[a / b / c / d / e / f / g / gif / h / hr / k / m / o / p / r / s / t / u / v / vg / vm / vmg / vr / vrpg / vst / w / wg] [i / ic] [r9k / s4s / vip / qa] [cm / hm / lgbt / y] [3 / aco / adv / an / bant / biz / cgl / ck / co / diy / fa / fit / gd / hc / his / int / jp / lit / mlp / mu / n / news / out / po / pol / pw / qst / sci / soc / sp / tg / toy / trv / tv / vp / vt / wsg / wsr / x / xs] [Settings] [Search] [Mobile] [Home]
Board
Settings Mobile Home
/g/ - Technology

[Advertise on 4chan]


Thread archived.
You cannot reply anymore.


[Advertise on 4chan]


File: 1613994189601.jpg (375 KB, 1080x1098)
375 KB
375 KB JPG
What is their endgame?

>A previously undetected piece of malware found on almost 30,000 Macs worldwide is generating intrigue in security circles, and security researchers are still trying to understand precisely what it does and what purpose its self-destruct capability serves.

>Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,000 machines, leaving the malware’s ultimate goal unknown. The lack of a final payload suggests that the malware may spring into action once an unknown condition is met.

>Besides those questions, the malware is notable for a version that runs natively on the M1 chip that Apple introduced in November, making it only the second known piece of macOS malware to do so.

>The malicious binary is more mysterious still because it uses the macOS Installer JavaScript API to execute commands. That makes it hard to analyze installation package contents or the way that package uses the JavaScript commands.

The malware has been found in 153 countries with detections concentrated in the US, UK, Canada, France, and Germany. Its use of Amazon Web Services and the Akamai content delivery network ensures the command infrastructure works reliably and also makes blocking the servers harder.
>>
>>statistically low number of infected
>>none or unverified symptoms
>>over hyped on social media
It's the covid for macs!
>>
Linux doesn't have this problem
>>
>>80327518
It's a botnet (the non-schizo kind) that has yet to be activated I guess.
>>
>>80327548
they literally tested 30,000 macs individually, cant you see? thats an expensive amount, like 300,000,000 dollars, not taking into account the macs they found didn't have it. its thorough enough, you can simply assume millions of devices have this

im just fucking kidding there is literally no way they could have solid data
>>
>>80327586
>>
>>80327613
30k macs are not 300 million dollars it would be 1 million per mac lmao
>>
File: 1593552466261.gif (143 KB, 403x500)
143 KB
143 KB GIF
>>80327518
MACTODDLERS TBBTFO
>>
>Apple has now discovering how easily is to inject malware into their toy systems
Welcome to 1995, it will take you quite a while to reach 2021 levels of security of any other computer, maybe by 2030?
>>
>>80327686
Please be bait.
>>
>>80327518
Why is /g/ the last one to hear about these breaches? Shouldn't we know about it sooner than these tech news websites?
>>
>>80328987
/g/ doesn't use iToys
>>
>>80327518
This is probably just the NSA backdoor
>>
>>80328987
why would we, /g/ is full of larpers
did you actually think this was some sort of secret hacker club?
>>
>>80327548
>>
>>
Skynet.
>>
>>80327518
Nothing on mine despite downloading scary pirated software.
>>
>>80327518
probably ransomware, I think that's the most lucrative form of malware that affects consumers.
maybe it will sell the bots as proxies or they will rent the botnet
>>
>>80329626
>ransomware
>for itoddlers
Excellent idea. They are too dumb to escape it.
>>
>>80327518
the kid wanted to make a pokemon type game/virus thing but he didn't want it to be small, so he's making an empty payload spread to enough machines before he'll release the actual game
>>
>>80327564
https://en.wikipedia.org/wiki/Linux_malware
>>
>>80330100
Nice 404 page you got there.
>>
>>80328216
[bass drums]
>>
>>80328987
newfag detected, i became aware of that maybe last year here on /g/
>>
>>80327518
How in the fuck can you even get malware on your mac, you literally have to go out of your way (cmd + right click + open) to even have an option to open unnotarized applications, and then confirm yet another prompt which is VERY explicit to allow the application to run in the background.
How dense do people have to be to get a virus on a mac? It's not windows where everything goes...
>>
>>80329893
Ransomware shoudl be easy on a mac, just make it look like an apple feature or subscription and the itodlers while pay without thinking.
>>
>>80330939
macs have always been insecure, it's just never been worthwhile to make a mass hack before so no one did it- all you had were smaller viruses and who would bother bringing something that uninteresting up?
>>
>>80327548
>y'all overreacting
stuxnet
>>
>>80330939
literally any binary that isn't from a behemoth like Adobe?

