Tuesday, May 12, 2009

the trojan for macs

What is "iBotnet"?

Last January, malicious programs, called trojans were found hidden in pirated copies of Apple Computer’s iWork ’09 and Adobe Photoshop CS4 posted on some peer to peer (P2P) networks. We do not believe that these threats are widespread or likely to affect the average user. However, users are advised to run a good quality internet security suite and to download software directly from the software publisher or from reputable software distributors and resellers.

Users who are using Norton AntiVirus for Macintosh or Norton Internet Security for Macintosh are protected from these threats.

For more details, visit the Symantec Security Response article here.

Are Mac users under attack?
The short answer, no. Users of Macintosh computers continue to have little to fear from viruses, trojans and worms so long as they take reasonable precautions. However, users who download files from third party sites and from P2P networks such as BitTorrent are at risk. More generally, anyone who surfs the internet should be aware of the threat of fake web sites, called phishing sites, that steal passwords, identity information and credit card numbers.

What do the trojans do?
The two versions of the trojan, called OSX.Iservice and OSX.Iservice.B both create a network of computers (a “botnet) that can used by cyber criminals to attack web sites, send junk email, steal passwords (SPAM) and other malicious activities. This network has been called by some, "iBotnet".

How does the trojan infect a computer?
The trojans are distributed in pirated copies of Apple Computer’s iWork ’09 and Adobe Photoshop CS4 found on some P2P networks. Unlike worms, these threats do not spread by themselves.

Who is at risk?
Any user who downloads files from P2P networks runs the risk of downloading infected files. Viruses, trojans and worms can be written to attach users of any type of computer. Norton advises all users to download software only from reputable sources and to run a good quality internet security suite.

What To Do If You Think You May Be Infected
Users are advised to install Norton Internet Security for Macintosh. Both Norton Internet Security for Macintosh and Norton AntiVirus for Macintosh will detect and remove these threats.

Advice To Stay Safe

1. Run a good security suite (we are partial to Norton Internet Security and Norton 360).
2. Keep your computer updated with the latest patches and updates.
3. Don’t use “free” security scans that pop up on many web sites. All too often these are fake, using scare tactics to try to get you to purchase their “full” service.
4. Be smart with your accounts. Create a limited or non-administrator account for day to day activities. Use an account with full privileges only when necessary.
5. Be smart with passwords. This includes

* Change your passwords periodically
* Use complex passwords – no simple names or words, use special characters and numbers
* Using a separate, longer password for each site that has sensitive personal information or access to your bank accounts or credit cards.

6. Back up your computer
7. Run Norton Internet Security for Macintosh and Norton AntiVirus 11 for Mac.



FAQ
Q: What should I do if my MAC is infected?

A: Users are advised to install Norton Internet Security for Macintosh. Both Norton Internet Security for Macintosh and Norton AntiVirus for Macintosh will detect and remove these threats.

Q: Am I safe if I don’t download software from P2P networks?

A: No. This particular threat is spread primarily through bogus software posted to P2P networks. However there are other threats to your Macintosh that can strike through infected web sites, files attached to emails, files on USB sticks and other sources.

No comments: