Hackers pay 43 cents per hijacked Mac
Russian cyber crime gangs after Apple's Macs, too, says researcher
Computerworld - A network of Russian malware writers and spammers paid hackers 43 cents for each Mac machine they infected with bogus video software, a sign that Macs have become attack targets, a security researcher said yesterday.
In a presentation Thursday at the Virus Bulletin 2009 security conference in Geneva, Switzerland, Sophos researcher Dmitry Samosseiko discussed his investigation of the Russian "Partnerka," a tangled collection of Web affiliates who rake in hundreds of thousands of dollars from spam and malware, most of the former related to phony drug sites, and much of the latter targeting Windows users with fake security software, or "scareware."
But Samosseiko also said he had uncovered affiliates, which he dubbed "codec-partnerka," that aim for Macs. "Mac users are not immune to the scareware threat," said Samosseiko in the research paper he released at the conference to accompany his presentation. "In fact, there are 'codec-partnerka' dedicated to the sale and promotion of fake Mac software."
One example, which has since gone offline, was Mac-codec.com, said Samosseiko. "Just a few months ago it was offering [43 cents] for each install and offered various promo materials in the form of Mac OS 'video players,'" he said.
Another Sophos researcher argued that Samosseiko's evidence shows Mac users, who often dismiss security as a problem only for people running Microsoft's Windows, are increasingly at risk on the Web.
"The growing evidence of financially-motivated criminals looking at Apple Macs as well as Windows as a market for their activities, is not good news -- especially as so many Mac users currently have no anti-malware protection in place at all," said Graham Cluley, a senior technology consultant at U.K-based Sophos, in a blog entry Thursday.
Mac threats may be rare, but they do pop up from time to time. In June 2008, for example, Mac security vendor Intego warned of an active Trojan horse that exploited a vulnerability in Apple's Mac OS X. Last January, a different Trojan was found piggybacking on pirated copies of Apple's iWork '09 application suite circulating on file-sharing sites.
Mac OS X's security has been roundly criticized by vulnerability researchers, but even the most critical have acknowledged that the Mac's low market share -- it accounted for just 5% of all operating systems running machines that connected to the Internet last month -- is probably enough protection from cyber criminals for the moment.
Samosseiko's paper on Partnerka can be downloaded from Sophos' site (download PDF).
Read more about Security in Computerworld's Security Topic Center.
- The Truth About Cloud Security "Security" is the number one issue holding business leaders back from the cloud. But does the reality match the perception?
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!