Friday, November 2, 2007

Ultimate Backhanded Compliment?

Online Crooks Target Macs With Porn Ruse

By JORDAN ROBERTSON 11.02.07, 4:09 AM ET

In a backhanded compliment to Apple Inc., online criminals are apparently so impressed with its scorching sales they are sending Macintosh computers an attack typically aimed at machines running Microsoft Corp.'s dominant Windows operating system.

Symantec Corp. (nasdaq: SYMC - news - people ) researchers said the Web sites serving up the new attack also deploy a Windows version.

"For a while Mac users have enjoyed the benefits of being a small enough population that hackers didn't go after them directly - that's obviously now changing," said Ben Greenbaum, senior research manager at Symantec Security Response.

Lynn Fox, an Apple (nasdaq: AAPL - news - people ) spokeswoman, said the Cupertino-based company knows about the threat and urges Mac users to be careful about where they download things from.

"Apple has a great track record for keeping Mac OS X users secure, and as always, we encourage people to install software only from trusted sources," she said in a statement.
Online porn-hunters are the intended victim of the latest ploy, in which visitors to certain explicit Web sites are led to believe they're downloading a free video player when in fact they're installing malicious code onto their Macs.

Once the user authorizes the transaction, the fraudsters can redirect his future browsing to fraudulent Web sites and possibly to steal his information or passwords or simply send ads for other pornographic Web sites and rake in advertising dollars.

For example, a person using an infected computer may think he is going to online auctioneer eBay Inc. (nasdaq: EBAY - news - people ) or its PayPal electronic payment division but actually be directed to a site that looks legitimate but exists to purloin personal information.

The attack does not target a vulnerability in the Macintosh operating system.
Instead, it requires a user to approve the download, then enter his computer's administrator's password to continue, operations that raise red flags among sophisticated computer users.
Symantec researchers said the Trojan used in the attack is a rejiggered version of one that's been around for a couple years and requires that victims fall for a social engineering trick to work.

Security researchers at Intego, which makes Macintosh antivirus software and discovered the scheme this week, said it underscores the mounting threats to Mac users as the machines grow in popularity.

Windows machines still dominate the PC market, but Apple, which for years commanded just 2 to 3 percent of the U.S. market, has now grown to command an 8 percent chunk, according to market researcher Gartner Inc. (nyse: IT - news - people )

"This is the first really malicious criminal malware (for Macs)," said Intego spokesman Peter James. "We've seen some proof-of-concept malware, we've seen some worms, but this is different."