toggle

AAPL Stock: 100.95 ( + 0.84 )

Printed from http://www.macnn.com

Proof-of-concept Bluetooth exploit

updated 05:55 pm EDT, Wed October 25, 2006

Proof-of-concept exploit

Internet security and privacy firm Intego has released a security memo regarding a proof-of-concept exploit (site not updated), Inqtana.d Bluetooth, which provides attackers with a root account on affected Macs. The exploit, which has not yet been seen in the wild and is unable to compromise up-to-date installations of Mac OS X, is installed on a Mac OS X system via Bluetooth from a computer or PDA running Linux. Mac OS X 10.3 and Mac OS X 10.4 systems that are not up to date with Apple's latest security fixes are vulnerable, and Bluetooth must be active. Bluetooth file transfer need not be enabled, however, and the attacking computer must be within Bluetooth range. "This exploit is installed from a Linux system, and exploits an rfcomm security hole in Bluetooth software. Unlike previous versions of Inqtana malware, no user interaction is required."

"It installs a user account (named 'bluetooth'), with no password, which grants root access to malicious users logging into this account. This account is available immediately, and the Mac OS X 10.4 computers do not need to be restarted (Macs running Mac OS X 10.3 do need to be restarted)."

The exploit installs a number of files on computers it attacks, and the user account it installs contains a backdoor that allows malicious users to log into that account via Ethernet or AirPort network access. Once the exploit is installed, Bluetooth is no longer required to take advantage of it, according to Intego. Apple's Security Update 2005-005 protects against the vulnerability for Mac OS X 10.3 systems, while Mac OS X 10.4.7 guards against the vulnerability running Mac OS X Tiger.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. jpellino

    Joined: Dec 1969

    0

    soooooo...

    if you're ignoring the free, reminderable current state of mac security, and not fixing holes, there are holes.

  1. horvatic

    Joined: Dec 1969

    0

    30 feet limit

    Okay but the bluetooth signal means you have to be in close proximity to another user to use any so called proof of exploit security hole. I have my bluetooth turned off and only turn it on when I need it. If there is a problem I'm sure Apple will look at it and fix it. Even so this is what I would call very low risk at best because of the limited range of bluetooth.

  1. Rosyna

    Joined: Dec 1969

    0

    old news...

    Isn't this the one that was talked about 6 months ago, and even then it was old?

    And didn't this need 3 attempts to work...?

  1. LouZer

    Joined: Dec 1969

    0

    Re: soooo

    Not everyone updates to Apple's latest updates just because Apple offers it. Apple's updates have been known to cause problems (as all software updates are prone to do), and some decide they'll keep their current computer at its current state because their computer is stable at the moment.

    For example, there's been a slew of reports of issues with 10.4.8 as well as iTunes 7 (a lot with that buggy piece of software - it seems to do nothing but cause my iBook to freeze completely, and importing a CD is not possible anymore).

    BTW, most of MS's security flaws are done against known and fixed holes, that a patched computer would be immune to.

  1. JoeE

    Joined: Dec 1969

    0

    Variant

    Rosyna,

    You are referring to an earlier version of the same worm. --------------- Horvatic, Don't forget that "proof-of-concept" is just that - proof-of-concept. The worm, under ideal conditions, WILL do what it is designed to do. The code exists. It's as simple as that.

  1. ecrelin

    Joined: Dec 1969

    0

    Windows 3.11 Vulnerable!!

    Proof of concept EXISTS! please people, the security update for 10.3 was from june 2005, 10.4, which has been out for a long time is not vulnerable. Louzer indicates problems with updates can invoke bad habits from, well, idiots, as it seems he still runs the updates cuz I guess he's not one, so what is the point?. Hmmmm, recluse ignorant home users may not encounter this but if you use your 10.3 system to the extent that you could find yourself in jeopardy and haven't updated your system since june of last year then you deserve to be woken up to the computing world's ugly side by this. No political correctness here, get with the program dopes and please let's stop giving these security companies the opportunity to look like they are right on top of the "closetly unstable and buggy" Mac security environment.

  1. FastAMX79

    Joined: Dec 1969

    0

    oh my!!

    that means the so called 'hacker' would need to be next to me to bust into my computer?? and i would have to ignore the bluetooth icon on my menu bar (meaning its active but i dont have any bluetooth devices connected?)

    Oh NO! Symantec Corp. was right!! my mac really isnt secure!

    this is about as good as the trojans that require the mac user to grant it root access (providing passwords so it can install itself...)

  1. JoeE

    Joined: Dec 1969

    0

    Regardless...

    Fastamx79,

    It doesn't matter how low risk the malware is. The code still exists. That's the message that is being conveyed.

    You can downplay it all you want. All that does is show just how smug of a Mac user you are (this actually is a message to all of you who love to downplay the existence of the Mac malware). It's a waste of time for you and the readers.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

ActvContent Sync Smartband

Smartbands of all sorts are hitting the market. Some build on the buzz around fitness trackers, while others offer simpler features fo ...

RocketStor 6324L Thunderbolt 2 eSATA bridge

Like it or not, the shift to Thunderbolt is underway. The connection is extremely flexible, allowing for video and data to co-habitate ...

Patriot Stellar Boost XT 64GB USB 3.0 drive

A vast selection of USB memory sticks means that consumers can often find exactly the size drive they need in a configuration that can ...

toggle

Most Commented