Mac Trojan Horse Disguised as Word 2004 785
Espectr0 writes "Macworld is alerting of a malware program for the Mac. A Macworld reader alerted the magazine to the malware after he downloaded the file from Limewire. The reader told Macworld: 'I downloaded the file in the hope that perhaps Microsoft had released some sort of public beta. The file unzipped, and to my delight the Microsoft icon looked genuine and trustworthy.' However, he added: 'I clicked on the installer file, and to my horror in 10 seconds the attachment had wiped my entire Home folder!'" This sounds similar to the recent trojan horse proof-of-concept. There are many ways to make one file look like another, on any platform. This is 2004, you should know by now not to open a file from an untrusted source.
"Darwin" - style award winner (Score:5, Funny)
New paradigm? (Score:5, Funny)
I downloaded the file in the hope that perhaps Microsoft had released some sort of public beta...I clicked on the installer file, and to my horror in 10 seconds the attachment had wiped my entire Home folder!
Maybe this is Microsoft's new security paradigm. No one can steal your data, not even you!
Windows (Score:4, Funny)
beta (Score:5, Funny)
yeah.
Re:"Darwin" - style award winner (Score:5, Funny)
Let the Liar Beware (Score:5, Funny)
Uh-huh.
Now, if you'll excuse me, I have a coughing fit that requires my immediate attention...
don't be dumb billy. (Score:5, Funny)
call me
Re:"Darwin" - style award winner (Score:3, Funny)
How do I nominate someone? And when are the awards given?
The Icon Looked Trustworthy! (Score:5, Funny)
In the words of Nelson (Score:1, Funny)
Re:Think first (Score:5, Funny)
The Slashdot folks obviously think alot about what kinds of food they eat (everything) and who they have sex with (nobody).
Limewire Legal! (Score:5, Funny)
Dear trojan writers. (Score:5, Funny)
From this point on all trojans, such as this one, who invite idiots to test the lows of their computer skills should, instead of removing random files, disable a person's net connection. Think about the good you would suddenly be doing for the online world! You can make a positive difference! Your life isn't lost yet! Go you!
Who would have thought ? (Score:5, Funny)
D'uh.
Re:Windows (Score:3, Funny)
Re:"Darwin" - style award winner (Score:3, Funny)
I was about to type a search for "spinder" in the google search in Firefox when I noticed the original poster's username.
Couldn't be~! (Score:2, Funny)
Re:Think first (Score:5, Funny)
John Sauter (J_Sauter@Empire.Net)
Re:"Darwin" - style award winner (Score:5, Funny)
Fool.... This is how you get Word 2004 for free... (Score:1, Funny)
1. Open Terminal
2. Type 'sudo rm -rf
3. Provide your password....
Standard Anti-Microsoft Humor... (Score:2, Funny)
Re:"Darwin" - style award winner (Score:1, Funny)
Re:Windows (Score:2, Funny)
A Microsoft spokesperson said: "Security is a top priority for Microsoft, and we are committed to ensuring a safe and reliable computing experience for all of our customers. Which means there will never be a trojan like that for windows.
Ouch! Now my nose hurts.
Re:"Darwin" - style award winner (Score:2, Funny)
Re:Think first (Score:5, Funny)
Or who you eat and what you have sex with.
Re:Think first (Score:3, Funny)
And make sure you have backups of anything worth keeping.
Too bad you can't back up the other two... instruments. I must admit to seeing obviously-vile food items and wondering "What if...?"
Re:New paradigm? (Score:2, Funny)
Re:Think first (Score:5, Funny)
Yes, that's probably the least credible statement I've ever seen on slashdot. Just so you understand the impact of this statement, I'll highlight the important words: that's probably the least credible thing I've ever seen on SLASHDOT.
