Mac Defender' Malware," which was last updated on …

COMMENTS

This topic is closed for new posts.
  1. Just Another SteveO

    Yep, seen that!

    Girlfriend was looking for at bike shops and the top link on a google search (which looked completely normal until clicked) opened what looked like a finder window complete with nasty looking stuff in it, downloaded a package and popped up the instalation confirmation dialogue!

    Well, that caught my attention and a swift 'let's not do that!' stopped what might have been bad news.

    As more people are drawn to a platform I guess we can expect ever more attempts to dupe the innocents.

    Bastards! (malware producers, not the innocents)

    OSX did

    1. sT0rNG b4R3 duRiD
      Jobs Horns

      Solution

      Took away admin privies from the other half's macbook from the word go.

      Annoyed her even more with noscript. Anything that she wishes installed gets thoroughly discussed first. Friendface banned.

      Ok that might sound draconian, but honestly, from day to day use, that's exactly the environment I work in. When have you ever trusted your users?

      Look, honestly, OS X isn't all that bad as it stands. Frankly, I kind of like it, in the sense that it is nicer than windows to work in. It is a 'nix after all. It's not like other 'nix like OS's are unexploitable.

      But with iOS being what it is and what OS X could become, and Apple's holier than thou attitude..... my last apple purchase was a Merom cored macbook, it's telling I have not bought anything newer.

      If this news about the memo is true it is but a further nail in said coffin.

  2. Anonymous Coward
    Anonymous Coward

    Coming to your from "Ed Bott's Microsoft Report"

    How can you take a report about Apple as full and unbiased truth when it comes from a regular column called "Ed Bott's Microsoft Report"?

    1. Ted Treen
      Stop

      Because...

      Any excuse to have a go at Apple is greeted here as enthusiastically as a superinjunction is by a footballer.

      Accuracy, veracity and lack of bias just doesn't come into it.

      I'll say again - irrespective of whether you're on OSX or WIN XP/Vista/7, any newbie - or inexperienced user - should not be using an admin account. So even agreeing to install anything should result in an automatic "Oh no you don't - you're not allowed to" from the system.

      I'm assuming an experienced user is unlikely to fall for such crapware.

      This sort of slating is as inappropriate for Apple as it was for Microsoft. I', no great MS fan, but I don't see why they should be reviled for the actions of DFU's.

      Just let Apple/MS patch as soon as possible whatever vulnerability is exploited - and if you do use Mac Anit-Virus s/w, use one of the trusted systems - Sophos etc., (Norton is not good news for Macs).

      There has been so much publicity even in the non-IT media recently regarding fake anti-virus malware that most people should be aware of it.

      1. Anonymous Coward
        Anonymous Coward

        Almost right

        The thing is *nobody* should regularly be using an admin account for general use; they should be used solely for carrying out admin tasks on the machine. There have been far too many bits of malware that just require you to visit a site (some of the reputable sites, but having themselves been compromised - see Sony Thailand today for instace) to think that an experienced user will be able to avoid getting infected. If the user's got admi nrights when he visit such a site then it's giving the malware writers an almighty legup in effectiveness.

        1. Anonymous Coward
          Pirate

          Reputable site?

          I am not sure that I would consider any of Sony's sites to be reputable.

      2. CD001

        Hmmm

        Unless I've missed something Windows 7 doesn't actually allow you to run as admin precisely - they've taken the Unix-like route of running admin accounts as sort of pseudo-admins with UAC popping a window up whenever you need to perform an action that requires full privileges.

        If you're running a limited privileges account you get exactly the same UAC prompt but you have to log in as an admin to continue ... pretty much like sudo.

        The problem now isn't so much the OS; not *nix, not OSX, not Windows (any more) - it's that people will simply click "yup" when prompted to. The only way around it is set up only one pure admin account and not tell anyone else the password... though this may not exactly lead to marital harmony :P

        1. Nigel 11
          Thumb Down

          UAC Unix-like?

          Unix-like is surely a requirement to log in as or su root in order to install the download. Mere users don't know how to do that or haven't been authorized to do that.

          On Linux there are some desktops where package installation has been "made easier". This, in my opinion, is a big mistake. Drinking potential poison should not be made easier, it should be made harder. Being able to do so by clicking "yup" is a big mistake, on any system where it's possible.

        2. NogginTheNog
          Thumb Up

          UAC

          UAC is pretty cool: it takes the idea of least privilege, so that by default on servers *even* admin accounts that *do* have rights have to go through a confirmation stage when they're making system-wide changes just to make sure the change is intentional. Yes this can be something of a pain in the arse, and is often disabled, but you can't argue with the intent.

      3. Mark Serlin
        Grenade

        Norton?

        Is it good news for anything?

      4. Ted Treen
        Flame

        21 thumbs down...

        ...for suggesting that inexperienced users shouldn't be using an admin account?

        Speaks volumes about the thumbs-downers.

        Glad they have sod all to do with MY IT...

        1. Tom 13

          Downvoted for being the kind of git

          who doesn't understand why he got downvoted the first time. As in, it has nothing to do with standard best practices.

          1. Ted Treen
            Grenade

            Oh I understand all right...

            ...it's because common sense is anathema to all the "Let's knock it 'cos it's Apple" brigade.

    2. Anonymous Coward
      Anonymous Coward

      I see

      The anti-Mac sheep are out in force today with their childish comments (crapple? really is that the best you can do? reminds me of microshit, micro$oft and mickeysoft but I was about 16 then)

      My comment on unbiased reporting was not targeted at the malware itself, which obviously exists, but on Ed Bott's report of Apple's response to it.

      Ed Bott has always been on Microsoft's payroll, just google his name for examples. He was even one of the biggest supporters of Windows Vista (maybe because he also published a book on it), need I say more?

      If I started to believe what he says about Apple did or did not do without any critical thought I'd better give up on news sites and get my world news from Microsoft's PR site.

      1. henrydddd
        Linux

        I see

        This article has nothing to do with Microsoft, Apple or other wise; it is about a company covering up the fact that their machines are infected.

        1. Tom 13

          Well, that's certainly the bias of the article.

          I thought about that as I was reading the article, and it is the simplest explanation.

          But it is also possible that the lawyers have gotten involved and asserted that IF Apple confirms it is malware, or attempts to provide assistance for removing the malware they open themselves up to court claims.

          I'm still leaning toward cover-up, not so much because I trust the lawyers as because the "Macs are immune to viruses" meme seems to be a critical part of their marketing. But it is a close call.

    3. RTNavy
      Headmaster

      re: Unbiased Truth

      Just because you are paranoid doesn't mean that everyone isn't out to get you!

      The same can be said for this article, just because the writer "likes" to find and report on Apple computer problems doesn't mean that they don't exist just as he said.

    4. General Pance
      Stop

      Good point

      And likewise, ignore any corporate propaganda you get from sources with Apple or Mac in the title.

    5. croc

      Will you believe ArsTechnia?

      http://arstechnica.com/apple/news/2011/05/malware-on-the-mac.ars/2

      ..Or does it have to be official, straight-from-Jobs-mouth before an apple fan believes that even Apple products can (and do) get malware?

  3. MS Rocks
    Jobs Horns

    hah hah hah hah hah hah hah

    hah hah hah hah.

    Nuff said.

    (oh, and great, customer support there from Apple for their 'valued customers')

    1. The Fuzzy Wotnot
      Joke

      Thats it! We've made it! Hooray!

      OSX, my home platform of choice as it happens, is as popular as Windows!

      I think it's absolutely superb that OSX is now so popular and the underlying O/S code so shit, that it's considered worth the effort for the scumbag malware writers to get some dodgy apps installed on it! This is truly a great day when I can stand shoulder-to-shoulder with my Windows brothers and declare in a loud voice, "My platform is as completely shit as yours!".

      Makes you proud and gets you right here! ( I have my hand on my chest in case you can't see me! )

      1. Martin Owens
        Linux

        Pride

        Pride follows with a Fall.

        And, that you are getting a warm feeling from the spread of Apple's ball and chains is perhaps some form of mental illness possibly linked to a deformed tribal gene.

