Agreed. Still makes it an honor virus. They KNEW the software was
not legit and they gave it admin access to install. Any one know if a
virus / malware scan using clamx-av or such would have caught it
before installation?
Matthew
On Apr 17, 2009, at 2:53 PM, mike wrote:
Right, they download some infected torrent, input their password to
install
the program they want to install...and with it, the trojan. But
they don't
have to keep being in root/admin to have the now installed trojan to
run.
On Fri, Apr 17, 2009 at 11:34 AM, Matthew Taylor
<taylorsmatt...@gmail.com>wrote:
But they need root / admin access to install on a properly run
machine.
The trouble with trying to make things idiot proof is that idiots
are so
persistent and ingenious.
On Apr 17, 2009, at 2:17 PM, mike wrote:
Trouble is, these botnets don't need root to run.
On Fri, Apr 17, 2009 at 10:55 AM, Matthew Taylor
<taylorsmatt...@gmail.com>wrote:
This is what is known in the UNIX world as an "honor virus". You
have to
put in place software you know to be illegitimate and give it
administrative
access to install, or do something otherwise known to be self
destructive.
If I were dumb enough to do this I could discover that shock of
shock my
enterprise heavily firewalled role restricted servers are
vulnerable.
Got root / admin + malware = got security issue.
Matthew
On Apr 17, 2009, at 11:18 AM, Snyder, Mark - IdM (IS) wrote:
Mac owners who downloaded pirated ("free") versions of iWork '09
and
Photoshop CS4 - said to be 20,000 downloads - also received the
iServices trojan. The trojan has reportedly begun to activate
for DSS
attacks. Details:
<http://www.macnn.com/articles/09/04/17/mac.based.botnet.active/>
Don't much pity those who d/l pirated software, but it is
disturbing to
see OS X vulnerabilities exploited (even though this trojan
requires
human stupidity to actually install it).
Thank you,
Mark Snyder
*************************************************************************
** List info, subscription management, list rules, archives,
privacy **
** policy, calmness, a member map, and more at http://www.cguys.org/
**
*************************************************************************
*************************************************************************
** List info, subscription management, list rules, archives,
privacy **
** policy, calmness, a member map, and more at http://www.cguys.org/
**
*************************************************************************
*************************************************************************
** List info, subscription management, list rules, archives,
privacy **
** policy, calmness, a member map, and more at http://
www.cguys.org/ **
*************************************************************************
*************************************************************************
** List info, subscription management, list rules, archives,
privacy **
** policy, calmness, a member map, and more at http://
www.cguys.org/ **
*************************************************************************
*************************************************************************
** List info, subscription management, list rules, archives, privacy **
** policy, calmness, a member map, and more at http://www.cguys.org/ **
*************************************************************************