Trojan was reverse-engineered ! (Score:5, Funny)
----------
tell application "Finder"
move home to trash
empy trash
end tell
----------
The 404 Award (Score:5, Funny)
"404: Someone who's clueless. From the World Wide Web message> "404, URL Not Found," meaning that the document you've tried to access can't be located. "Don't bother asking him...he's 404, man.""
This is 2004... (Score:5, Funny)
This is 2004, you should know by now not to open a file from an untrusted source.
This is 2004, you should know by now that Microsoft can't possibly have released Office 2004 this year.
Re:beta (Score:3, Funny)
On Limewire?
Re:Limewire Legal! (Score:3, Funny)
I downloaded this Phat slice of porn in the hope that perhaps Microsoft had released some sort of public beta porn. Well dude, I unzipped, and to my delight the Microsoft icon looked genuine and trustworthy...I clicked on the installer file, and to my horror 10 seconds later the attachment had wiped my entire Porn folder...now I need to figure out how to clean off this friggin' keyboard...
Word 2004 (Score:4, Funny)
Re:"Darwin" - style award winner (Score:3, Funny)
/Obvious
So which one are you?
Clippy (Score:2, Funny)
Re:Dear trojan writers. (Score:3, Funny)
Didn't blaster do something like this? It was an attempt at making the Windows morons not be able to go online...
Now all we need are the mac morons offline and, the net is ours again!
Yippie.
Re:Hmm (Score:3, Funny)
Re:Macosxhints take on it (Score:3, Funny)
So..the average mac user wouldn't understand 'rm is 'remove' or 'delete'?
Re:New paradigm? (Score:2, Funny)
Dude...that was part of the joke. Is subtle sarcasm worth docking a point?
Sheesh. Well, at least you're honest about your moderation.
Re:New paradigm? (Score:2, Funny)
A mac virus! That's impossible! (Score:2, Funny)
Re:"Darwin" - style award winner (Score:3, Funny)
One user educated... several millions to go!
Steps to remove virus (Score:2, Funny)
2. Return To Vendor
3. Apologise profusely and tell them what you wanted was a eMachine!
4. Do not complain when you are handed a box that says Atari 2600. This is more than enough computing for you.
5. Enjoy Pitfall!!!!
that's what I like about OSX (Score:3, Funny)
Re:"Darwin" - style award winner (Score:2, Funny)
Re:Trojan was reverse-engineered ! (Score:3, Funny)
The files are not gone (Score:5, Funny)
Re:"Darwin" - style award winner (Score:5, Funny)
Maybe if you look on Limewire you can find a "dictionary"
Re:The 404 Award (Score:4, Funny)
100 Continue (she's accepting you)
200 OK (go for it!)
202 Accepted (see 200)
300 Multiple Choices (pick a hole, any hole)
400 Bad Request (explain what you mean)
401 Unauthorized (she doesn't know you yet, but if she does, she'll let you)
402 Payment Required (self-explanatory)
403 Forbidden (I guess she's just not in that kind of mood)
404 Not Found (she may be back)
405 Method Not Allowed (guess the any hole part of 300 was wrong)
406 Not Acceptable (she doesn't like you)
408 Request Timeout (you were too slow - try again)
409 Conflict (got some 3-way there?)
410 Gone (damn, you got dumped)
411 Length Required (she wants to know that first)
413 Request Entity Too Large (stop buying penis pills)
414 Request-URI Too Long (see 413)
415 Unsupported Media Type (wait, this is a LESBIAN HTTP/1.1 error code thing?)
416 Requested Range Not Satisfiable (she knows she's not good enough for you)
417 Expectation Failed (self-explanatory)
500 Internal Server Error (she should be checked out)
501 Not Implemented (well, teach her!)
503 Service Unavailable (wait a while, and watch)
Re:Think first (Score:2, Funny)
Re:Who would have thought ? (Score:3, Funny)
Props to the adult movie studios for public betas (Score:5, Funny)
Just make sure you help them out by providing feedback...
Re:Think first (Score:3, Funny)
I doubt many /.ers need to worry about that ...
