Forums | MacLife

...Okay, so I'd have to either use LimeWire (which I constantly recommend to my friends to uninstall from their computers), or talk to someone in iChat who I don't trust, which doesn't happen. On top of that, I'd have to not realize I'm downloading it, and then also not realize that I decided to install it.

So this is dangerous how?

On top of that, I'd have to not realize I'm downloading it, and then also not realize that I decided to install it.

It could be disguised as a legit download like shareware/freeware program. I'll admit that even I got duped once (a number of years ago) by downloading something on my PC that was supposed to be a NES emulator... and turned out to be a trojan.

Yeah, I should have scanned it before installing it, but hey sometimes you just forget for whatever reason. Even the smartest of us have our bad days sometimes

This script can run as root without a password.

This SecureMac company always talks about threats being "in the wild" that only they can confirm.

This is an issue, but I think they are grossly exaggerating its potential, and I think they are either making the trojan themselves, or just lying about it.

It gains root access through an exploit in Apple Remote Desktop Agent (It's not the first time an OS X vulnerability has been exploited to gain root access, and it won't be the last).  It's great that it's not the most serious of threats, but that doesn't mean we can laugh it off entirely.  And Apple needs to move its ass and get a patch out asap, no matter how serious the threat may be.

Last edited by Mr. T (2008-06-26 2:47 pm)

Possibly but I wouldn't.  It's probably related to screen sharing in iChat, remote login, etc.. Sometimes even if you have no need for something, some programs expecting to find the file might not know how to deal with its absence. 

As has been said, this threat is not that critical (av companies always exaggerate these things).  Pretty much if you avoid downloading suspicious apps from LimeWire or Warez sites, you won't have any trouble.

Pretty much if you avoid downloading suspicious apps from LimeWire or Warez sites, you won't have any trouble.

But in my example above (when I actually got a trojan) it was downloaded from a website that purported to have created this NES emulator. It wasn't a warez site.

Now, you can write it off as me being an idiot, but the reality is I'm borderline paranoid when it comes to trojans, malware, etc. I have 6 anti-virus, anti-hack, anti-malware, anti-spyware, anti-whatever programs on my PC and 4 such programs on my Mac. And everything is behind a firewall. And I don't use Internet Explorer or any P2P programs and rarely even chat.

Yet I still got a trojan.

Point is, anybody can get one (even vigilant people) when they least expect it.

When I first saw this headline I thought we were looking at another trojan horse like the ones of the 1980s and 1990s--if anyone remembers "Font Finder", "Tetricycle", and the "Sexy Ladies" HyperCard stack you are indeed a veteran of the platform.

This one sounds pretty avoidable. Restrict your iChat to friends only and dump your file sharing services. They're risky and illegal. Getting rid of file sharing and switching to legitimate and legal sites like iTunes for purchasing music gives you two benefits--compliance with the law and a lesser chance of a virus infection.

However, if something wider-spread like this ever comes up again, we may have to lure John Norstad out of retirement...imagine Disinfectant for OS X!

Indeed but I'm quite happy it's a reasonable amount of caution rather the the insane amount I dealt with while using Windows.