toggle

AAPL Stock: 111.78 ( -0.87 )

Printed from http://www.macnn.com

New worm developed for Mac OS X?

updated 09:45 am EDT, Tue July 17, 2007

New worm for Mac OS X?

An independent coder claims to have developed a new worm for Mac OS X computers. An unnamed, proof-of-concept project, the worm exploits a variation of the mDNSResponder vulnerability recently addressed by Apple -- if not completely, according to the coder. Once an attack is successful, the worm grants remote root access, and places a text file on the desktop before moving on to other systems in the same network. Theoretically, an improved version could be a serious threat, randomly attacking networks across the world and depositing malcious software instead of text.

The writer of Information Security Sell Out, however, says he has merely tested it on local systems and will eventually share his information with Apple, so that the vulnerability can be fixed. Part of his stated goal is to dispel notions that Mac OS X is somehow more secure than Windows, an aim shared with many current security commentators.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. gskibum3

    Joined: Dec 1969

    0

    Worm?

    Any info on how this "worm" wold be able to spread?

  1. horvatic

    Joined: Dec 1969

    0

    Another Theory more FUD!

    Another theory and more FUD! What does it prove? Absolutely NOTHING.

  1. wings_rfs

    Joined: Dec 1969

    0

    Somehow?

    "Part of his stated goal is to dispel notions that Mac OS X is somehow more secure than Windows."

    Well if he could "somehow" create a website that I could visit, and just by going there I become part of a botnet, maybe THEN he can start dispelling notions. Until then this is just more FUD piled on to the mountain of FUD already created.

  1. gskibum3

    Joined: Dec 1969

    0

    ????

    Next headline for macnn?

    Microsoft stock to reach $1,000,000 per share? gskibum3 sells one of his Ferraris?

    What is with these headlines ending in question marks?

    Isn't that inane?

    ???

  1. Rezzz

    Joined: Dec 1969

    0

    be careful..

    ..what you wish for.

  1. hokizpokis

    Joined: Dec 1969

    0

    blah blah blah??

    actually no 'worm' here at all, just a hack to create a 'root' user, all one would need to do is have the OSX firewall turned 'on' and the mac would not respond to the 'dnsresponder' request at all... duh

    what's wrong been running your mac again sans firewall?? don't ware seatbealts?? running with siccors again??

    if your so conserned about security I'd think you would at least turn on the firewall... which sits on the mackernel and setup a non-admin user to surf the net with if your paranoid... keep your cash under the mattress and keep your front door unlocked and you too will find the milkman in bed with your teenager daughter... ugly thought

    ...who's the brilliant hacker this time??

    can you say 'looser' in french??

  1. dogzilla

    Joined: Dec 1969

    0

    re: blah blah blah??

    Where to start?

    First - don't berate others for not using a firewall when you don't know enough to use a spell-checker if your spelling sucks.

    The firewall does *not* sit on the Mach Kernel. It is a separate process, and most folks will not enable it, because Macs are "more secure".

    mDNSResponder is a key and low-level part of the OS - it is what enables Bonjour discovery of services. Read http://developer.apple.com/networking/bonjour/faq.html for more. It is unlikely that your average user will know how to set up the firewall to block it. I'm fairly certain you don't.

    It is unclear to me whether this worm would be limited to local networks, as bonjour and mDNSResponder is - it has the ability to do Unicast over the internet but I'm not certain that's enough for a worm to propagate. Even if it can, I'm not certain how it would create a root user for those who have not enabled it. If both of these are true, then this is a serious and huge vulnerability. In any case, it's definitely something worth taking seriously until disproven.

    And it's 'loser', not 'looser'. In French it's roughly translated as 'hokizpokis est un cretin'.

  1. Robb

    Joined: Dec 1969

    0

    Not Professional

    While I believe my Mac is much more secure than Windows, I also understand that it's not invulnerable. Some of these coders who are bound and determined to expose security flaws in OS X claim to be part of professional services groups. If that's really the case, then they'll work with Apple to close any holes before they can be exposed in the wild.

  1. CorDog

    Joined: Dec 1969

    0

    Here we go again!

    "Part of his stated goal is to dispel notions that Mac OS X is somehow more secure than Windows, an aim shared with many current security commentators."

    Even if this were true, here is the score.

    Mac OS X = 1 Window = 110,000+

    Yep, looks pretty close to me, I guess the Mac is just as unsecure as Windows!

  1. testudo

    Joined: Dec 1969

    0

    firewall

    And why doesn't apple turn the firewall on by default, anyways?

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented