Worm 'proves' Macs as vulnerable as PCs

An anonymous security researcher claims to have developed a worm capable of delivering a malicious payload to fully-patched Mac OS X systems. A posting on the Information Security Sellout blog insists that the worm proves that Apple computers are as vulnerable to malware as Windows-based PCs. The blog is written by a group of anonymous researchers using the name 'Infosec Sellout'.

The researcher responsible for the post claimed to be developing the worm for a client, and said that no proof-of-concept or related details will be published. The author claims that the client does not plan to use the worm for criminal purposes. The author has not yet notified Apple of the bug, but plans to contact the company "eventually".

View: The full story
News source: vnunet

Report a problem with article
Previous Story

EU to rule on Microsoft appeal Sept. 17

Next Story

Skype 3.5.0.178 Beta

116 Comments

Commenting is disabled on this article.

LTD said,
So it was all fake, then?

Very well.

On we go, no viruses yet. STILL AT ZERO. :cool:


Yep- still at zero.
zero interest
zero worth

tao muon said,
Yep- still at zero.
zero interest
zero worth

There was enough interest on your part to post your smart comment, along with all the other Mac-bashing trolls who don't know what the hell they are talking about. There was more interest in this post than in the one posted at the same time where hackers stole information from the government by planting viruses on several departments PC's (which were obviously running Windows).

It's really simple.

That these people are referred to as "researchers" is an insult to professionals who actually do important research. Anyone can put up a blog and claim whatever they want, without showing proof or identifying themselves. As far as Mac OS X security is concerned, my own "research" shows that there is no real world threat. Until there is such evidence, these Mac OS X security stories are just a source of ongoing amusement.

Macs are just as vulnerable, you say? Great. Ok. Where's the beef??? Where's this fabled UNIX virus that will bring OS X to its knees? Seems it's rumoured to be in a lab somehwere, or in controlled environments on Macbooks where there's a contest and a prize is involved and the OS' security was lowered incrementally in order to give contestants a chance or whatever. It's cool if you're into kissing you're sister, lol.

pretty much any operating system can be exploited.

It stands to reason if someone is clever enough to Make it then its only a matter of time before someone figures out how to reverse engineer it or finds a flaw in it.

I didn't see anyone ask, but if this alleged malware targets OSX, isn't it feasible that it could potentially infect many Macs, AppleTV and the iPhone ... and maybe even future iPods and other Apple devices?
That would raise it's impact from a half-dozen or so percent of the computer market to well into the upper hundreds of millions of devices- many of which have or are proposed to have Internet connectivity?

Sounds like a beckoning target to me.

Next Week, I'm releasing a Vista Malware in rootkit that bypasses UAC. :nuts:

*all neowinians bow to me or feel the wrath*

thank god I'm on Solaris.

yours truly

I now own your girlfriend. lol

whocares78 said,
thank god, now thats one i'd paya consultant to produce.

you can have the bitch i take no responsibility for her driving you insane!


LMAO.

Sometimes I feel the same way about mine when she drives me up a wall.

Who cares, i've got better things to worry about in my life, anybody coding malicious software in anyway, shape, or form, should be shot, oh and i've never used a Mac and love my Vista x64!

Right but you do realize that a major decisive factor when getting a Mac for most people has been the fact that Macs couldn't get infected. Now that this is slowly being taken away, the Macs could take a hit.

obsolete_power said,
Right but you do realize that a major decisive factor when getting a Mac for most people has been the fact that Macs couldn't get infected. Now that this is slowly being taken away, the Macs could take a hit.

Nothing is being taken away as there are still 0 viruses on the Mac, and 0 proof that any virus exists.

Binary said,

Nothing is being taken away as there are still 0 viruses on the Mac, and 0 proof that any virus exists. :rolleyes:

may be no viruses technically but trojans exist, see above post and security vulnerabilites exist, all viruses need is a vulnerability.

whocares78 said,

may be no viruses technically but trojans exist, see above post and security vulnerabilites exist, all viruses need is a vulnerability.

