A new “trojan” has been identified by Intego that enables phishing attacks to take place against Mac users. But before you get too worried, let’s take a look at how it works.
- Go to a malicious site.
- Get prompted to install software.
- Choose to install it.
- Put in your admin password when it asks for it.
- Get pwned.
So basically a hostile, unknown website asks you to install software on your system with elevated privileges, and if you willfully go through the entire install process (including entering your administrator password) something bad will happen.
Scary.
In other news, if someone sends you an email that says to run sudo rm -rf / on the command line (and enter your admin password when it asks you to) — don’t do it. Interesting attack method — send someone malicious software and ask them to install it as administrator. The defense? Don’t install it.
Make no mistake — this is not the same kind of threat that we’ve faced in Windows over the years. That threat is very specifically the drive-by installation of software without the user knowing or having a chance to stop it.
Source via Dmiessler.com
In summary, this social-engineering-based attack requires a high level of interaction and it will have very little impact on the Mac user community.
1 response so far ↓
1 samccoy // Nov 1, 2007 at 9:45 pm
Excellent explanation, and I love the sardonic humor. I agree, it is unlikely that most Mac users would do this.
In the same vein, this story reminded me of the people who have been told not to open attachments in strange emails, but they open them anyway. Doesn’t anybody know, “Stranger Danger?” LOL
Leave a Comment