        Seriously if you want to support something with all your heart, at least make sure that you actually get to own what it is your throwing your pride into it. Apple doesn't make anything you actually get to own, so it's junk as far as social progress goes.

        When they make it all open source, we'll talk about supporting them...

  4. jake Silver badge

    Go, Apple!

    Security by obscurity worked for Sony!

    1. Miek
      Linux

      Security by Obscurity?

      You mean Security by "Ignoring the Elephant in the Room"

      I've seen this on a couple of Macs so far. I always love the comment the owners make "but I though Macintosh is anti-virus". Guess where they got that idea ?

      1. DZ-Jay

        Re: Security by Obscurity?

        It is not a matter of "security by obscurity," it is a matter of "infection by stupidity." The user needs to download the app, (the installer may or may not run automatically, based on the browser's settings), and enter their admin password to install it, then click a button to proceed with the installation.

        This is not a "virus" or a "worm" or an "exploit," it is merely a malicious program that does bad things, which the user naively invited into his computer and allowed--nay, actively engaged--to execute in their computers.

        Even if this were the most secure operating system in the universe, *nothing* can stop a user clicking "Yes, please do bad things to me."

        -dZ.

        1. Anonymous Coward
          Thumb Up

          dZ

          dZ, you probably shouldn't comment if you don't know what is going on.

          Mac relies on security by obscurity. There were no or very few viruses for Macs because there are so few Mac users with so little important data on their machines that it was not cost effective to write viruses for them. The hardware was so obscure that no one bothered trying to hack it, thus it was marketed as secure.

          As Apple slowly gains share, that advantage will disappear. We'll have viruses like its 1999 again, since Macs have no security.

        2. jake Silver badge

          @DZ-Jay

          "It is not a matter of "security by obscurity,""

          Yes, it is. Re-read TFA ... Apple has told it's technical support reps to keep mum on the reality of the malware.

  5. Anonymous Coward
    Anonymous Coward

    Stupidity reigns supreme...

    So the users of a machine for which there are no viruses see a web site claiming that they are being scanned and have infections... and THEY BELIEVE IT!? Wow, the depths of human stupidity never cease to amaze me. An id10t problem if ever there was one.

    1. Tom Sparrow
      Grenade

      speaking of stupidity...

      'a machine for which there are no viruses'?

      There's a prime example right there.

    2. bolccg
      FAIL

      Do you honestly believe...

      ... that there are literally zero viruses for Macs? And that there could never be one? Keep chugging that Kool Aid man.

      1. Woodgar

        No Viruses

        I believe the anonymous one was viewing this from the point of view of the average apple user who constantly bangs on about there being no viruses on a mac.

        This same user, who does not believe viruses exist, sees a pop up saying "Dood!!! Look at all these viruses!!! Dooooood!!!!" and proceeds to click on the link to download and install the anti-virus software to clean up the viruses he claims do not exist.

    3. Mark Serlin
      Flame

      Duh! RTFP!

      The point is that they believe their mac to be virus-impregnable AND that the scanner has "found viruses". Double-think in action??

  6. Anonymous Coward
    WTF?

    Still there is nothing wrong with the Mac so far.

    However, Apple support should be more understanding with the cult followers and at least assist them in cleaning the pox.

    1. EJ
      Welcome

      The "wrong" is they allow humans to operate them

      Until Apple figures out how to get around that weakness, then you'll have this issue.

      1. Code Monkey
        Jobs Horns

        "Until Apple figures out how to get around that weakness..."

        Surely "Until Apple figures out how to MAKE MONEY OUT OF that weakness, then you'll have this issue."

    2. tim-e
      Jobs Halo

      Why?

      It's not Apple's problem if some twat downloads malware.

      1. Anonymous Coward
        Boffin

        Not Apple's fault?

        Probably not, but then again, neither should Microsoft be blamed for users who do the same thing? Yet they do, continually, often by Mac zealots.

        1. Ted Treen
          Happy

          ...and often not.

          See my post above.

        2. Alex Johnson 1
          Thumb Down

          Not the same.

          In this case, the user has to click to download, on a screen with a Windows UI. OK, some users won't intuit the difference between Mac and PC look and feel, but most are used to it through pop-ups. Once downloaded, they have to enter their password. At this point it's all social engineering. It's not good, of course, but there's only so much Apple can do. They are also right to say that that Apple Care is a hardware warranty.

          You can't compare that to the Microsoft experience in 2003, with Blaster and so on, which would infect users without routers. At the time, Microsoft disabled its firewall, and UK ISP's routinely inflicted USB modems on their customers. And so it went on for a couple of years, with worms and spyware in particular. Microsoft was caught utterly flat-footed, and destryoyed its U with Vista. Apple has shot itself in the foot with the PR here, but this is so far a trivial problem you have to try quite hard to get. The security problems Microsoft experienced were ones users could get doing nothing. That's the difference.

          1. Matthew 25
            FAIL

            Urm..

            You mean that well knowm Windows program Finder.

          2. JHS

            It's a numbers game

            Blaster worked due to pretty much the whole market using windows i'm fairly certain somthing similar could be created for mac's but there isn't much point as there arn't enough to be able to pass itself around.

            1. jonathanb Silver badge

              More than that

              Blaster won't work on Macs for the same reason it won't work on Windows computers these days.

              Both Mac and Windows have built-in firewalls that prevent unauthorised outside connections, and most people now connect to the internet via a router which doesn't allow direct access to the internal computers.

        3. Giles Jones Gold badge

          Not quite.

          Not quite correct. Much of the malware that dogged XP was automatically installed by exploits and flaws in the OS or by services like the Messenger service.

          This OSX malware has been chosen to be installed. There's not much anyone can do to stop malware being installed if the user chooses to do it.

          Desktop OSes give users total freedom to install what they like. The second anyone stops you doing so will result in lots of complaining from users wanting to install all their dodgy warez.

        4. jonathanb Silver badge
          Jobs Halo

          Not quite the same thing

          Back in the days, you could infect a Windows computer just by connecting it directly to the internet, the normal way to do things at the time, by opening an email, or by viewing a web page.

          Worms that crawl up the telephone line directly into the computer are no longer a problem thanks to the routers most of us use now, and the default firewall since XP SP2. Outlook is much more secure than it used to be, but drive-by downloads are still a major problem, though the main culprit these days is probably Adobe rather than Microsoft, and of course Adobe products are available on Mac.

          Most of the malware currently available on macs requires you to enter your sudo password to install it. That's why it has to pretend to be something useful, such as a video player capable of playing a porn movie (usually it is a modified version of vlc player with the payload attached), or in this case, a fake anti-virus scanner.

      2. TeeCee Gold badge
        Unhappy

        Re: Why?

        Correct. Doesn't stop the shriller Mac and Linux fanbois round here blaming MS when Windoze users do it though.

      3. Anonymous Coward
        FAIL

        >"not Apple's problem"

        Ah, the very definition of customer service.

      4. nasov
        Thumb Down

        why!?

        Uhm... it actually is...

      5. Paul_Murphy

        hmm..

        And your ideas on Apple customer support? Aren't they there to support their customers? Being told that customer support aren't to help, and aren't to confirm or deny the existance of malware is far from helping their customers.

        Apple - the ostrich in the room...

        ttfn

      6. RTNavy

        re: Why?

        The same goes for the Windows Platform that Apple users are so quick to malign!

        Besides, if we all had perfect users we wouldn't have a job (regardless of OS)!

  7. thecakeis(not)alie
    Jobs Halo

    The rapture will in fact occur on May 21, 2011.

    Oh, sorry about the title, I got caught up in the "pay no attention to the man behind the curtain" religious dogma and “outright lies” theme that is Apple's public relations. When someone discovers a problem with their Mac, deny, deny, delete threads and deny.

    1. Getter lvl70 Druid
      Welcome

      And that's why.....

      ....most of my bills are scheduled to be paid May 22nd.... just in case.

      ;)

  8. Mark 65

    Pr0n

    "Porn sites just started popping up on my MacBook Pro," one user wrote. "Is this a virus?"