And all of the ones you linked to earlier have been patched ages ago. When are you going to accept the fact that you simply haven't got a clue what you are talking about?

roadwarrior said,

And all of the ones you linked to earlier have been patched ages ago. When are you going to accept the fact that you simply haven't got a clue what you are talking about?

and so has almost ever single hole that MS ever had and was affected by, so does that mean there are no viruses for windows, umm no it means they can no longer affect a patched machine. you can argue all you like, the fact is there are viruses trojans that have existed for mac OSX in the wild, so do no tcome telling me there are ZERO (0) viruses for OSX when clearly thers are.

my point wasn't that OSX is not secure, it actually is failry secure, my point is that there have indeed been vulnerabilities and viruses for OSX, denying they exist or ever existe doesn't help anyone except apple.

Going around telling everyone there are none does no good all it does is lull peple into a false sense of security. i.e the reason why most mac users do not use a firewall or even run AV software and i have known a lot of mac users, all it takes is one virus and all those users are screwed senseless, all because a few people said there are no viruses for OS X period (but fail to tell them about the ones they think don't count, like ones that have been patched or proof of concepot viruses) and they thought that it was fine to not worry about security.

Now correct me if I am wrong (because I very well may be) but isnt MS more vulnerable due to a court order to release some of its code so that it isnt considered a monopoly?

i dont think Ms has followed through with that order yet, lol

nid~vaeda said,
Now correct me if I am wrong (because I very well may be) but isnt MS more vulnerable due to a court order to release some of its code so that it isnt considered a monopoly?

Yes. I mean, yes you are wrong.

They haven't released any code, and there's no court order asking to do so. It's all about documentation.

There always are a chance to be contaminated by virus, if not by the vulnerability of the own system, then by a "social hack" and mac users (i'm not flamebaiting) usually are not considered the more smart people around here.

Not to be mean, but I really do think that everyone is living in this false sense of security. Just be cause no one has written one for the Mac doesn't mean it can't happen. Where as windows has been hit for years, because of that there is security software out there, the same software in fact that mac users made fun of for years. Problem is that mac users find no need to run it. So when an attack finally does occour , it will take the mac community by storm, quite possibly worse than it would on windows, mainly because of the arrogance from both apple and the mac community.

Virus authors have had 6+ years now to write a successful OS X virus. It hasn't happened yet, and the chances of it happening any time soon are slim to none.

roadwarrior said,
Virus authors have had 6+ years now to write a successful OS X virus. It hasn't happened yet, and the chances of it happening any time soon are slim to none.

OR, they could spend there time making Viruses for PC's when theres TONS more out there than Macs.

Unfortunately, the mDSNResponder flaw was patched few weeks ago via OS X.4.10 update.
OS X is not invincible, just like the other OS, but this guy is beating a dead horse.
'Nuff said.

Source

I haven't tried OSX but in my Opinion, market share and popularity have no effect on OS security. Some operating systems are by default more secure.
UNIXes are by default more secure than windowsXP (I haven't tried Vista).

There are two issues to consider here.
1. How much of the base system if written by the main distributer.
Windows has the upper advantage here because if a security bug is found in windows, MS wrote the software and theoretically they should be able to solve it.
On BSD/Linux, if a bug in for example X11 is found, they would have to wait for Xorg foundation to fix it.
2. Method of software installation.
BSD/Linux has the advantage here because most software is open source and thus doesn't contain spyware. Also there is less chance the user is going to install malicious software since unlike WindowsXP, most software will be packaged from the distributor. Another thing is that the Setup.exe method is extremely bad because it doesn't do dependency checking and doesn't keep track of installed files. But Microsoft's msi packages should solve this, correct?

How does OSX install software, does it use a package manager like Linux?

When it comes to virus infections, there is no excuse. Even OSX can run clamav.

on OS X most apps are installed by dragging the application's file (it is one mostly... extension is *.app) into the applications folder...
some applications or expecially professional suites come with an installer which checks for dependencies.
"Even OSX can run clamav." So WHAT?
don't you think that security companies want to earn some money from the mac user community, too?
its about money, it's not like those security companies are like charities for the public.
very often those proof-of-concept virus developments are sponsored or done by security firms, guess why...
hey, we found vulnerabilities, buy our product and get the protection you need!!!
see the bold BUY?