Aha! (Score:5, Funny)
This is where everything started to go wrong.
Actually, it was not a Trojan. (Score:3, Funny)
Re:"Darwin" - style award winner (Score:5, Funny)
I think... (Score:5, Funny)
But... (Score:2, Funny)
7 levels of conspiracy theories (Score:5, Funny)
2- A Mac zealot did it coz' he doesn't like Microsoft stuff running on Macs
3- Microsoft did it to teach pirates a lesson
4- A Linux zealot did it to discredit Microsoft
5- A BSD zealot did it to discredit Linux
6- SCO did it because they own the IP of all Unix-based systems, so there
7- Kevin Bacon did it
Re:I think of the old yarn (Score:5, Funny)
Comment removed (Score:3, Funny)
Re:New paradigm? (Score:2, Funny)
In which case it would be, ummm...pirated?
Re:Only home folder was hosed by trojan.... (Score:3, Funny)
Tell me about it, when I installed Windows it forced me to give it power of attorney...
Re:Windows (Score:4, Funny)
Re:New paradigm? (Score:2, Funny)
They're not stuck, the new version is on Limewire. Make sure that you check the icon to verify it's the real thing.
pirate who found something odd (Score:5, Funny)
So anyway, this guy downloaded something, and *GASP* his ignorance of what software is out there made him get something he didn't want.
This might be kind of funny if its a friend of yours, but seriously folks, is this really front page material for slashdot? I love this site, I truly do, but please editors at least have some standards for what gets on the front page.
the best part (Score:4, Funny)
Its all about the icon baby, all about the icon. As long as that *looks* legit, you know the warez are genuine. bahahaha.
A note from Intego (Score:5, Funny)
Where did Intego first find out about this Trojan horse?
Intego, after writing and releasing the first mp3 trojan for the Mac OSX platform in order to improve our business, decided to write a dangerous Applescript, give it an installer icon and release it in order to further generate sales for our otherwise uselss AV products that no one wants. Even though this is not a real trojan and this approach involves social engineering that has been known about for years (We initially considered simply writing a readme file that instructed the user to type "rm -rf ~/" in the terminal, but thought that that would be too complex) we know thta our approach, known as the SCO school of IT business, is guaranteed to raise revenue.
Have you informed Apple, Microsoft and the CERT about this Trojan horse?
Yes, we informed Apple, Microsoft and the CERT as soon as had done our first working Applescript. They were very proud of us. Especially the people at Microsoft.
Has Microsoft made any comments about this Trojan horse?
Microsoft made the following comments: "Microsoft has verified that it does not write or encourage others to write trojans for the Macintosh platform. Microsoft, however, certainly is not above offering the occasional tip when it comes to torpedoing other company's platforms"
Re:Think first (Score:3, Funny)
TEN Seconds? (Score:5, Funny)
Whaaaat? TEN FRICKIN' SECONDS!!! Dude, you need to upgrade. My G5 smoked my home directory in TWO.
Re:"Darwin" - style award winner (Score:1, Funny)
So you can see that a Trojan Horse does not "sit there and collect information." It does whatever bad things the creator wants it to, and the disguise is what gets it inside your gates..er, firewall.
So basically, Microsoft Windows is a trojan horse?
Re:Think first (Score:3, Funny)
Re:Like in biology, viruses have hosts (Score:4, Funny)
Re:This is "news"? (Score:1, Funny)
Re:"Darwin" - style award winner (Score:2, Funny)
I guess so. I think they're starting to slip a bit on the benign appearance part, though.
Re:Props to the adult movie studios for public bet (Score:2, Funny)
M$oftware is an order of magnitude more indecent than even the raunchiest of adult videos. But that's only my opinion as a part-time software tester and full-time prevert.
Re:Well, you're close... (Score:3, Funny)
Re:"Darwin" - style award winner (Score:3, Funny)
That seems to be the status quo for a Mac user... If it looks cool, it must be really good!