The Register has reported that a new of the Mac scareware, MacGuard is able to bypass the need for authentication to install software by virtue that most users have assigned themselves administrator rights. The new variant installs onto the Application folder instead of the Download folder thus being able to bypass authentication.
ESET's David Harley was quoted as saying "that all advice along the lines of “treat as suspicious all unexpected requests for the administrator password in order to install something you weren’t expecting to install” require expansion."
This is very true as most Windows users are already accustomed to various devious methods for malware in attempts to infiltrate the machine. Unfortunately, Mac users have been accustomed to think that they have no need to worry about risk. The question of whether Macs needing protection is no longer a debatable issue.
We urge Mac users to ponder and reconsider if they think that Macs are safe.
ESET blog on MacDefender and its siblings here.
ESET NOD32 Antivirus Mac is available for 30 day evaluation download. Link here
Sunday, May 29, 2011
Sunday, May 15, 2011
Profesional malware generator
The guys at F-secure have found blogged about an interesting observation regarding availability of Zeus bot and it core components to operate the botnet for sale for $500. The original article here [link].
It comes complete with the necessary programs to operate the botnet including a well written manual on how to use it. it even has a change log to denote updates and progress on the entire program.
Computer security companies have been trying to get people to understand that the malware scene has completely evolved from a bunch of intelligent kids out to prove a point to professionals out to make profits from such activities. This is proof of the money chain in malware activities.
Interestingly at the other end of cybercriminals, The FBI in USA are also employing spyware which is claimed to be for legitimate law enforcement use. Codenamed CIPAV, is planted on suspected criminals to monitor their online activities. SC Magazine has an article [link] on this matter and it pretty much confirms that security industry players are not part of this. Do we detect this spyware? Your guess is as good as ours.
This blog is maintained by Basic Gateway as the distributor of ESET products in Malaysia since 2005.
 |
| Picture from F-secure |
Computer security companies have been trying to get people to understand that the malware scene has completely evolved from a bunch of intelligent kids out to prove a point to professionals out to make profits from such activities. This is proof of the money chain in malware activities.
Interestingly at the other end of cybercriminals, The FBI in USA are also employing spyware which is claimed to be for legitimate law enforcement use. Codenamed CIPAV, is planted on suspected criminals to monitor their online activities. SC Magazine has an article [link] on this matter and it pretty much confirms that security industry players are not part of this. Do we detect this spyware? Your guess is as good as ours.
This blog is maintained by Basic Gateway as the distributor of ESET products in Malaysia since 2005.
Subscribe to:
Posts (Atom)