Macs are no longer the island of security that wanted to believe they were.Malware exist on Mac OS X and start being more numerous. One researcher even found a "simple" way to make them undetectable.
In April 2012, the Flashback botnet began to hurt the feeling of invulnerability of the Mac community, which for years had felt safe from viruses and other malware. Sign of changing times, as related to an increase in market share to Apple's professional cybercriminals.Cyberattacks seeking the best return on investment, or, indeed, the apple computers often tend to be chosen by the target value.
Since new malware for Mac OS X have succeeded without causing much damage as Flashback, but demonstrating every time the fortress "breathtaking" was no longer or had never been.
In April 2012, the Flashback botnet began to hurt the feeling of invulnerability of the Mac community, which for years had felt safe from viruses and other malware. Sign of changing times, as related to an increase in market share to Apple's professional cybercriminals.Cyberattacks seeking the best return on investment, or, indeed, the apple computers often tend to be chosen by the target value.
Since new malware for Mac OS X have succeeded without causing much damage as Flashback, but demonstrating every time the fortress "breathtaking" was no longer or had never been.
Since new malware for Mac OS X have succeeded without causing much damage as Flashback, but demonstrating every time the fortress "breathtaking" was no longer or had never been.
Proof of concept
There are some days, Daniel Pistelli, a security researcher for Cerbero German company, announced that it had obtained a proof of concept with important consequences. It would be capable of creating undetectable malware on Mac OS X, as well as the system for any security solutions.
There are some days, Daniel Pistelli, a security researcher for Cerbero German company, announced that it had obtained a proof of concept with important consequences. It would be capable of creating undetectable malware on Mac OS X, as well as the system for any security solutions.
Use an Apple tool
To do this, it uses one of the tools that Apple has built into Mac OS X and is used to encrypt the executable houses like Dock.app or Finder.app to protect. However, this encryption can equally well be used to "protect" the executable malware, he said in a post on its company blog. Security software are then unable to detect because it is encrypted - even if they were able to recognize before. However, Mac OS X does, it, no problem to run it.
To do this, it uses one of the tools that Apple has built into Mac OS X and is used to encrypt the executable houses like Dock.app or Finder.app to protect. However, this encryption can equally well be used to "protect" the executable malware, he said in a post on its company blog. Security software are then unable to detect because it is encrypted - even if they were able to recognize before. However, Mac OS X does, it, no problem to run it.
Avenues for a solution
To provide a solution to the proof of concept that has unveiled Daniel Pistelli advanced in his post several tracks. The first implies that the virus include a decryption mechanism in order to recognize new malware. The second that these security systems try to find numerical code segments, and if they are, do not trust only executables that are signed by Apple itself.Finally, the third solution in the event of a discovery of encrypted code, antivirus allow only executable whose cryptographic signature matches a trusted key.
To provide a solution to the proof of concept that has unveiled Daniel Pistelli advanced in his post several tracks. The first implies that the virus include a decryption mechanism in order to recognize new malware. The second that these security systems try to find numerical code segments, and if they are, do not trust only executables that are signed by Apple itself.Finally, the third solution in the event of a discovery of encrypted code, antivirus allow only executable whose cryptographic signature matches a trusted key.
No comments:
Post a Comment