Sun, 27 Sep 2009 Researcher: Hackers pay 43 cents per hijacked Mac
Mac OS X’s security has beenroundly criticised by vulnerability researchers
A network of Russian malware writers and spammers paid hackers 43 cents for each Mac machine they infected with bogus video software, a sign that Macs have become attack targets, a security researcher said on Thursday.
In a presentation at the Virus Bulletin 2009 security conference in Geneva, Switzerland, Sophos researcher Dmitry Samosseiko discussed his investigation of the Russian “Partnerka,” a tangled collection of Web affiliates who rake in hundreds of thousands of dollars from spam and malware, most of the former related to phony drug sites, and much of the latter targeting Windows users with fake security software, or "scareware."
Question of the day!
Do you share your creations online?
% of Macworld readers agree with you
What do you create and how do you share it?
Follow the conversation at @TabletChat
paintings & illustrations, mostly, which i upload to flickr.RT @fragmentedm
I draw manga/anime characters. I also do graphic design and photography.RT @spialelo
Yes. I usually put them up on my #deviantart account for feedback on how to improve.RT @spialelo
But Samosseiko also said he had uncovered affiliates, which he dubbed “codec-partnerka,” that aim for Macs. “Mac users are not immune to the scareware threat,” said Samosseiko in the research paper he released at the conference to accompany his presentation. "In fact, there are ‘codec-partnerka’ dedicated to the sale and promotion of fake Mac software."
One example, which has since gone offline, was Mac-codec.com, said Samosseiko. "Just a few months ago it was offering [43 cents] for each install and offered various promo materials in the form of Mac OS ‘video players,’"he said.
Another Sophos researcher argued that Samosseiko’s evidence shows Mac users, who often dismiss security as a problem only for people running Microsoft’s Windows, are increasingly at risk on the Web.
“The growing evidence of financially-motivated criminals looking at Apple Macs as well as Windows as a market for their activities, is not good news - especially as so many Mac users currently have no anti-malware protection in place at all,” said Graham Cluley, a senior technology consultant at UK based Sophos, in a blog entry on Thursday.
Mac threats may be rare, but they do pop up from time to time. In June 2008, for example, Mac security vendor Intego warned of an active Trojan horse that exploited a vulnerability in Apple’s Mac OS X. Last January, a different Trojan was found piggybacking on pirated copiesof Apple’s iWork ’09 application suite circulating on file-sharing sites.
Mac OS X’s security has beenroundly criticised by vulnerability researchers, but even the most critical have acknowledged that the Mac’s low market share - it accounted for just 5 per cent of all operating systems running machines that connected to the Internet last month - is probably enough protection from cyber criminals for the moment.
Samosseiko’s paper on Partnerka can be downloaded from Sophos’ site (download PDF).
Check out our new Macworld Mobile site.
Follow Macworld UK on twitter: www.twitter.com/macworlduk
Contact Us
DiggEmail A Friend
Email this article to a friend or colleague:
PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.
Permalink This Article
This articles permalink is:
http://www.macworld.co.uk/mac/news/index.cfm?RSS&NewsID=27276
<<prev article | back to news index | next article>>
Latest News
- Apple intros Aperture 3, adds over 200 new features
- VIP iPhone app drops from millionaire priced £279.99 to under a tenner
- Play.com: Google Nexus One now available for pre-order
- Amazon's Kindle gets ready to battle Apple's iPad
- Apple Store is down, new Macs imminent?
- Canon intros EOS 550D 18-megapixel DSLR camera
- WSJ: Apple could slash iPad prices if sales disappoint
- Apple offers 'find out how' tutorials as podcasts
- Adobe says sorry for 16-month-old Flash bug
- Getty launches subscription stock image service, Thinkstock
- RouteBuddy intros RouteBuddy Atlas 1.3 for iPhone, iPod touch
- AppFund seeks Apple iPad developers, offers funding up to $500,000
iPhone 3G S Video Review
Related News
- Apple tells iPhone developers not to use GPS just for ads
- Apple iPad: Hype will kill sales, survey says
- Apple offering £200 deal to owners of faulty 27-inch iMacs?
- Former Apple exec: iPad too big, 'smarted out'
- Rumour: Pegatron to produce Apple iPhone 4G
- Most iMac users say software update fixes flickering screen woes
- Adobe: Tell Apple, Steve Jobs we're not lazy
- Are iPad sceptics as wrong as iPhone naysayers were?
- Apple, STMicroelectronics may go to war over iPad name in Europe
- Apple iPad likely to come with mobile ads
Mac Broadband?
Search news
Search Google
Newsletter signup
It's easy and free to get the latest news headlines, reviews and opinions straight to your email inbox. Sign up NOW to make sure you receive the latest Mac news, reviews and tutorials on your favourite topics.
Register now
Stay on top of the latest, breaking Mac news and chat with other Mac professionals and enthusiasts about the issues that matter to you. Register with Macworld today to join our forums and receive our twice-weekly email newsletter, Macworld Mainline.
RSS
Have the latest content delivered to your desktop via RSS. Use the links below to get access to a specific blog, news, or reviews feed.
MACWORLD MARKETPLACE
 |
Computer & Laptop |
 |
Are you a new customer? Are you doubtful? |
 |
50% off ebooks |
 |
Circus Ponies NoteBook - the easy way to get organized on the Mac |
 |
Beat the Credit Crunch - Lease your Mac from Hardsoft. |
Comments received
Jonah said on Sun, 27 Sep 2009
"vulnerability researchers"
I wonder if these work for Sophos? They must be worried, with the OS companies providing more and more security out the box. Their businesses were based on real threats. Now that are more based on FUD.
FAKEJames Donevan said on Sun, 27 Sep 2009
Sophos send out Mac scare stories every few weeks - the last was about Snow Leopard and anti-phsihing measures. Much rather be on a Mac than a PC.
BB said on Sun, 27 Sep 2009
It does come down to the fact that are just not enough machines in circulation to make it worth anyone's time & effort.
Jonah said on Sun, 27 Sep 2009
BB
You talk utter nonsense. Total M$ PR rubbish.
There are more OSX machines in circulation now than there were Win95 machines when ILOVEYOU melissa hit. We all know what that did!
Take your silly M$ guff elsewhere, please.
Baskaran said on Mon, 28 Sep 2009
McAfee, Symantec, Korpersky(?) etc are big time orchestrated SPAMs that M$ itself. Most of these SPAMware costs several hundred dollars (50~100+ subscription rip off) to run and effectively filter away the 'bad' stuff. They now want to grab the MacOS share too. So it is a more of a marketing material than real threat.
@Jonah said on Mon, 28 Sep 2009
Blimey mate, you have got your head up your ar$e. There are more Wii's around than Mac's! Read the story - less than 5% OS market share and it ain't moved in years.
Don't get me wrong, I love my Mac, but you are on a hiding to nothing if you think it will ever get out of the minority status.
BB said on Mon, 28 Sep 2009
@Jonah
Don't swear at me, I'm a Linux user. Just understand hacking and percentages.
@@Jonah said on Mon, 28 Sep 2009
You are unable to tell the difference between market share and absolute numbers. Back to school for you, and while you are there, ask if they can teach you about apostrophes.
@BB. Of course it is worth the time and effort. Every time there's a Mac hack found in a lab it hits the mainstream headlines. Lots of kudos for someone that writes a proper one. Also, is guff a swear word? wow!
@@@Jonah said on Mon, 28 Sep 2009
No - but M$ is. There are just not enough Mac's to bother with. There are more exploits than you know and many more than are made public.
Mac's said on Mon, 28 Sep 2009
Shouldn't that be exploit's?
Mac's said on Mon, 28 Sep 2009
Shouldn't that be exploit's?
oop's said on Mon, 28 Sep 2009
sorry for double post...
@Mac's said on Tue, 29 Sep 2009
No, that would be possessive. What is this, an English class now?
@@Mac's said on Tue, 29 Sep 2009
Why put an apostrophe in Mac's then - that isn't possessive, it is slack English.
Disclaimer
Opinions expressed here are those of the writers and do not reflect those of Macworld. Macworld accepts no responsibility legal or otherwise for their accuracy of content.
Click here to read the house rules.
Click here for the latest reader comments