Glassed Silver:mac

water.hammer said,
On BSD/Linux, if a bug in for example X11 is found, they would have to wait for Xorg foundation to fix it.

Or they can fix it themselves (we're talking about companies with some coding resouces here, aren't we?) and submit the patch to the Xorg developers.

[sarcasm] PERHAPS an airbus a380 should drop from the sky, full with passengers, just to show its vulnerable and to make all boeing fans happy and shut the airbus fans up [/sarcasm]

i know you cant compare human life to computers' lifes (lol... life..), but I hope you get what kind of idiotism you just dropped...
please don't be such a mad person, the only reason for flame wars, extreme fanboyism etc... is intollerance and aggression

Glassed Silver:mac

So


let me see if i get this right


1) We have a John Doe who claims that he has developed a worm for OS X
2) He does not gives information about what it does
3) He is not going to inform apple about the "worm"
4) He is working for an unknown client
5) and apparently he is the same one claiming he hacked a the airport wireless network and just showed a video without any proof-of-concept what so ever


so basically we have NOTHING

how convenient

hmm I know

[sarcasm]
Guys I'm creating a worm for Vista, is the ultimate Worm, its so cool that no one is going to know that they have it installed, well actually you already have it installed but you don't know you have it...

there thats it =D, maybe Neowin should post a story about this

"Hacker" creates a worm for Vista, that no one knows they have installed
[/sarcasm]

the best thing of all, are all the anti-apple crew, claiming he is saying the truth without showing any proof of anything

The RDF got you badly.
There was a non-working POC worm for alpha version of Vista. And all the new were about it. Do you have memory issues?

I'm not sure about the rest thinks, but to me saying that "Macs are just as vulnerable as PCs" is just stating the obvious. Of course they are! It only takes one programmer who takes the time to write a malicious program for Macs, and there you go.

I'm not anti-Mac, don't get me wrong. I'm still gonna get one sometime. I'm just thinking that people need to drop their false beliefs about things sometimes. The truth is that Macs aren't invincible. PCs aren't either.

In fact... Nobody said Macs are invincible. It's a false believe manifested by the masses of humans.

That beliefe was created by Apple themselves with all their commercials saying how secure OSX is and all the print ad's they run and the WWDC's claiming it...

No, the belief was created by 6+ years of unimpeded web surfing, and the current percentage of viruses for OS X, which is ZERO.

Perhaps one day that figure will change. Until then, the UNIX/FreeBSD/Mach security architecture deserves its fine reputation.

Macs are safer...
UNIX and Apple's own security implementations make it safer from the base copared to windows' base...
then, additionally to that, and that is the very main reason: macs are a minority, that is why no1 is interested in attacking them appart from guys who didnt get enough attention paid by their moms, those who are paid by security firms that need more user base and of cause those coders, who want to prove something.
so yes, in fact macs are attackable, but they are safe... paradoxum?
hardly... as long as there are no attacks, you dont have to be affraid of anything... the only possibility to attack something, doesnt make it in the moment of not being attacked unsafe! :)

so please guys, dont mix up those words

Glassed Silver:mac

neufuse said,
That beliefe was created by Apple themselves with all their commercials saying how secure OSX is and all the print ad's they run and the WWDC's claiming it...

At this point, can anyone call Apple liars? Nothing has been released, no systems have been infected, and life goes on.

LTD said,
No, the belief was created by 6+ years of unimpeded web surfing, and the current percentage of viruses for OS X, which is ZERO.

Perhaps one day that figure will change. Until then, the UNIX/FreeBSD/Mach security architecture deserves its fine reputation.

im going to pretend im a hacker, which one should i make a virus for, the 30+ Million macs or the 2+BILLION PC's? tough question.

neufuse said,
That beliefe was created by Apple themselves with all their commercials saying how secure OSX is and all the print ad's they run and the WWDC's claiming it...