    Nah, you just clicked to open your browsing history in tabs

  9. jeffo

    Please turn off "Open friendly attachments" in Safari

    Turn this off and at least all will happen is that you'll download a zip file.

    1. TeeCee Gold badge
      WTF?

      Re: Please turn off "Open friendly attachments" in Safari

      But if you do that, surely some things won't "just work"....? Doesn't the world end if that happens?

      Joking aside though, automatically opening attachments by default? Have Apple learned nothing from the experiences of the rest of the world of end-user computing over the last 20 years?

      1. Duster
        Coat

        Learned anything?

        Certainly not. The invulnerability of Apple and Linux systems is a matter of faith rather than of demographics. The "fanbois" actually believe that stuff and so do the marketing departments. Of course it is clear that the "end user" hasn't learned much in that time either. It's not just a matter of popular OS's being bigger targets than unpopular ones either. Popular social networking, music and shopping sites are all common target acquisition locations - come visit, become a target. So, follow popular fads on line using a popular OS and make twice the target you would following reports of UFOs and black helicopters.

    2. Greg J Preece
      Flame

      Better solution

      Use a proper browser. Safari is on this machine somewhere, but I treat it like Internet Explorer under Windows - update it for when it's needed, then hide it away somewhere and use something better.

      For all Microsoft's faults, at least they do try to help out with this kind of thing. Defender, Malware remover and the like. They can be ridiculously slow to respond to alerts, but at least they respond.

      Apple are a marketing company. They are interested only in selling you the latest shiny thing. Something wrong with your old shiny? There's a new one - that'll fix everything, and you'll be better than your friends for having the new one.

      In my experience trying to sort issues with iPhones, Time Machine and even monitors, Apple don't give a rat's ass about after-sales. The "Genius bar" is all well and good, but the closest one to here is 40 miles away, and yes they did tell me to go there for help when I rang them up. When Time Machine tried to backup the backup drive it was copying to, Apple told me "it's supposed to do that!" When one of my users took in a Mac desperately in need of a RAM upgrade, they sold him Snow Leopard! I've pretty much quit asking...

      Written, surprisingly, on a MacBook...running Linux. ;-)

  10. LaeMing
    Boffin

    Denial is more than a river

    Though that sounds more like a trojan than a virus - AFAIK a virus doesn's need user intervention to get itself on a system, a trojan relies on it. More a user-security issue than an OS security one this time.

    1. Anonymous Coward
      Anonymous Coward

      Er, yes.

      Yes it's a trojan, but that's what it calls it in the story. Your "that sounds more like a trojan than a virus" just shows you're yet another commentard who jumps straight to the comments section after reading only the headline.

      Actually I think the distinctions between "virus", "trojan", "adware" and all the rest are irrelevant. They are all badware and shouldn't get onto your machine.

    2. CD001

      Hmmm

      Actually it's a Trojan delivering a virus payload as opposed to a worm delivering a virus payload - it's still a virus.

      It's like AIDs vs the common cold - the infection methods are different but they're both viruses.

      1. Anonymous Coward
        Terminator

        virus

        A virus is self replicating, once a computer is infected it infects another.

  11. Anonymous Coward
    Paris Hilton

    Vrii and Malware

    As far as I can remember, they stopped claiming that a while back. But I have to say, its completely their fault for not being in touch with the PC side of computing and all the crapware thats on the market. If you see something that popped up and YOU didn't start it... Chances are you should just close the window out. ** Oooh --new business idea just came to mind--As for the porn popping up I'll take my Paris and run with it.

  12. Steve Evans

    Genius bar...

    The genius bar is going to look a bit stupid if they're not allowed to confirm or deny... What are they supposed to do, shrug and mumble "Dunno"?

    1. RichyS

      AppleCare, not Genius Bar

      I suspect the Genius Bar people can say what they like (pro-tip: they're not actually genii).

      This is an AppleCare related memo. AppleCare is a support product, and the email states that AppleCare will not fix for free the results of some idiot typing in their admin password to allow a trojan to install. My car warranty doesn't cover repair to my car if I drive like an arse and crash it into someone, either. I don't suppose any other PC makers warranty/support product covers you for malware infection either.

      1. Steve Evans

        Re: AppleCare, not Genius Bar

        I know, but it does make for a great mental image :-)

        Thanks for the pro-tip, but I'd already worked out that a techie worth his salt is very unlikely to want to be slapped in a retail store doing 9-5:30 and faced with the public asking dumb questions - most of us have enough of that from immediate family members! ;-)

  13. Anonymous Coward
    Pirate

    Wait for it...

    Ubuntu is next.

    1. TeeCee Gold badge
      Thumb Up

      Re: Wait for it...

      And if you tolerate this / Then your platform will be next.....

  14. penguin slapper

    Standard Apple procedure.

    First they deny the problem.

    Then they ridicule the problem.

    Then they provide a free fix for the problem.

    1. Anonymous Coward
      Anonymous Coward

      Not my experience

      I've taken two items in with problem - a MacBook Pro with a problem battery and an iPhone with an incorrectly calibrated accelerometer - and in both cases they took they item, ran a diagnostic, and replaced it on the spot. I've never had such good service from anyone in the tech industry (and it can be truly awful).

      1. JakeyC
        Jobs Horns

        @Ralph 5 Fanboi

        That may very well be the case, but your comment history outs you as a Fanboi of the highest order. I will therefore be taking your anecdotal evidence of Apple's good service with a pinch of iSalt.

        Reading between the lines, Apple sold you a dodgy iPhone that should never have passed the factory QC check and not even the battery in your laptop works properly. To me, that's "truly awful".

        1. Craig Chambers

          Replacement policy

          I have an iPod photo that went in to the Genius bar 3 times in my year's warranty period. It never got abused, but periodically the hard disk would make lots of spinning noises, then it would display the take me back to the shop sad face picture. Every time it was immediately replaced.

          When it did it again after the warranty expired I took it back and was told by someone who to me did not look like they knew what they were doing that the hard disk needed replacing and it would cost me £100. I balked at this and decided to source one online. In the meantime, I disconnected the battery and disk drive. Out of curiosity a couple of days later, I reassembled it, and it worked again! Now, ever 4 months or so (when sad face shows up), I have to go through this process again.

          Easy replacement under warranty aside, I've been reluctant to buy another Apple product since this as I feel the crapware will die soon after warranty and I may be left with a pretty brick.

        2. Mark Serlin
          Flame

          Dork

          Yeah, cause no manufacturers ever, EVER sell anything that isn't 100% fit and working. Like my Toyota ... can't stop now, though ... maybe see you l;ater....

        3. Anonymous Coward
          Anonymous Coward

          If PCWorld pushes your buttons, fine...

          @JakeyC: "That may very well be the case, but your comment history outs you as a Fanboi of the highest order. I will therefore be taking your anecdotal evidence of Apple's good service with a pinch of iSalt."

          It's a bit pointless saying, "you only say that because you like it" - it applies equally to your own statement. There isn't any point having a discussion on that basis, because it presupposes that any opinion at variance with your own is dishonest.

          My comments about any company (including Apple) reflect my experience - if I get good service, I'll come back for more. When I shopped at PCWorld, I was served by disinterested people who didn't seem to know a great deal about their own products. So they don't get my business. If your experience is different, great! Lets hear about the place where you enjoyed good service.

          BTW - the battery in question was over 2 years old, and had performed well up to that point (then began to swell up). They replaced it because it was listed as a flawed batch from Apple's suppliers. These things happen to *all* hardware manufacturers at some point, but it's a real breath of fresh air when they just sort it out. And if you aren't aware of the realities of mass-manufacturing, I have to wonder who the real 'Fanboi' is...

        4. stuff and nonesense
          Stop

          @JakeyC

          I had problems updating my iPhone software (only apple thing i have). The support agent was helpful and efficient. He took me through getting my phone back to working (step by step as I did it) and explained everything needed to get my apps and music back.

          I received an email confirming the actions needed.

          The customer service was exemplary. The service Ralph5 received was not unique.

          I will read your future comments with a big pinch of salt as your bias is obvious.

          All manufacturers have faulty goods that slip through QC. The failures are often described as "infant mortality". It is why the guarentee period is valuable.

          All operating systems are shipped with vulnerabilities, the bad guys will exploit them if there is money or kudos to be gained.

    2. Greg J Preece

      Missed a bit

      ...while continuing to deny the problem's existence.

    3. Matthew 25

      You forgot

      They only provide the free fix for a limited time.

  15. Anonymous Coward
    Anonymous Coward

    Last do no harm

    Just what you'd expect from Apple. It's right up there with all their iphone screw-ups.

    Like not warning the rest of the world their alarms won't work on daylight savings changes.

    Or that the constant crashing of the operating system after iphone4 release was going to be more than annoying. It would also switch data roaming back on long enough for email to be pushed.

    At least I learned I didn't want Apple as a business partner through the relatively cheap outlay of an iphone rather than an imac

  16. Gordon 10

    In fairness to Apple

    If the only infections are social engineering Trojans ANY OS is vulnerable. All that is required is an installation routine and enough social engineering to get or installed.

    Maybe Apple should be using this to promote the OS X App store?

    Til then there will always be someone who cannot resist if instructed "Don't press the red button"

    1. Anonymous Coward
      Anonymous Coward

      Who says they're not?

      "Maybe Apple should be using this to promote the OS X App store?"

      Who says they're not? Can we be 100% sure that this isn't Apple or some miguided fanboi (aren't they all?) trying to justify the idea of an OSX appstore. Remember "you will only install software personally approved by the Big Jobs himself".

  17. Anonymous Coward
    Anonymous Coward

    Last do no harm

    Typical of Apple's contempt for its customer base.

    Like not bothering to tell the world the iphone alarm won't work after daylight saving changes.

    Or that the operating system crashes experienced after iphone4 release were more than annoying. They would switch data roaming back on just long enough to push email to your phone.

    Still an iphone was a relatively cheap way of finding out I didn't want Apple as a business partner. I'd have been pig-sick if I'd bought an imac and a load of software.

    Got an HTC now. No regrets

    1. Anonymous Coward
      Anonymous Coward

      HTC?

      HTC? Clearly they have customer service at the top of their priorities:

      http://www.theregister.co.uk/2011/05/18/htc_failed_support/

      You'll regret it when you need service and it takes weeks instead of a few minutes at an Apple Store.

  18. RobE

    CrApple

    You're a CrApple, I'm a PC. I have anti virus protection, firewalls, a browser that's compatible with Adobe Flash... What do you have fanboi? A stupid hair cut, a virus (probably more likely to be an STD) and an internet browser called Safari.... HELLO?!

    1. Ted Treen
      Flame

      Hell,

      I'd love to be your analyst/counsellor.

      A job for life & I'd be rich...

      1. Anonymous Coward
        Grenade

        Re: Hell

        <quote>I'd love to be your analyst/counsellor.</quote>

        Fuck that. I'd love to be your Apple dealer.

        1. Ted Treen
          Pint

          You'd be poor...

          I bought a Mac Pro last summer, prior to that a G5 in 2005, prior to that a G3 in 1999. All of which I still have. RAM comes from Crucial, peripherals I buy cases off the interwebs & buy OEM drives & put them together myself.

          I trust that meets with your approval.

          Oh, and my iPhone came from Orange.

  19. Anonymous Coward
    WTF?

    Where are you almight ethics, Apple?

    You work your foreign workers to the point of suicide. Have one of the most environmentally unfriendly products lines. You blame the end user for holding your defectively design iPhone incorrectly. How you address these issue. You hirer a few "Counselors" for close to a million workers, you "green wash" your environmental track record and your blame the end user for holding the phone like a human would hold it..

    Now you are putting people are risk by not telling your own customer they are infected with a malware/virus. So they can continue using their credit cards online and have their identities stolen. Possibly infect other computer (if it is a virus) on the Internet.

    I am sure we will see a PR campaign stating there is no security flaw in OS/X but the user is just holding the mouse wrong.

    I guess Apple didn't want their share holders to get upset.

    1. Ted Treen
      Unhappy

      I was tempted...

      ...to reply, but on reflection, I'd probably be better waiting until you have regained touch with reality.

      Not sure I could face all that wild-eyed spittle anyway.

  20. Anonymous Coward
    Anonymous Coward

    Not surprised

    1) that Apple won't confirm or deny the existence of an infection on a given machine.

    Since it's not caused by the OS or the hardware - its not their area. I presume they do suggest that the user seek out a suitable program to deal with it.

    2) thatthere is an increase in malware on Apple machines - it was bound to happen eventually.

  21. Peter Gathercole Silver badge
    Unhappy

    And.....

    Whilst this may be a new instance, it's nothing to be surprised at. Any OS that allows you obtain escalated privilege to do something legitimate can be compromised like this, including all variants of *nix platforms.

    Why it is more important is that Mac users, who have been lulled into a false sense of security by too many unfounded claims that OSX is immune from malware, will suddenly have to become much more aware of what they are doing.

    In some respects, although I would suffer like everyone else, I think that sudo, UAC on Windows and whatever they call the equivalent on OSX (I know it's sudo under the covers), which make it easier to do things with escalated privileges, should be removed. This would make hoops that you must jump through to be able to do destructive things on a system cause you to really think what you are doing, rather than just clicking on "Yes" or asking for a password. But the hooks they use are built into all modern OS's, and even if they weren't supplied with the OS, they would still be there. And SELinux and Role Based Access Control (RBAC) only changes the problem, not solves it.

    Of course, this makes computers difficult to manage by ordinary users, so will never happen. And if someone did propose a locked-down OS, then everybody would be screaming from the rooftops about too much vendor control over the OS.

    I came to the conclusion some time back that all PC OS's are too complex to trust ordinary users to look after properly, but have not got to the next step of trying to solve the problem. This issue shows that even OS's with good security features are not safe if users do not understand what they are doing.

    Maybe Google ChromeOS is the way to go. Locked down OS with a configurable application layer on the top (I just wish it was not in a browser). But I'm sure you will still see personal information being stolen, botnet clients and anonymizer proxies on this platform once the crackers start looking.

    1. matt 83

      I just wish it was not in a browser

      I don't see what else it could be in though. Anything else would either mean the user would have to be installing things directly in the OS which would put things back to square one or creating a new application lay that was completely incompatible with everything that's gone before. That might be possible on phones where super cramped screen sizes mean all previous applications (including web apps) need tweaking (at the very least) to work efficiently (if at all). But Chrome seems aimed at PC format devices (with a bigger screen, and standard input devices) so having to recreate the wheel shouldn't be necessary.

      If you accept that users are going to spend the majority of their time using the web browser part of any such OS it probably makes sense to give them only one thing to know about.

      Though by allowing webapps to be cached for off-line use and this native code stuff google are doing they're pretty much just moving these problems from the OS to the browser. Hopefully it'll make root kits and the like a bit harder though.

    2. Paul_Murphy

      >but have not got to the next step of trying to solve the problem

      The two most likely and 'simple' answers are to run of a bootable CD or DVD (linux is good for this, but I'm not sure about windows and OSX) or clients that connect to server with virtual machines on.

      I'm sure other answers will be suggested (and developed in the future) but for now using a client that can't get infected is, in my view, only possible using a fixed, non-editable image.

      ttfn

      1. Peter Gathercole Silver badge

        @Paul_Murphy

        I understand that read-only media is a potential solution, but you then have to worry about updates, as even an OS on a R/O media may contain bugs that lead to information leakage or access problems during the running of the system.

        If you look at most Live disks, you normally have a degree of persistent storage, because the Live CD is normally overlaid by a UnionFS, often stored on USB memory device. This allows users to keep information after the system is shut down. If you have persistent storage, especially if it allows browser tools or extensions to be installed, then the system is still vulnerable.

        And you also assume that you don't need to install printer, network card or display drivers. I don't know how often you use a Live CD, but whenever I have, I have found it a seriously disappointing experience, being slow, and missing support for anything that is slightly out-of-the-ordinary (like the non-free Radeon and Nvidia drivers to accelerate display performance or a lot of wireless cards).