I am pretty sure wireshark didn't have a signature, or maybe it was nmap, I forgot
>>
>>80330939
I'm pretty sure apps have to be signed on the arm Mac's so you might not need to do the unauthorized meme if the app is signed
>>
>>80331027
Devilish. Release it around the time when an OS upgrade comes out and it would spread like wildfire.
>>
>central control server
Why cant they just block it? Sounds like this problem can be solved in 10 minutes.
>>
>be mac user
>guy at apple store told me only wintoddlers (that's what I call windows users) get viruses
>open $3000 macbook pro so I can watch netflix
>suddenly display goes blank
>about to curse at apple, but remember that I'm probably just holding it wrong
>display turns back on
>only thing on screen now is a looping animated gif of a red headed anime devil girl laughing at me
>large impact font at the top says "MACTODDLERS BTFO"
>i don't understand
>>
>>80327518
to own the macfags xD
>>
iToddlers are a special breed.
>>
File: 1573513791562.gif (458 KB, 399x517)
458 KB
458 KB GIF
>>80332041
>Delete Facebook
Finally, something me and the iToddlers can agree on.
>>
>>80330939
>right click

hold on there buccaroo. macs only have one button because applefags btfo
>>
File: jobsemail.jpg (38 KB, 600x382)
38 KB
38 KB JPG
>>80332017
>about to curse at apple, but remember that I'm probably just holding it wrong
kek almost forgot about that
>>
>>80332654
Brainlet
>>
>>80332041
This is actually all-around good advice for any system, for normies.
>>
>>80327564
Linux, being Unix-like, has equally shit security. It's not hard to trick the sysadmin into unknowingly running a shell script that copies over a program with his SUID and give you elevated permissions on the system
>>
>>80327548
>GO OUT AND GET INFECTED BY CCP FLU WE NEED TO KEEP PRODUCING CHEAP CRAP FOR YOU TO BUY

no
>>
>>80333427

Being easy to trick the sysadmin is a problem of the sysadmin, not the operating system. The sysadmin is supposed to have absolute powers on the system.
>>
>>80329194
This.
One day it will quietly disappear and be replaced by something different.
>>
>>80330100
>There has not been a single widespread Linux virus or malware infection of the type that is common on Microsoft Windows; this is attributable generally to the malware's lack of root access and fast updates to most Linux vulnerabilities.[2]
>>
>>80328216
boss
>>
>>80335447
Windows marketshare: 88%
macOS marketshare: 10%
Linux marketshare: 2%

