Skip to Content

Submit your nominations for the Luxist Awards' Best in Decor
AOL Tech

symantec posts

Filed under: Software

Pirated iWork contains botnet trojan, breaks hearts

by Aron Trimble (RSS feed) on Apr 23rd, 2009

The tubes are ablaze today with news from CNN of the first ever latest malicious program to be found on the Mac. The trojan was first discovered in January but it did not receive wildfire-like popularity until recently when two experts at Symantec published a bulletin on the subject of the malware.

The trojan, named "iBotnet" (get it?), has only affected a few thousand Macs in the wild and it is currently not known to do any real harm. Should you be concerned? Well, the answer to that depends on whether you're a software pirate or not. The distribution method for this particular piece of malware is through the downloading of certain bootlegged copies of Apple's iWork.

Brian Krebs over at the Washington Post details some information about the actual first botnet specifically for the Mac. He points out that the current media storm is for a trojan that was actually discovered in January. He goes on to mention that the first botnet for the Mac was actually released in 2006 and targeted both Macs and PCs alike.

In other news, sales of Symantec's Norton AntiVirus shot up following the release of the security bulletin and subsequent frenzy of coverage. Actually, this is not true (at least to this humble blogger's knowledge); but it does pose an interesting question. Who profits most from the release of malware on any platform? One thing we know for sure, though, is that the end-user is definitely losing out in this game.

The moral of this story: stop all the downloading! Thanks G.I. Joe! In all seriousness, though, the majority of malware on the Mac (and on the PC) is distributed through nefarious chains of content acquisition. Be careful out there when clicking links and downloading files or programs from sites that you may not trust.

Thanks to everyone who sent this in!

Tags: botnet, iwork, mac, piracy, symantec, trojan

Filed under: Analysis / Opinion, Apple, Security

FUD: Windows is "most secure OS"

by Mat Lu (RSS feed) on Mar 22nd, 2007

Andy Patrizio has an incredibly sloppy story entitled "Surprise, Microsoft Listed as Most Secure OS" at internetnews.com, which purports to summarize the recently released Symantec Internet Security Thread Report Volume XI. But if you look closely at the actual report (PDF), you'll see that this claim that Windows is "Most Secure" is based merely on Microsoft's relative speediness in patching security holes. That is, what apparently makes Windows "most secure" is that in the Jul-Dec 2006 timeframe Microsoft took an average of only 21 days to patch holes, while Red Hat (linux) took took 58 and Apple took 66. Okay, so Microsoft is best right? But that's silly, why would the speed of responding to holes by itself determine which OS is most secure? It should clearly matter how serious the holes were in the first place! If you're slow to patch relatively innocuous holes, is that not better than quickly patching a larger number of more serious holes? And when we look at the breakdown we see that in this period Microsoft had 39 disclosed vulnerabilities, and "12 were considered high severity, 20 were medium." Apple, on the other hand, issued 43 patches, and only "one was considered high severity, 31 were medium." So basically, Microsoft is quicker at patching 12 times as many high severity vulnerabilities, and that apparently makes Windows "more secure."

Now it's worth noting that none of this settles the question of which OS is more secure, but it does show the completely specious reasoning behind that headline claiming Windows is the "Most Secure OS." And of course it's this sort of lazy reporting (compounded by Patrizio's sniffing at Apple's advertising of better security) that creates a meme that others may pick up and pass on without quite realizing that it based on a straightforward misreading. In other words, it's pure FUD.

Tags: security, symantec

Filed under: Analysis / Opinion, OS, Software

Symantec: No file infecting viruses for OS X

by Scott McNulty (RSS feed) on Jul 14th, 2006

Every time I write about Mac security the comments fill up with people telling me that I am an idiot (actually, come to think of it, that happens with most of my posts). Therefore, I thought some of you would enjoy this post from Symantec that which states categorically that there are no known file infecting viruses for OS X.

Hurrah! Macs rulez!! W00t!

Hold your horses, spanky. Todd Woodward, the author of the post, rightly points out that while there are no viruses for OS X there are worms, rootkits, and vulnerabilities in the OS itself. So, it is like I always say, Mac users might not have to worry about viruses now but that doesn't mean that OS X is somehow magically immune to viruses.

Tags: os x, OsX, rootkits, symantec, trojans, viruses, worms

Filed under: Software

Symantec offers an update for OSX.Leap.A

by Dave Caolo (RSS feed) on Feb 16th, 2006

Well, here's something you don't see very often. Symantec has issued an update that offers protection agains OSX.Leap.A, the Mac Trojan Horse that we wrote about earlier. They classify it as a "level 1" on a scale of 1 to 5, so there's no need to slip into panic  mode. It seems to be PPC only, so you lucky Mactel owners have nothing to worry about. Carry on.

Tags: osx.leap.a, symantec, torjan horse, TorjanHorse, virus, worm

Filed under: Software

Symantec responds to security issue

by Scott McNulty (RSS feed) on Dec 27th, 2005

Symantec is aware of the flaw that is in almost all of their software (that's gotta hurt) and the most recent virus definitions include a 'heuristic detection for potential exploits of the Symantec decomposer RAR archive vulnerability.'

What the heck does that mean? The vulnerability can only be exploited if your copy of Norton scans a RAR file that has been crafted in such a way as to trigger a buffer overload. The update makes sure that your copy of Norton can detect these naughty files without falling prey to their naughtiness, for lack of a better word.

They have also posted instructions on how to setup your anti-virus software to skip over scanning .rar files. Definitely worth checking out if you are running any Symantec anti-virus products.

Tags: anti virus, anti-virus, AntiVirus, norton, symantec

Tip of the Day

Holding the Command key (aka the Apple key) and pressing Tab will cycle through your open applications. It's easier to Cmd-Tab if you are Copy (Cmd-C) and Pasting (Cmd-V) to and from various applications.

Learn More

Follow us on Twitter!

TUAW flickr Pool

www.flickr.com
 TUAW [Cafepress]

Featured Galleries

DNC Macs
Macworld 2008 Keynote
Macworld 2008 Build-up
Google Earth for iPhone
Podcaster
Storyist 2.0
AT&T Navigator Road Test
Bento for iPhone 1.0
Scrabble for iPhone
Tom Bihn Checkpoint Flyer Briefcase
Apple Vanity Plates
Apple booth Macworld 07
WorldVoice Radio
Quickoffice for iPhone 1.1.1
Daylite 3.9 Review
DiscPainter
Mariner Calc for iPhone
2009CupertinoBus
Crash Bandicoot Nitro Kart 3D
MLB.com At Bat 2009
Macworld Expo 2007 show floor

 

Most Commented On (7 days)

Recent Comments

More Apple Analysis

More from AOL Money and Finance

AOL Radio TUAW on Stitcher