Â
Now might be true for Mac users the time of carefree Web-surfing past. Since programmers are trying, by trojan, virus and worm malicious software in computer einzuschleusen, other computers to take over or damaging them, she had little to fear. While Windows-based computers of hundreds of thousands of different variants of malicious programs were threatened, they were fine out: Macs were not on the food label of pests.
Corbis
The first network of zombie Macs: A Trojan takes control of the Apple computer
But this period of calm seems to pass, say security experts Symantec Mario Barcena and Alfredo Pesoli. In the journal "
Virus Bulletin ", they have asserted that a Trojan horse software, which since January on Macs disseminated, now seems to be a botnet called builds a composite hijacked, remote computer.
The deeper meaning of the operator of such criminal networks, it is shade usually, the zombie computers to abuse, for example, spam e-mails to send or Distributed Denial of Service attacks (DDOS) to initiate attacks on Web sites or servers through a large number of simultaneous requests via the Internet should be forced to ground.
HARMFUL AND spyware SOFTWARE: SO CO AND OPERATION TROJAN.
Click on the keywords to learn more
Trojans
Like the Trojan horse in Greek mythology Computer Trojans hide their real task (and harmfulness!) Behind a fairing. Most occur as a harmless software: screensavers, video file, access program. They are, for example as an e-mail attachment, spread. Who the program starts, is thus always a hidden malicious function: Most of this is the opening of a so-called backdoor, a backdoor to the computer system over the Internet opens, and the other malicious programs are downloaded.
Virus
Computer viruses infect existing files on the computers of their victims. The landlord files work? at least for a while - to continue as before. Because viruses are not discovered. They spread not independently, but rely on that computer users infected files to pass them by e-mail, to a USB stick copy or sharing settings. Of the other harmful and Spähprogrammen is a virus spread by the sole method. What damage it causes depends solely on the will of its creator from.
Rootkit
The small compound, the words "root" and "kit" together: "Root" is for Unix systems, users with administrator rights, even in the depths of the system must intervene. A "kit" is a collection of tools. A rootkit is thus a set of programs, with full access to the system of a computer equipped. This allows the rootkit widespread manipulation, without that, for example, from virus scanners can still be perceived. Either the rootkit software includes, for example, disable security scanner, or it builds a so-called shell, which is regarded as a kind of mini-operating system operating in all suspicious transactions to the host is hidden. The majority of the outstanding Rootkits can be used, trojans, viruses, and other additional malicious software over the Internet message. Rootkits are among the most severely compromise a computer traceable.
Worm
Computer worms are, in practice, the tuned, lowered variants of viruses and Trojans. In the strict sense of the term only describes a program, which provides its own spread - and the programs that are transported. Worms contain a nucleus is a malicious program, for example, by initiating your own mail program to spread from an infected computer makes. Your Hauptverbreitungsweg are the communication channels of the web: e-mail, chats, AIMs, P2P exchanges, and others. In practice, they are often seen as a vehicle for the dissemination of various other malicious programs used.
Drive-by
Under a drive-by is the influence of a computer or even infection of the PC by simply visiting an infected website. The method is very few years the trend: taking advantage of recent security vulnerabilities in browsers and the use of scripts, a website deposited on a malicious code on a computer influence. Thus, virus spread, sniffer programs installed, the browser requests redirected to websites that pay for and more. Drive-BYS are particularly perfidious because they are from PC users no activity (such as opening an e-mail) request, but only carelessness. Victims are mostly users that their software is not through regular updates, keep up to date - that is potentially as good as any.