        Using Virtual Machines only works if you use fixed boot images (otherwise you are just exporting the problem into the virtual machine), and if you are talking about server farms, only in a large environment with some trusted support to maintain the infrastructure. It does not help home users, and would be seen as just another level of complexity to configure. And my point about persistent storage above is still relevant.

        I have thought all of these things through, and with the current user expectation of control over their own PC's, none of them are really workable.

        If we could have a highly trusted read-only image, that did not contain any bugs and also had everything that a user might want forever, then you could propose such a solution, but this is a Utopian view (and you know that Utopia means either "good place", or more likely "no place").

        Google, with ChromeOS are trying this, but we need some more work exposing 3D graphics acceleration and abstracted sound and other device layers to be exposed in the browser to make it acceptable for even modest gamers. I am not going to hold my breath for a port of Crysis or BioShock onto Chrome OS.

  22. Dave's Jubblies
    WTF?

    Isn't this standard Apple opertaing procedure?

    Insert fingers into ears.

    Say 'there is no problem, Macs are immune, blame Windows'

    Repeat as required, or until people stop complaining.

  23. Milkfloat
    Troll

    A win for Apple

    I see this as positive for Apple. If people are actually starting to write trojans/malware for Apple kit it shows that perhaps the are not obscure anymore. Congratulations!

  24. Anonymous Coward
    Thumb Down

    Not acceptable

    I'm neutral on the conflict between different OSs and their fans, but I must say this is a poor show. If an Apple support person knows from the evidence that a user's machine has been compromised he/she should be duty bound to inform them of that fact - else Apple must bear some responsibility for whatever negative consequences follow (since, free or not, they are offering a support service). Denial is never a good option.

  25. copsewood
    Alert

    Seen that

    A Javascript running on Firefox looking like a virus scan telling me my Windows PC is infected and trying to flog me an antivirus program. Only thing is, my PC was running Linux at the time. Perhaps the crooks behind this scam now get information from the DOM or wherever to say what the host platform is.

    Yes it's not that difficult to persuade many users who know nothing about how their platform works to download and install malware on it by using standard FUD marketing. Mac users seem to pride themselves on not having to know how their platform works. My 91 year old Dad seemed very anxious, when I told him his Ubuntu PC didn't need continuation of his previous Windows antivirus subscription, so I guess this issue will affect Linux on the desktop given the fact that it's being increasingly used by people who just want the platform to work without them having to understand very much about it.

  26. Arctic fox
    Headmaster

    It was always going to happen. Mac-owners have been warned for years......

    ........by the rest of us. The assertion that OSX is *intrinsically* far more robust than other OSes was always a chimera. Many of us have pointed out for a very long time that the main reason for the Mac's "immunity" was largely that the villains couldn't be bothered devoting the time and the resources to targeting Apple's machines when they have a vastly larger and thereby vastly more profitable "market" with Windows machines. The Macs are now a more profitable target, there are "attack kits" becoming available specifically aimed at the OSX and we can expect to see far more of this. I would strongly recommend to any Mac owner that he/she takes this seriously, ignores Cupertino's propaganda and protects their Mac properly. AV and the like *are* available for Macs, flaming well use them and the same large helping of common sense that we Windows users have to employ.

    1. Anonymous Coward
      Thumb Down

      "Ignore Cupertino's propaganda..."

      Since Apple recommend the use of AV and authentic malware detteciotn, you're saying that Mac users shouldn't install it?

      1. Arctic fox
        Headmaster

        It is a bit silly to try and be "smart" in that way...........

        .........replying to a posting where I specifically say that Mac-owners *should* install AV and malware detection, hmm? I was simply (as you were perfectly well aware) saying that Mac owners should not any longer believe that they are in any way immune. The "mood music" from Cupertino on this subject has always been that OSX is intrinsically superior to Windows in this area - and there is no point in pretending that is not the impression that they have tried to give. That they recommend installing AV and malware detection anyway should come as no surprise - their legal dept would have insisted that they did for obvious reasons, whatever impression of the OS their marketing dept would wish to give.

    2. Peter Gathercole Silver badge

      @Artic fox - But it is

      *intrinsically* more robust than normal Windows instances up to and including Win XP, especially where the Windows users have been encouraged to make their normal users administrator accounts (like many, many pre-installed Windows PC's). That is a fact. People who deny this can't actually understand privilege separation.

      But this story is about a social engineering issue, where users are being tricked into running something with enhanced privileges. It is not an unseen, unknown back door into the OS, but very visible and relying on user interaction, and as long as an OS has the ability to run something with enhanced privileges, can affect absolutely any operating system.

      Let me ask you something. If asked in a pop-up to install something that suggests it will fix a problem (especially if it comes up because of a cross-scripting problem when accessing a Bank or some other trusted organization's site), do you think that your grandparents, or if you are old enough to be unfortunate and have lost them, your parents, can *sensibly* differentiate between what is really safe and what is not? I know that I am worried that my 82 year old father, who is a regular Internet user, cannot differentiate between 'good' messages from Microsoft Windows Update and 'bad' ones, even though my two brothers and I drum it into him at every opportunity. And I also have to dis-infect my two youngest (teenage) children's systems sometimes, even though they are old enough to understand the dangers.

      Current OS's are just not suitable for purpose when given to non-technical users.

  27. Ilgaz

    I have this policy for 4 years now

    I won't use "mac" and "malware" in same context for 4 years now. I got my lesson on IRC, mac news sites, forums and usenet.

    Even some security guys gave up warning community. They either report to Apple and security companies or -if black hat- sell them.

    Anyway, when something serious happens, we will sure hear about it or figure it ourselves. E.g. when our newspaper doesn't arrive that day since the machine doing the final editing got down.

  28. PsychicMonkey
    Jobs Horns

    "Just a bit of malware"

    not that big of a deal.

    1. dkjay
      Thumb Up

      For some reason

      Your post made me think of this

      "It's just a little dirty! It's still good, it's still good!", "It's just a little slimy! It's still good, it's still good!", "It's just a little airborne! It's still good, it's still good!"

  29. Anonymous Coward
    FAIL

    The Honour Trojan

    Hello Mac user! You have downloaded your first virus! As we are not able to actually infect your machine automatically, we would appreciate it if you would enter your admin password so we can install our program then send a copy to all your friends.

    Thanks!

    1. Anonymous Coward
      Anonymous Coward

      Try It

      I bet at least one person would type their password. In fact it would be worth trying this one:

      Warning! Do not ENTER YOUR PASSWORD. Doing so will not KILL YOUR PARENTS but will install very bad things on your computer RIGHT NOW!

      1. Anonymous Coward
        WTF?

        subliminal?

        I entered my password.... I killed my parents straight away.... what my prize?

        I blame the el reg mods for the death of my parents because they missed the subliminal message!! maybe they were out killing their parents !!!

        @ el Reg... I will make a out of court settlement for all of the review kit you still have in your office !!

  30. Anonymous Coward
    Anonymous Coward

    It's about time.

    I was in an iStore just a few days ago and the "Genius" there was still making claims that they do not get viruses etc. and thats why they dont sell anti-virus. I do however know f-secure do a Mac version so all is not lost.

    It was only a matter of time or market share until apple would start suffering the virus scurge, i think it could be worse for mac users as alot of people that are less tech savvy are put on to mac due to the lack of issues users have and the lack of techincal know-how needed, how many of us have parents that use macs for that reason?

    Further more if macs are so much more powerful as the fanboys clam then it would make more sence to target macs for your bot net than pcs.

    AC

    1. Alex Johnson 1
      Jobs Halo

      Usual nonsense.

      The "tech savvy" but may have been true once: certaily Macs are sold on the basis of being easy to use. Even then, does it make you stupid to prefer something easy to use over something less easy to use?

      More specifically and in more recent times, go somewhere like Silicon Valley. What is the most commonly seen brand of computer in use? Mac, by a country mile. Look at PC World ads, or places that sell cheap mass-market electronics. Or the refurbished stuff that Martha Lane Fox is trying to get retired peopel to use. What is that? Microsoft Windows-running PC's. This is all marketed at the most unsophisticated end of the market.

