They just don't give up .... do they ..!!

[FlashDrive (Poppy)]

Cyber Vandals ....they just don't give up ..!

Malware Creators Go Cross Platform

Security experts from F-Secure have discovered an online exploit which detects the OS of the machine and drops a different trojan to match. The first attack of this malware was registered on a Columbian transport website that had been hacked by a 3rd party. This is quite a new approach to hacking activity, allowing to target any computer, regardless of the operating system it runs.

Afterwards, the unidentified website displayed a signed Java applet that checks if the targeted PC is running Windows, Linux, or Mac OS X. Meanwhile, it turned out that this clever bit of the code has been lifted from an open source tool kit created by Dave Kennedy, a security researcher and president of TrustedSec. Of course, he didn’t intend to do anything nasty when writing it.

According to F-Secure, all 3 files for the different platforms are connecting to 186.87.69.249 in order to get additional code to execute through the ports 8080, 8081, and 8082 respectively for OS X, Linux, and Windows.

While Apple has been being turned over for a while now, the reports of real-world attacks on Linux OS are still less common. Moreover, single attacks able to infect any of the three operating systems are even rarer.

Fortunately for Apple users, the exploit can only infect modern Macs which have been modified to run the application called Rosetta. The latter was developed in such a way so that Macs using Intel processors could run applications designed for PowerPC processors. Meanwhile, Rosetta isn’t supported on Lion – the most recent version of OS X.

In other words, the intruders’ knowledge of Macs is definitely limited, but they still have a stab at it.

Flash

[leon]

Some people are just a waste of space and like nothing better to destroy other peoples property and their livelihood, one would have to wonder what they get out of this sort of stuff.

Leon

[Octane (Humayun)]

More secure operating systems? Exploits and vulnerabilities are part and parcel of operating system development. Now that this has been noted, it will be a) patched, and b) integrated into the next release of the operating system so that loophole is closed.

Unfortunatetely, it's pretty much the only way to make systems secure.

H

Quote:

Originally Posted by leon

Some people are just a waste of space andlikenothing better to destroy other peoples property and theirlivelihood,one would have to wonder what they get out of this sort ofstuff.

Leon

[RickS (Rick)]

Quote:

Originally Posted by Octane

More secure operating systems? Exploits and vulnerabilities are partand parcel of operating system development. Now that this has beennoted, it will be a) patched, and b) integrated into the next releaseof the operating system so that loophole is closed.

Unfortunatetely, it's pretty much the only way to make systems secure.

The best way to make systems secure is to design them that way in the first place and then implement them using software engineers who have been trained in techniques for secure programming. You'll still need to patch them afterwards, but not to the extent we see with current operating systems, especially Windows, where a lot of the current security features were retrofitted after the fact.

I don't think the original story is really big news. They aren't really claiming a single exploit for multiple platforms, just a way of delivering a different exploit for each platform. The real message here is that non-Windows systems are targets for malware too. I hope most of us already realised that.

Cheers,
Rick.

[RickS (Rick)]

Quote:

Originally Posted by leon

Some people are just a waste of space and like nothing better to destroy other peoples property and their livelihood, one would have to wonder what they get out of this sort of stuff.

In the old days it used to be for "fun" and kudos. Now it's mostly for profit. A network of home computers running a trojan that allows them to be used for nefarious purposes can be rented or sold. That's where a lot of your spam comes from.