They never said Macs were invincible. They said that Macs are more secure, and that Macs have less virusses available. I asked the people at the Apple store about security, and they said the same thing. In fact, they said:
"There are viruses for Macs, but not as much as with PCs, so the chance to get infected with a virus is much smaller. Of course you can install a virus scanner, just to be sure."
If Apple people don't say the Mac is invincible, then who does? The masses.

Also, yeah, we shouldn't forget that Macs have a UNIX core. That adds a major security 'layer' to the whole system. I think a lot of people don't know this and how the UNIX core works. For those people I suggest reading up a little, it's very enlightening.
Even better, install a UNIX-like OS on your computer. Theory is nice, but experience is always handy.

Why in the world would someone be developing a worm for a "client"?... that sounds highly malicious... who would need to have a worm developed and be willing to pay for it in the commercial world?

neufuse said,
Why in the world would someone be developing a worm for a "client"?... that sounds highly malicious... who would need to have a worm developed and be willing to pay for it in the commercial world?

Oh, I don't know...how about a company looking to make a splash with the "only anti-virus app for OS X that can keep you safe"? It's highly suspicious and I really question the lack of proper news reporting Neowin does sometimes. To have a headline like "Worm 'Proves' Macs as Vulnerable as PCs" is ridiculous. Nothing has been proven and even if the worm DID get out, Macs have a TON of ground to make up if they want to be just like PCs.

Seriously, who really cares about this.

If you feel that unsafe using your computer on the Internet I believe there are some bomb shelters left over from the 1950's you can go hide in. I'm certain you will be safe there.

wow...
the apple fanboys are REALLY out in force to try and bury this information.
why can it just be accepted that there could possibly be some flaws in the shiny apple ? yes the group haven't PROVED this works to anyone outside their group, they just say they are working on it and testing it.
OS X is an operating system built by humans, there for will contain human error, and will there for have bugs/exploits, deal with it and stop acting like your all so high and mighty just coz you dare to be different

[Edit]
a message sent to this "group"

"I dare you to demonstrate this at Defcon you ****** Microsoftie. We will drag you out, put a bullet in you, and bury your body so deep it will take a nuclear blast to find your body."

.... i dont know what to say...

redmosquito said,
everyone knows that apple osx is not perfect.

but thanks, anyways. :)


Exactly. OS X isn't perfect but it's built upon UNIX (FreeBSD) which has so far proven to be harder to write exploits for. I guess on Neowin that makes me a "Fanboy."

clx said,
[Edit]
a message sent to this "group"

"I dare you to demonstrate this at Defcon you ****** Microsoftie. We will drag you out, put a bullet in you, and bury your body so deep it will take a nuclear blast to find your body."

.... i dont know what to say...

wow someone was actualy stupid enough to type something like that? its almost as bad as the news its self
alot of looney people in this world gonna kill someone because they said something bad about their precious macintosh computer oh no its the end of the world...retards

You know, I really hate it when skepticism, which I consider to be a positive quality, is mistaken as being a fanboy. I understand there are fanboys out there, and I agree they can be very annoying, but asking a few questions about the validity or honesty of a news story isn't fanboyism - it is just common sense.

Ledward said,
We have every reason to believe that there are lots of bugs in Mac OS X, and that they're just waiting to be exploited. It's just that no one has bothered, so far.

I think LOTS of people are trying, even if it is just to make a point. Showing they are right and Mac OS X is indeed as fragile as Windows. Would give them lots of attention :-) The fact this article is front news proofs it! Cannot imagine a front news article every time a new Windows worm or virus has been detected!

I agree here... I think its silly to think that JUST because the mac is the least used OS that few people are gonna try to crack it... I'm willing to bet thier are lots of people trying to make a point also... people who are fedup of fanboys praising that thier OS is unbeatable....to get the front page with thier awesome discovery.

I find it equally amusing that those who seem to have the slightest doubt in this specific claim are automatically dubbed a fanboy.... *chuckles*

Have any of the other 4 posters before Glassed Silver read the full article or followed the links?
If not here's a synopsis.