Botnet
Botnets are networks of computers kidnapped - the bots. With the help of Trojan programs, for example, through websites or manipulated fictitious e-mails to infiltrate the computers, make the botnet operator access to the external PC, you can control it via the Web. Such botnets to rent, can be a lucrative business. The zombie armies to be used, inter alia, to millions of spam e-mails to send, through a multiplicity of simultaneous requests websites to its knees or on a large grassy style passwords deductible. (more on blogs ONLINE)
Fakeware / Ransomware
The word is composed of "fake", ie "forgery" and "goods", the acronym for Software: It is all about "wrong software". These are programs that claim a specific performances, in fact, quite another to do so. Top form: Alleged IT security programs and virus scanners. In its innocuous variant, they are useless, but annoying: They constantly warn against any non-existent viruses, and try to make the PC user to a purchase to move. As adware programs they annoy the users with advertisers.
The perfidious form but is Ransomware: You kidnappt regelrecht the computer, makes him a hostage. It hinders or prevents normal work loads viruses from the network and makes claims to a "cleaning fee" or release fee, which is nothing more than a ransom: Only if you pay, you can use the computer to work again. 2006/2007 had often, but has since declined.
Zero-day exploits
A zero-day exploit exploits a software vulnerability already andem day on which the risk at all is noticed. Normally delivered to manufacturers of security software and the authors of malicious programs, a head-to-head races with the stopper, seal and exploit well-known vulnerabilities.
Risk No. 1: User
The biggest security risk in the world of the computer sitting in front of the computer. Not only lack of discipline in necessary software updates to make the user dangerous: He has a great fondness for free music from obscure sources, funny file attachments in e-mails and a great joy in communication oh-so-informal Plauderraum of the Web. Most damage in the IT are likely to benefit from users' fingers to mouse buttons cause.
What is new is this procedure does not, there are many botnets. New is that this time only Macs to such a network of zombie computers are linked together, and say Barcena Pesoli.
The Trojan is a pirated copy
How such a calculator adoption in practice to speak, describes the Australian programmers
Pete Yandell in his blog. "This morning I found that a number of processes the entire computing power of my laptop consume," said Yandell. Apparently if it is a recurring PHP script, which tries to establish a certain web page request by repeated overloading.
The origin of the foreign program Yandell was a trial version of Apple's iWork office software 09 to identify. The software that he has received from friends detours, Yandell writes and concludes that he is the Trojans would not have been captured, he would have the package directly from Apple's web site concerned.
Because
that in a Web version of this kursierenden trial software is a trojan is hidden, since January is already known. The software now makes the rounds through web forums and download sites. The lure for the installation: Although really only intended for testing, the software was modified so that it without a serial number, so without pay, is running. That it was also modified so that they meet the Trojans OSX.Iservice placed on the computer, has apparently not yet spread. Meanwhile, a similar structured Lockversion the image processing software Adobe Photoshop CS4 in circulation, say the specialists.
Only a modest beginning
This Trojan horse, according to the Symantec researcher, was "an interesting piece of malicious software." Firstly, because he is typical some Macs for their own techniques, and secondly, because he is just the first apparently successful Trojans, who are actually distributed on Macs. About a total of 31 different commands of the pest can be controlled externally, to new goals or to spread itself to be instructed.
Compared to similar Windows-based programs is the proliferation of OSX.IService currently still modest. The number of Apple computers, the researchers quantified with "several thousand". On the regulars botnet operators, where only size is really important, so they should best get appropriate standing. Because Windows Botnets are simply much larger. One of the biggest, the currently very active
Conficker worm command: Approximately twelve million computers will be busy with the malicious program is now subject to.
The error is sitting at the keyboard
Surprisingly, however, actually, that such pests can spread all over, the suspects on security issues specialized author Larry Seltzer in "
eWeek. "Finally, operating systems like Linux, Windows Vista and Mac OS X usually run in a mode in which programs are only limited rights.
Pests like OSX.IService could therefore only be effective nest, even if the user once they assign these rights - just like the Mac Trojan is doing, by throwing himself in the installation file of a pirated software is hidden, only to get is when compared with full access rights on the computer equips. On the Mac, for example, you have to once the name and password of a user with special rights to enter the admin. Users do this willingly because they believe that a pirated copy to install.
The weak point is and remains at the user.
No comments:
Post a Comment