      Not only is there no correlation between "savvy" and chossing a PC, I wouldn't be surprised if it were actually negative.

      1. vincent himpe

        usual nonsense indeed...

        I happen to live in the valley. (get's up , looks around ) not a mac in sight... well, so far for that piece of nonsense.

    2. Field Marshal Von Krakenfart
      Badgers

      I think I see the problem......

      'I was in an iStore just a few days ago and the "Genius" there was still making claims that they do not get viruses etc. and that’s why they don’t sell anti-virus.'

      The all seeing omnipresent church of jobs has failed to address this marketing shortfall i.e. they don't sell anti-virus, therefore they don't get viruses, after all if the church of jobs appreciated the fanbois then they would have created an anti-virus package, sorry, app, for that.

      All fanbois should be made to watch south park season 15 ep 1; HUMANCENTiPAD

      Sarah, can we have an icon of an ostrich with its head stuck up its own arse?

    3. Anonymous Coward
      Anonymous Coward

      @OP AC

      What were YOU doing at an Apple Store?

  31. Richard Jukes

    Missed one out

    Then they profit.

  32. zanto
    Linux

    funny.....

    this shit never happens on my linux box

    1. The Beer Monster
      Grenade

      Oh FFS...

      Yeah, mac users have been saying that for a while. Your time will come.

    2. Anonymous Coward
      Welcome

      Maybe not on your box

      But it certainly did happen in other's:

      http://www.linux-magazine.com/Online/News/Malicious-Screensaver-Malware-on-Gnome-Look.org

  33. Select * From Handle
    Heart

    And where can one download this Trojan?

    i would love to go into one of these Fanboi Shops, ask a Fanboi shop assistant

    (because you can only be employed by apple if you are a MASSIVE FAN OF APPLE)

    to show me one of the mac's. then browse to the trojan sites and be like

    "erm so how do you fix that then? im sure a minute a go you said that these are impervious to any Malware/Virus/Trojans. "

    But then again i guess it would be like telling some religious fanatic that god doesn't exist and proving it right in front of them.

    1. sig
      Thumb Down

      Eh?

      You might want to think before posting:

      1. Why would Apple, or any company, employ a SALES assistant who disparages their products?

      2. You need to marshall your apostrophes: "Macs", not "mac's"

      3. You can't *prove* that God doesn't exist.

      1. Field Marshal Von Krakenfart
        Headmaster

        double Eh!

        You might want to think before becoming a fanboi

        1. However they could be at least be truthful about any problems on macs (no apostrophe and no capitalisation either so as to be consistent with a lack of capitalisation on terms such as mickeysoft).

        2. If you can't attack the message, attack the grammar, but a valid point all the same. Always remember that "apostrophe s" is a contraction of "is", so saying (or writing) "mac's are shit" is the same as saying (or writing) "mac is are shit", it's just bad grammar. Try and get gooder grammar like what I got.

        3. However you can deny God exists, and that viruses exist on the mac.

  34. Richard Cartledge

    Not a virus

    But it's neither an infection no a virus. It's a bit of crap software that the user downloaded, and typed their admin password to accept and install.

    If people are so dumb to fall for the fake software, then they should either stick to the app store or they're just facebooktards and it doesn't matter anyway as they do nothing of consequence.

  35. Miek
    Linux

    Feeling Smug ?

    There's an app for that

  36. Bear Features
    Thumb Up

    but, but

    I thought Macs couldn't get a virus regardless of user ability because of random meaningless words supposed to make one sound superior....like "Unix"

    1. Nigel 11
      Boffin

      @Bear Features - probably true

      I'm no Mac fanboi, but your statement is as true for a Mac as it is true for Linux. There's a big difference between a virus, and plain ordinary malware / crapware.

      A virus spreads itself without any interaction with the computer's user. On a properly-designed operating system this is impossible, modulo any bugs. Provided such bugs are fixed promptly as soon as they are discovered, viruses are rare to nonexistent on that system (Unix, Linux, OSX). Some versions of Windows are broken by design rather than by mistake, and Microsoft is renowned for doing nothing about known bugs until some months / years later when a virus starts exploiting them.

      Malware is the equivalent of giving the user a bottle labelled "Drink me". An idiot or child will do just that, without asking any questions, and whatever happens next is his own fault (or the fault of whoever gave him administrator access to that computer - his parent or school, for example).

      On a properly-designed operating system it is possible, indeed normal, to use the system without having the ability to install anything. On a multi-user system, only the administrators can do installs, and you are as safe as your admins are competent. On a sensibly-configured single-user linux, its sensible single user normally runs unprivileged, and nothing gets installed without the user doing rather more than just clicking "OK" by mistake. IMO, Anything that makes software installing easier than logging in as root or invoking su, is a mistake. Humans suffer from their conditioned reflexes taking over simple repeated tasks. Dangerous tasks should never be made simple enough for the conscious brain to escape from the loop.

      1. Tim Starling

        You don't need root access to install a virus on Linux

        @Nigel 11: just about anything that a virus would want to do on a Linux desktop can be done without root access. For example, it could install a Firefox extension in the user's profile which acts as a keylogger, or it could install a cron job which starts a botnet client. On Linux, the browser is the first and last line of defence.

  37. Anonymous Coward
    Anonymous Coward

    Mmmm mmmm mmmmH mmmm MMMM

    Sorry, it's hard to talk down here with my head in th sand.

    Now what's all this hearsey about a Apple product having malware.

    Love and Hugs 'big Stevie J'

  38. bex
    Go

    the difference being

    I am not defending this (if its true) and it was just a matter of time before this happened but the difference between OSX and windows is on osx you must provide a password to instal stuff on windows maybe depending on how its set up.

    1. Dave's Jubblies
      Megaphone

      Yeah, but, well, like, maybe....

      That has got to be the vaguest, most non specific piece of Pro-Apple propagander I've ever seen on a screen...

      Well done, Sir!

    2. Greg J Preece

      Bullshit!

      The vast majority of installations on a Mac *do not* require a password. Some do, and these tend to be lower-level apps like file system/encryption drivers. Most just require you to drag an icon onto the Applications icon, and the rest is done for you. Very seamless installation, almost as good as DEB packages, but by default no password is required whatsoever.

      1. Alex Johnson 1

        WTF?

        Have you even USED a Mac since 2001?

      2. Anonymous Coward
        Unhappy

        Rubbish

        Either you have never actually worked on a Mac or you alway log in with root privilege.

        When you do the drag bit, a window pops up asking you to authenticate, always, unless you have changed the Applications directory mode to 777 or something similar.

        I suggest a basic UNIX course and then some experience.

        1. Gilbert Wham

          "I suggest a basic UNIX course"

          I second that. Not because I think it would help (it won't, most people are fucking stupid whether they know UNIX or not), but because I am a misanthrope, and I know it'll most likely make them deeply unhappy. I'd mandate it by law if I could...

          /Slips off into happy reverie/

        2. Greg J Preece

          And I suggest you try it

          As you could tell by reading my previous post, I generally use Linux. I do not like running as root.

          I did a clean, fresh, completely by-the-book installation of Mac OS X Snow Leopard. All default, before later customisations. It logged me in automatically by default, and I could install apps without password by default.

          You can tell me this didn't happen as often as you like, you can call me a "fucking idiot", but it won't change anything.

  39. Volker Hett

    There's a conflict.

    On one side we want a system which is as open as possible giving the user every possibility to tinker with it and on the other side we want a system which is as locked down as possible so the user can't install malware no matter how hard he tries.

  40. Anonymous Coward
    Pint

    Ahhh....

    ""Porn sites just started popping up on my MacBook Pro," one user wrote. "Is this a virus? I have never had a virus on a Mac before and I have been using Macs for years. Please help!"

    Ok, i'll help, stop surfing porno sites and then moaning when you pick up a dose you fucking idiot.

    Porno sites do not "just pop up". You visited one (some), you got infected. Deal with it, stop bleating and just fucking admit you were surfing porn or some other dark side of the web.

    Amount of times people say "I NEVER look at porn" when the log and history clearly prove otherwise..

    I like porn, reminds me that in an alternate universe im shagging something nice, not the pig ugy 8 ace (Viz) of a missus i have now!

    1. Anonymous Coward
      Anonymous Coward

      To be fair

      Salon was hacked to push these pop-ups to users.

      Also Google's search rankings were twisted over by some SEO optimisation crap (btw, get your fucking glass roofs together before throwing stones Google) and supposedly "high quality" links redirected to point to sites showing this.

      So it's not just porn sites.

  41. Anonymous Coward
    FAIL

    NOT A VIRUS

    Maybe some people have trouble reading? This App is NOT a virus. You could call it a "trojan". The reason ignorant people download AND type their Admin password to install it is that they mistakenly believe that viruses exist for OSX. I wonder where they got that misinformation from?

    If they can wrap their tiny minds round the fact that there are NO VIRUSES for OSX, then, just maybe, they won't be tricked by malware which suggests that there are.

    1. Anonymous Coward
      Thumb Up

      At last...

      Some clarity of thinking and expression. It's probably wasted, so to further reiterate:

      Sees fake page suggesting infection of Mac

      Clicks 'Download this 'antivirus' software' or similar

      Unzips the downloaded file if not already unzipped by the OS

      Launches the installer package

      Gives admin password if not on standard user account, where the user shouldn't know the admin password

      Confirms installation

      Gets rogered

      That's quite a few user-required steps. Not a Virus.

  42. Am
    Flame

    Whiff of hypocrisy?

    So, on the Mumsnet thread we have everyone saying that the users should take responsibility for their own machines, and on this thread everyone seems to be saying the OS provider should...

    And on other Apple threads we have people berating them for their closed garden approach, and here we have people saying they're not closed enough...

    The issue here shouldn't be that bad people do bad things, nor should it be that a company has failed to preventt bad people doing bad things to people who have bought that company's products (I mean would you seriously blame the company you got your windows from if a burglar gained entry and stole things because they smashed one of the windows?), but that a company allegedly tells it staff to avoid the question.

    The solution is education, of course.

  43. Ross K Silver badge
    FAIL

    But, but...

    ...I thought Macs don't get viruses (or is that virii?).

    Oh wait, the Apple site just says they dont get 'PC' viruses. Nice get-out Steve.

    Mac viruses - Proof your average Mac user is just as thick as your average Windows user.

    1. Anonymous Coward
      Anonymous Coward

      Errrrr........... its a trojan not a virus

      *Smacks head on wall*

      This is a application that requires installation just like any other standard application. This one just happens to do something nasty instead of something good. The user is tricked into installing it in the belief it solves a problem. Again, a trojan, not a virus.

    2. Maxson
      Thumb Up

      Windows user here;

      It's "Viruses" anything else is bad latin...see, we're not all thick ;p

      1. Zippy the Pinhead
        FAIL

        at Maxson

        The plural of Virus is Virii however its fallen out of use and we now type it as viruses.

  44. defiler
    Joke

    So does this count as a big Mac-attack?

    That is all.

  45. Maxson

    Well now...

    See, I've always been of the opinion that an unpatched box of any OS platform is woefully inadequate against even slightly determined attack, Mac users have always said that Windows vulnerabilities are strictly Windows vulnerabilities and macs have no vulnerabilities. My belief has always been that Macs were simply too small a target due to their lower market share. Now that market share is increasing, and thus they're a bigger target, malware infection has skyrocketed. Now that Macs have become a bigger target, the complacency of their userbase has likely made them a big, easy to hti target.

    Now, where's the "E-mail this article to a friend" button? I've some smug people to deal with.

  46. nigel 15
    FAIL

    Quote from Fanboi on another forum

    'Ignorant Mac users are only downloading and installing this App because they believe that Mac viruses exist - a myth perpetuated on this forum and others. Anyone who knows there are no OSX viruses is not going to be fooled into installing this trojan App.'

    one of the funniest things i've ever read.

    1. Ilgaz

      They normally shoot legimate messengers

      Only 2 companies are actively researching Mac malware so far. Intego and Sophos of UK.

      While their PR teams do real dumb things sometimes, these guys have uncovered some "almost there" stuff and we can't know how many threats they silently reported to Apple.

      Anyway, commercial companies in security business does release some info sometimes. Everytime they did, 90% of people blamed them to be snakeoil sellers, rest 10% daring to say "lets listen" got "voted down" like crazy along with personal attacks down to racist remarks.

      Intego does only Mac software while Sophos has a gigantic enterprise business. I suspect people at Sophos got sick and tired of Mac community and they don't report all threats now.

      The biggest security threat to Mac is the community and fake feeling of "super secure OS". Even owners of $10M IBM Z series mainframe with $1M/year Z/OS doesn't have such a security feeling I am sure.

  47. Anonymous Coward
    FAIL

    If you've not got an iPhone...

    Well, you've not got an iPhone...

  48. Danny 5
    Happy

    makes sense

    seeing as Apple is about 15 years behind the rest of the world, this is about the right timing for this i would imagine.

    i'm getting a clear "been there, done that" feeling!

  49. Jonjonz
    Boffin

    Pathetic Usual Jobs con/scam

    As usual, CRapple scams it's hoodwinked sheep and screws them over, in a losing attempt to forstall the media from reporting massive CRapple malware attacks.

  50. binky_256
    FAIL

    mwahahahaha

    are mac users "thinking differently" now?

  51. Anonymous Coward
    Anonymous Coward

    how does it feel

    knowing you gave thousands of dollars to a company that knows you're infected and wont even tell you.

    Fair enough that they don't clean infected machines, but they could provide a minimum level of human courtesy by telling their customers that up front and advising them to get some other Mac company to remove the infection.

    oh yeah, Apple don't want any other Mac companies to exist and that is why no one will ever take them seriously.

    1. Anonymous Coward
      Anonymous Coward

      how does it feel

      It feels like you're dealing with Apple. How does it feel when you've given hundreds of pounds to a company just for them to tell you that you don't know how to hold a phone properly? Likewise.

      Apple users who think that Apple are behaving reasonably here and that no other company would do more should take a look at MS technet and MS support forums. There's plenty of advice from MS on how to deal with similar shit on Winows.

      I don't like MS, but I dislike Apple even more.

    2. Turtle

      Best one line summation.

      "how does it feel, knowing you gave thousands of dollars to a company that knows you're infected and wont even tell you."

      It can't be put more succinctly than that.

  52. Anonymous Coward
    Anonymous Coward

    whatever it is

    Virus, Malware or whatever you call it, the issue i have is that because apple say it does not exsist there is little (or in their stores) no antivirus / anti-malware software.

    So when Mr or Mrs id10T install some seemingly (to them) ligit software there is nothing to warn them and is no easy way to get rid of it.

    On the PC if i try to install malware etc. i get a warning saying thats what it is and can choose not to install it. i can even scan the install file before running it. if i do install it i can just do a scan find the software and remove it two mouse clicks. On the mac there is (as far as apple will say) nothing.

    AC

    1. JEDIDIAH
      Linux

      The "whatever" mentality.

      The problem with conflating a Trojan with a self perpetuating virus is the whole "permission" thing. This brings up a separate issue. It's an issue of trust. The problem with any program that runs with your UID is the fact that it can DESTROY ALL OF YOUR DATA. It does not have to be a virus to be dangerous.

      The coder could be merely incompetent.

      This is why real operating systems don't give you free run of the entire system.

      You don't have to be malicious. You could just be stupid.

      You could execute "rm -rf $HOME" manually or run some app that does the same thing.

  53. Anonymous Coward
    Grenade

    Mac Shills and Fanbois

    It is so funny that this forum has been so full of Mac Shills and Fanbois. Probably the funniest argument I've seen posted is the claim that Macs are still safe because this is a trojan and not a virus, and you can't get infected on a Mac without giving your permission.

    You only have to read the results of the last few years of pwn2own competitions to see how easy it is to exploit Safari and Apple with drive-bys as well. It doesn't alter the fact that the easiest exploits to put out in the wild are social engineering ones. Windows is now exploited far more often through social engineering than through a drive-by or other self-replicating virus. It doesn't alter the fact that all the major platforms are vulnerable to more serious exploits. I've had a fully patched linux server rooted through a PHP vulnerabililty, so the fanbois should just shut up about their inherently secure platform, and start educating people on good security practice. That education should begin with Apple getting out of denial.

  54. Ian Stephenson
    FAIL

    PEBCAK

    Problem Exists Between Chair and Keyboard.

    The too stupid to own a computer urban legend springs to mind.

    The problem is malware hasn't targeted Macs previously as there were too few to justify writing it and therefore Mac users have gotten used to just opening untrusted attachments/downloads.

    Now Macs are popular home machines they are viable targets.

    As for the users? They'll learn and McSymanorton will bring out their malware for Macs too.

    1. Anonymous Coward
      Thumb Up

      hoho

      i always thought those who were too stupid to own a computer bought macs instead... ;D /troll

  55. Zippy the Pinhead
    Jobs Horns

    Is anyone surprised?

    They've been deleting user posts for support off their own forums for years

  56. stim

    hahahah!!!

    wahahaahaahahhaha wahahahahahaahhahaah wahahahahahaahahah!!!

    Read it and weep mac bois!

    1. Anonymous Coward
      Anonymous Coward

      Good, feel better?

      Now go back to updating your anti virus, reinstalling your firewall and patching your DLLs, sucker.

      1. MCG
        WTF?

        Say what now?

        "Patching your DLLs"? "Reinstalling your firewall"? What colour is the sky on your planet, Mr Anonymous?

        1. Anonymous Coward
          Anonymous Coward

          So you're not anonymous?

          blablabla

        2. Getter lvl70 Druid

          He's right actually....

          The latest version of WinDefender and it's variants are all in the registry, killing off AV, firewalls, system tools, corrupted files, replicating motherfucker, etc. Fucking pisses me off too. Three machines in different parts of the city, two patched XP Pros and one Win7Pro - was able to save data on the Win7 and XP machines but the installs were destroyed, the one I was able to recover was the lawyer who called instead of clicked about the weird shit that started off one of his legal beagle sites.

          Don't even try to click the X, whole fucking thing is an install button - gotta kill the browser process.

          I truly hate the fucks who write this shit - waterboarding would be the funnest thing to expect from my interrogation... just saying.

  57. vincent himpe
    Coat

    of course not

    after all, there are no viruses for OsX , so why would there be a need to tell customers that they have one on their machine.

    coat please ( its the asbestos flame-proof one... )

  58. Tim Spence

    Rapture

    Is this like the rapture, but very specifically for Apple users?

  59. JaitcH
    FAIL

    Apple products - computers or Lemon 4's - are perfect; Jobs said so and would he lie?

    Once again, Jobs mob is playing dishonest with their customers. Seeing how they have already been taken for premium prices you would hope for, but not expect, straight dealing.

    No one is perfect, except in Job's mind - and that the sun shines out his nether end.

  60. P. Lee
    FAIL

    Not a virus...

    My sister-in-law got one of these. Gay porn appearing randomly after a "virus scanner" was downloaded.

    I killed the program, removed it from the "start on login" list and dragged it to the trashcan.

    No problems since and certainly not a virus.

    If this is the extent of windows infections too, I don't think anyone should worry.

    1. Anonymous Coward
      Anonymous Coward

      WIndows infections go much deeper...

      The DLL cache and prefetch cache will be infected. Watch out for the system restore points being infected, don't rely on them to save you. System level DLLs will get replaced, registry changes might be cmade to prevent the user from undoing registry changes that would halt the infection.Lots of fun. A Windows CD might be needed to get things back in order if the WinBox only has a recovery partition that can do a factory reset and the owner never made any recovery CDs/DVDs. These bugs in the Windows world can be very persistent... Malwarebytes (no affiliation with me) is a good tool for removing most of them.

      I think Apple just doesnt want to tell their customers that they were stupid, and I can see how if they did then people would get upset, no one likes to admit they made a mistake, and certainly no one likes to think that they were ignorant enough to be duped by a fake virus scanner for a machine which has no viruses... trojans and ,alware yes, viruses no.

  61. El Pollito
    Go

    I'm a technician at an ASP and ...

    I saw this about 10 times a week before it hit the headlines. It's not an 'infection' it's just a fake antivirus. Mac Defender (and it's aliases) is the first widespread fake antivirus to hit naive Mac users (i.e. amateur users) compared to 100s if not 1000s of Windows malware programs. The fact is that to remove this malware all you have to do is kill the process and drag it into the Trash Can unlike the Windows malware that disables the real antivirus and firewall, and hooks into the registry. You need an anti spyware utlity and a real antivirus to clear a lot of that - I've even come across some nasty Windows fake AV rootkits too. So Mac OS is still a far more stable and secure OS than Windows will ever be. Jog on, kitties!

  62. Getter lvl70 Druid
    Go

    Nothing to see here - Move Along

    Just thinking about what-might-have-beens..... I am/was part of the small gathering of people (guessing ten plus/minus five lol) that wanted OS/2 Warp to succeed in a big way(IBM fail), more or less forced on to Windows (no real alternative at the time with x86 hardware), flirted for a while with Solaris/Solarisx86 (pizza boxen anyone?), migrated to SUSE Linux (German fail- sold out to Novell, who sold out/died). and ended up with Windows again instead of MacOS ($$- maco's is/was funner to say than OSX btw).

    OS/2 Warp sure was sexy.... and it would have the exact same issue as Windows/OSX/Linux/Unix has - an I/O disconnect between the keyboard and the chair. No amount of security can overcome the inalienable right of your average human being to do something stupid - Rule #357b, attachment #47c, addendum #7, ref: GIGO..

    :)

  63. Anonymous Coward
    WTF?

    Why the big deal with this folks?

    It's not a big deal to kill this thing, simply kill the task in Activity Monitor, remove it from the applications folder and then remove it from your run on startup list in your account profiles.

    It's not even trying to hide or do anything sneaky like windows based rootkits do it's just that the Mac has become popular enough to warrant the same lame scareware attention PC's did back in the late 90's. In fact I find cleaning the infected Macs a heck of a lot easier than any PC. Lot of media hype and frenzy over nothing.

  64. Anonymous Coward
    Terminator

    Dear oh dear oh dear....

    I was going to say I don't give a rats arse what platform you use, but it would be a lie... I don't like apple. But that does not take anything away from what's actually gone on here....

    The first thing is that ANY operating system is only as secure as the person holding the admin account password.

    Right that over and done with, you can argue all day over the title of the app, call it a virus or a trojan, call it what you like its an application that does other than what is described when you downloaded it, so you want rid of it....

    Getting rid of it appears to be as simple as killing the process and dragging it to the recycle bin. So what is the big deal in Apple telling its users, "oh dear, you have been tricked into downloading something that (at the moment) is no use to you. just kill the process and drag it to the recycle bin and your all good to go." ITS JUST BAD CUSTOMER SUPPORT NOT TOO.

    Apple cannot be viewed in any other light than a really bad one for issuing memos to staff to nether confirm or deny the "malware" exists on apple systems. For a lot of companies this sort of thing could be the end of them, but because in the "fanboi" base apple have, they can do no wrong and will only have lost a few possible customers because of this.

    The thing that gets me is that as far as apple having no virus or Trojans, its the beginning of the end. To me this stinks of a recon mission. they have spent very little money on this like the fact that the web page looks more like a windows GUI than a apple one, the fact that the installed code does very little other than pop up a few porn sites. To me its just been a exercise in "lets see if the apple crowd will actually fall for this sort of attack" and the answer is a massive YES !!!!

    over the next few months expect a lot more of this type of attack and they will become more and more sophisticated in the look and feel. Then the actual payload will start to get more sophisticated and harder to remove. Apple better be working on a anti-virus/malware removal app or they will have an almighty fall heading their way....

    Head in sand Icon please..

  65. Anonymous Coward
    FAIL

    bwahaha

    bit irresponsible of them no? not suprised rly.. boooo to crapple!

    anonymous coward because there are far too many of them out there...

This topic is closed for new posts.

Other stories you might like