The aforementioned code has alledgedly been written by someone calling him/her self Infosec Sellout. He/She has called this exploit Rape.OSX and suggests that it can be 'fully weaponised' rather than just leaving a text document behind as proof of delivery source. The worm's creator will not release details of this exploit to Apple or anyone else until the worm has been fully tested and all results are known as it would apparently be irresponsible to do so.

It has also been claimed that the code was written in only a few hours making one bonafide security researcher state that it's probably nothing more than a stack overflow exploit. If the code is eventually released for proper analysis then Apple will no doubt release a patch if the exploit is genuine.

Until then this is not FPN.

Why is Neowin now posting rumours on to the front page? The guy has not released any information about the worm. Has not released the worm. It's just him saying it exists.

Well ya know what I saw an alien last night. And he told me his coming to conquer the earth! - Quick Neowin get the scoop of the century!

I mean seriously I know its 'Unprofessional Journalism' but at-least try.

You have to be pretty stupid to NOT believe it. While this "hack" hasn't been substantiated, it just adds more to the completely logical reasoning where all OSes are as buggy as each other on a fundamental basis, and that the more exposure an OS gets, the more vulnerable it is to attacks.

We have every reason to believe that there are lots of bugs in Mac OS X, and that they're just waiting to be exploited. It's just that no one has bothered, so far.

Ledward said,
You have to be pretty stupid to NOT believe it. While this "hack" hasn't been substantiated, it just adds more to the completely logical reasoning where all OSes are as buggy as each other on a fundamental basis, and that the more exposure an OS gets, the more vulnerable it is to attacks.

We have every reason to believe that there are lots of bugs in Mac OS X, and that they're just waiting to be exploited. It's just that no one has bothered, so far.

I don't think Vice is disputing the fact there are many bugs with a large variety of OSes... I however think he/she is disputing the fact that a rumour should not be made as front page news. And that the security model of OSX is far superior to that of Windows.

Why write a virus to effect a small minority? If you want maximum impact you target Windows based machines.

You want to make news, or rather, "news", you write one for OS X. So far, even proof-of-concept writers have made the headlines.

Anytime you hear the words "security" and "Mac" in the same sentence, it's potentially big news.

since mac osx is an operating system, its as vulnerable to malware as any other os.

the only thing that makes macs a bit safer, and glassed silver already pointed that out, is the market share.
until now it just didnt make sense to develop worms for apple computers because the market share was just too small and only professionals used it, which means they know just how to deal with security (and lets face it: most of the average windows users dont know how to set up a firewall properly).
with apple aiming more at the consumer market (mac mini, macbook, 17" imac) and so gaining more market share, it makes much more sense now to code a worm for apple. it will just infect more computers. and as far as i know one of the most important reasons to code a virus is to infect as much computers as possible, right after "make as much trouble as you can".


in anyways, i agree with glassed silver fully.

redmosquito said,
since mac osx is an operating system, its as vulnerable to malware as any other os.

the only thing that makes macs a bit safer, and glassed silver already pointed that out, is the market share.


Yeah, security features are irrelevant - they're all operating systems therefore they're all just as vulnerable as each other! /End Sarcasm

No-one is suggesting that market share doesn't play a huge role but to say that all operating systems are basically on par and that their security is based completely on the number of users is nonsense. XP had little concern for security, only becoming "secure" after SP2. OSX, on the otherhand, was designed with security as a central feature and, despite an increase in exploits/vulnerabilities recently, that still holds up. However, now Windows users have Vista, which put security at the forefront - it still remains to be seen how secure it will be but it's at least a step in the right direction.

theyarecomingforyou said,

Yeah, security features are irrelevant - they're all operating systems therefore they're all just as vulnerable as each other! /End Sarcasm

No-one is suggesting that market share doesn't play a huge role but to say that all operating systems are basically on par and that their security is based completely on the number of users is nonsense. XP had little concern for security, only becoming "secure" after SP2. OSX, on the otherhand, was designed with security as a central feature and, despite an increase in exploits/vulnerabilities recently, that still holds up. However, now Windows users have Vista, which put security at the forefront - it still remains to be seen how secure it will be but it's at least a step in the right direction.


you are right of course. but i thought it was clear that not all os are on par. i thought everyone was aware of that, so i didnt mention it.

but: in theory every os can be harmed by some especially designed worm or virus or whatever.
one can be harmed easier, one is harder to get.

theyarecomingforyou said,

Yeah, security features are irrelevant - they're all operating systems therefore they're all just as vulnerable as each other! /End Sarcasm

No-one is suggesting that market share doesn't play a huge role but to say that all operating systems are basically on par and that their security is based completely on the number of users is nonsense. XP had little concern for security, only becoming "secure" after SP2. OSX, on the otherhand, was designed with security as a central feature and, despite an increase in exploits/vulnerabilities recently, that still holds up. However, now Windows users have Vista, which put security at the forefront - it still remains to be seen how secure it will be but it's at least a step in the right direction.

OSX wasn't designed period. It's FreeBSD with a fancy Xwindows interface...

GreyWolfSC said,
OSX wasn't designed period. It's FreeBSD with a fancy Xwindows interface...
I'm pretty sure that Macs don't use X for windowing. They have their own system.

GreyWolfSC said,
[...]

OSX wasn't designed period. It's FreeBSD with a fancy Xwindows interface...

this statement shows the level of your competence in this topic...

Glassed Silver:mac

just a quick comment about you claiming mac users understand security better, ummm NO. just wondering how graphic designers (who are the professionals that use macs, i know very few IT guys that use MACs) are more security concious than anyone else, most wondows user may not know how to config a firewall pproeerly but i can guarantee most mac users don't even use one. From my expierience mac users are no smarter athan PC users, you comments are just ridiculous. and if we are comparing users it's the linux users that understand security better than all

hold on hold on hold on...
so this idiot (sorry, but obviously yes) has developed a malicious app just to prove something we a) already know b) isnt exactly as correct... mac's are a bit safer due to Mac OS X, while the small market share still is the mac user community's biggest protection...
and now he doesnt release any info, because ugh... he's too cool for it or what?
lol... if u ask me, how about me spreading unproved sh** like this and then trying to make it on Neowin FPN.... lol
cmon... he gives us no proof at all, neither to apple...
why is this on FPN?

im not trying to say its impossible to code malicious code, but why in hell would you wanna code something and then don't hand it to apple or so... just to prove something we already know, uhm... yea... whatever

Glassed Silver:mac

There was an article on Cnet a month or two ago about how Apple doesn't give people/organizations credit (or sometimes acts negatively) when the researchers discover vulnerabilities in it's software... this has caused a hesitation to report these issues.

Microsoft used to do the same, but quickly learned that they were just shooting themselves in the foot.

Yes, I've written code that will compromise any bank account, withdraw the amount of funds that I specify, deposit them in a numbered Swiss account, and fool the Swiss into thinking that the account belongs to Dick Cheney to make sure that they leave it alone.

However, I don't want to provide any proof for this exploit because everyone will want to use it.

Ricmacas said,
I think that Mac is more vulnerable that Windows. It's just luky.

also have to agree, if Macs were as popular as Windows, there would also be tons of security threats, mainly because hackers and virus makers attack the bigger crowd, Pc's.

kickenchicken360 said,

also have to agree, if Macs were as popular as Windows, there would also be tons of security threats, mainly because hackers and virus makers attack the bigger crowd, Pc's.

Yeah I've said it many times before, nothing making macs invincible it's just what's the point given how few people use them?

trip21 said,

Yeah I've said it many times before, nothing making macs invincible it's just what's the point given how few people use them?

The "it's just because of the marketshare" theory has been repeatedly debunked.

ichi said,
The "it's just because of the marketshare" theory has been repeatedly debunked.

by who and where, i have never read anything about it being debunked at all let alone repeeatedly

It IS because of marketshare.

Out of all the people I know, there is only 1 person that has a mac, and that one person most likely doesn't know anyone else that owns a mac. If she gets infected, there's no one to spread it to. It doesn't spread so it would be a waste of time and stupid to make a virus or worm for the mac.