Also Linux users are much more careful about security, the best protection againist malware is common sense. Linux has really shit security compared to macOS, but the normies that use Mac is much much more than Linux. macOS is really hardened and secure. ChromeOS is a different story, it's also as hardened as macOS.
>>
File: 16674354534532.png (570 KB, 1263x702)
570 KB
570 KB PNG
>>80328987
Nobody uses apple products here newfren.
The only ones that make apple threads are paid apple pajeet employees.
This is a free board.
>>
>>80327518
>the macOS Installer JavaScript API
the
wat
>>
>>80327518
>>Besides those questions, the malware is notable for a version that runs natively on the M1 chip that Apple introduced in November, making it only the second known piece of macOS malware to do so.
stop with this bullshit, it's literally one parameter in any compiler or it was compiled natively on an m1-based computer, it's NOT a feat of strength or whatever these retards think it is,
it does not change how the payload works and it's not harder or new or whatever
there is nothing notable about this, it's just your average rootkit, nothing more
>>
>>80327548
Better shut down Apple now this thing could spread!
>>
>>80327518
MACS DON'T GET VIRUSES
>>
>>80327548
>no symptoms
If you bothered reading, you'd notice it says infected machines are regularly checking a C2 server for commands.
Literally the only reason nothing's happened is that the people in control of the C2 server haven't pressed enter to swap the "do nothing" payload with the "nuke everything" payload yet.
>>
>>80327686
Please anon, at leaset pretent to be 18
>>
>>80331573
wdym?
>>
>>80327548
>le 500,000 face
>>
>>80328216
buzz
>>
File: BigSur.jpg (208 KB, 684x450)
208 KB
208 KB JPG
>>80327518
BigMac Sur is top Pajeetcode.
Of course it has vulnerabilities
>>
>>80336296
>A previously undetected piece of malware found on almost 30,000 Macs worldwide ... understand precisely what it does and what purpose its self-destruct capability serves.
>Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,000 machines, leaving the malware’s ultimate goal unknown.
Stuxnet
>The worm then propagates across the network, scanning for Siemens Step7 software on computers controlling a PLC. In the absence of either criterion, Stuxnet becomes dormant inside the computer. If both the conditions are fulfilled, Stuxnet introduces the infected rootkit onto the PLC and Step7 software, modifying the code and giving unexpected commands to the PLC while returning a loop of normal operation system values back to the users.
wikipedia.org/wiki/Stuxnet
>>
Hey autumn
>>
>>80327518
Is this just going to be another conficker?
>>
>>80337002
Holy fuck at your pic related.
No wonder it's such an absolute disaster
>>
>>80333824
how fucking dare you bring facts and logic into the discussion
>>
>>80327518
to poo in it
>>
>>80327518
CRINGE. They always know about these but pretend not to until some “independent researchers” discover them or it becomes redundant/compromised.
>>
>>80328216
bolognese
>>
There is NOTHING in a closed system like MacOS or Windows that the higher up dev team doesn’t know about. NOTHING. It’s not some natural ecosystem they discover. They literally have to build it all and they see everything behind the scenes.
>>
File: 1607958559481.png (74 KB, 357x357)
74 KB
74 KB PNG
Arch doesn't have this problem
>>
Retard normies are trained to fear criminal enterprise viruses n sheet but the real vulnerability exposing malware writing people are working at the tech companies or the government. They’d certainly work at Windows/Mac teams.
>>
If they don’t write back doors? I guess they fear being shaken down by the government with stupid court cases or muh monopoly shit. Plus they don’t even have a choice if you read the laws.
>>
File: jim.jpg (5 KB, 224x225)
5 KB
5 KB JPG
>be black hat h4x0r
>Windows exploit ecosystem is oversaturated
>remember how macOS was recently ported to ARM and is severely lacking in native malware
>Installer uses fucking JS and XML, kek
>whip up a nice little package, sneak it into some apps
>wait a few weeks for dat sweet personal info to roll in
>it's just teenage girls' selfies and scripts for young adult novels
>mfw
>>
IS NOT A BUG.
IS A FEATURE!
>>
>>80332766
>at 4:20 pm
>>
>>80327686
is this controlled opposition?
>>
>>80329388
No, but I thought there would at least be a few knowledgeable people and real hackers here
>>
>>80340285
lmao
>>
>>80333824
i also read the entire source code of every program i install with sudo
>>
>>80329893
> implying their iToy isnt already paying up front for ransonware
>>
>>80337002
lmao
>>
>>80340285
>be black
>>
>>80329626
Keyloggers are worse.
>>
>>80328216
/thread
>>
>>80329388
nice dubs
>>
>>80338136
everything on the internet is legit
>>
>>80331573
dont bring stuxy into this
>>
>>80344822
don't be silly. only posts on anonymous hentai forums are. who would lie to you here?
>>
>>80331573
>>80337549
sshhh. the internet is trying to tell me something!
>>
>>80327518
>Oh noes the surveillance OS malware had malware.
Is this real life
>>
>>80327518
link the article as soon as you make the post you fucking mongoloid
>>
>>80344924
fuck off phoneposter faggot
>>
>>80345093
how do you know i didnt screen shot it and then upload it to my computer and then post it?

You know? Like a normal person.
>>
File: psa.jpg (57 KB, 728x546)
57 KB
57 KB JPG
>>80327518
Dude the whole OS is compromised from the factory.
They just gather the info secretly for themselves the Int. agencies and to sell for extra profit to add companies
>>
>>80345641
>source
>>
>>80327518
Maybe they stopped it before it got dangerous
>>
>>80327518
Please buy apple kindly sirs
>>
>>80327518
It's probably coming from Apple labs itself. Industrial espionage designed by some other big company or nation and its now accidentally infecting the machines they are updating or something.
>>
How do you tell if you have it and how do you get rid of it?
>>
File: 1610518603584.jpg (27 KB, 450x594)
27 KB
27 KB JPG
>>80346328
>how do you get rid of it?
>>
File: .png (74 KB, 300x256)
74 KB
74 KB PNG
>>80327686
>>80328874
>>80335949
>>80340414
>>80327613
>>
>>80331725
Especially if it's being run on public cloud.
>>
File: 1509064056595.png (59 KB, 310x320)
59 KB
59 KB PNG
>>80332041
>crypto sites and crypto apps
what even is that
>>
>>80346371
GPG
>>
>>80333737
even the bots are schizoposting
>>
>>80335509
That's the desktop marketshare only brainlet, when we're talking about security you should probably include the server market
>>
>>80346360
If the trashcan eats a macbook, does it become stronger?
>>
>>80327518
"Serves him right, he trusted Apple"
>>
File: OHOHOHOHO.jpg (8 KB, 225x225)
8 KB
8 KB JPG
>(CR)APPLE
>OHOHOHOHOHOHO
>>
File: man.png (454 KB, 720x630)
454 KB
454 KB PNG
I hate technology, how do I learn how to make malware?



Delete Post: [File Only] Style:
[Disable Mobile View / Use Desktop Site]

[Enable Mobile View / Use Mobile Site]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.