Saturday, July 28, 2012

Mac OS X Targeted By Clever New Trojan

A new Mac malware threat has been discovered. The OSX/Crisis Trojan is an insidious clever threat. Mac users should take steps to defend against this new malware, and proactively defend against future threats while they’re at it.
Protect yourself!
OSX/Crisis  is uniquely sneaky. First of all, the malware is cross-platform. It identifies the operating system, and executes different instructions depending on whether the target is a Windows or Mac OS X system. The malware is capable of infecting OS X 10.6 “Snow Leopard” and OS X 10.7 “Lion” systems without requiring a password, or any user intervention.

Once it infiltrates the system, it exhibits different behavior depending on whether or not it has Admin level privileges on the target. OSX/Crisis is exceptional in its ability to adapt on the fly to attack a broader range of targets.

Curtis Fechner, Webroot  threat research analyst, explained, “We've been looking at this and it's quite complex, as well as fascinating. I think the most important opinion we've formed is that we see more threats for the Mac platform like this one on the horizon.”

Mac users need to defend against another new malware threat.
Andrew, director of security operations for nCircle , declared, “Mac malware is no joke. Despite Apple’s marketing hype about security, it should be obvious to everyone that their devices are susceptible to malware. Earlier this year the Flashback Trojan infected hundreds of thousands of Macs. The new OSX/Crisis malware is another Apple wake up call.”

At this point it would be cliché to echo the same ominous warnings that are issued every time a new malware threat targets Mac OS X. I think all but the most naïve of Apple users understand that the days of security by obscurity are over, and that the OS is not invulnerable to attack.

For many Mac users, though, there is still a disconnect between realizing that the threat landscape has shifted, and actually doing something about it. Mac users need to embrace the mindset that has been conditioned into Windows users over time, and install antimalware and other security tools to proactively protect against new attacks.

Dave Marcus director of advanced threat research & intelligence at McAfee Labs , sums it up. “Apple users should consider themselves fully on notice: their Macs can be infected like any other device and they MUST take appropriate countermeasures by installing anti-malware solutions and practicing safe browsing habits.”

Storms agrees with Marcus. “Mac users are going to have to learn to be more security minded and Apple needs to step up and offer users practical, effective security support.”

Wednesday, July 18, 2012

Apple Must Publish Notice Samsung Didn’t Copy IPad In U.K.

Apple Inc. (AAPL) was ordered by a judge to publish a notice on its U.K. website and in British newspapers alerting people to a ruling that Samsung Electronics Co. didn’t copy designs for the iPad.
The notice should outline the July 9 London court decision that Samsung’s Galaxy tablets don’t infringe Apple’s registered designs, Judge Colin Birss said today. It should be posted on Apple’s U.K. home page for six months and published in several newspapers and magazines to correct any impression the South Korea-based company was copying Apple’s product, Birss said.
Enlarge image
Apple Inc. was ordered to put notices in U.K. newspapers and on its website stating that Samsung didn't copy the iPad. Photographer: Lex Van Lieshout/epa/Corbis
The order means Apple will have to publish “an advertisement” for Samsung, Richard Hacon, a lawyer for Cupertino, California-based Apple, told the court. “No company likes to refer to a rival on its website.”
Apple is fighting patent lawsuits around the globe against competitors including Google Inc., HTC Corp. (2498) and Samsung as it competes for dominance of the smartphone and tablet computer markets. The firms have accused each other of copying designs and technology in their mobile devices. Legal battles about the similarity of Samsung and Apple tablets are being fought in Germany, the Netherlands and the U.S.
Public Statements
It's like the movie "Twins"
Birss said in his July 9 ruling that Samsung’s tablets were unlikely to be confused with the iPad because they are “not as cool.” He declined today to grant Samsung’s bid for an injunction blocking Apple from making public statements that the Galaxy infringed its design rights.
“They are entitled to their opinion,” he said.
Apple spokesman Alan Hely didn’t immediately respond to a phone call and e-mail requesting comment on the judge’s order.
“Should Apple continue to make excessive legal claims based on such generic designs, innovation in the industry could be harmed and consumer choice unduly limited,” Samsung said in a statement after the hearing.
“The war between these two companies seems to be escalating even further,” said Colin Fowler, an intellectual property lawyer at London-based Rouse. He said much of the publicity around the July 9 ruling focused on Birss’ comments about Samsung not being as cool.
“From a victory in court they were suddenly on the back foot,” Fowler said in a phone interview. “Getting this order fits in with the context of them trying to restore the balance.”
‘Commercial Harm’
Comments made by Apple after that ruling unfairly implied that Samsung had copied designs, Samsung’s lawyer Kathryn Pickard said at the hearing. That “caused real commercial harm.”
As well as Apple’s website, the company must pay for notices in the Financial Times, the Daily Mail , Guardian Mobile magazine, and T3, according to a draft copy of the order provided by Samsung’s lawyers.
Apple’s lawyer said the company would appeal the July 9 decision and Judge Birss granted the company permission to take its case to the court of appeal.
I invite everyone to find the notice on Apple's site and take a screenshot. I know I will.

Monday, July 16, 2012

Apple In-App Store Hacked

Hacker finds way to loot in-app store items and posts a how-to on YouTube.

A Russian hacker has managed to find a way around the security checks in Apple's in-app purchasing system to make content sold in iOS apps available for free.
The hacker, identifying himself as ZonD80, has posted a YouTube video demonstrating how he was able to create an in-app proxy that authorizes in-app purchases at no cost.

"To buy in-app content," he says in the video,"you must install two certificates and set the IP address of the DNS to a specific IP."
On a Blogger hosted site, he has asked for donations to support the development of his project. The PayPal email address he provides for receipt of funds is a address, a domain owned by Apple. Presumably this will simplify Apple's effort to identify the hacker, though doing so won't stop the spread of his code: ZonD80 notes on his blog that he has sent the source code and control of the hosting server to someone else.

In-app purchasing has become one of the leading sources of revenue for app developers. ABI Research in February predicted that revenue from sale of content in apps will outpace revenue from selling the apps themselves in 2012.
Apple appears to be taking steps to limit the damage. Russian blog includes a note, purportedly from ZonD80, indicating that Apple has filed a takedown notice with the service provider of his website.
It's doubtful that Apple will ask Google to remove the hacker's Blogger site--it isn't hosting any code so there might not be any legal foundation to request that Google remove it, unless Apple claims that the domain,, violates its trademarks.

The hack appears to work on iOS versions 3.0 through 6.0, presently available only in beta form to iOS developers. But not all apps with in-app purchasing are vulnerable. Apple provides a mechanism to validate in-app purchases, in order to allow purchases to be restored on erased or new devices. Developers who have implemented receipt verification, which requires tracking in-app sales using a separate server, can query Apple to confirm the authenticity of purchased items.

Sunday, July 8, 2012

Apple bows out of program for environment-minded products

The company's "design direction" is no longer in keeping with the requirements of a major program devoted to the fostering of environmentally responsible electronics, according to a report.

Meh, screw the environment.

Apple has decided to stop participating in a major program devoted to the production of environmentally friendly products, reportedly saying that its design direction is no longer in line with the program's requirements.
Late last month, Apple told the nonprofit EPEAT group  that the company would no longer submit its products for green certification from EPEAT and that it was pulling its currently certified products from the group's registry.
EPEAT , or the Electronic Product Environmental Assessment Tool, receives funding from the Environmental Protection Agency and calls itself "the leading global environmental rating system for electronic products, connecting purchasers to environmentally preferable choices and benefiting producers who demonstrate environmental responsibility and innovation."According to The Wall Street Journal's CIO Journal site, 39 of Apple's products had received EPEAT's green stamp of approval, including laptops such as the MacBook Pro  and the MacBook Air .
The U.S. government requires that 95 percent of its electronics bear the EPEAT seal of approval; large companies such as Ford and Kaiser Permanente require their CIOs to buy from EPEAT-certified firms; and many of the largest universities in the U.S. prefer to buy EPEAT-friendly gear, CIO Journal reports.
Apple "said their design direction was no longer consistent with the EPEAT requirements," CIO Journal quotes EPEAT CEO Robert Frisbee as saying. "They were important supporters and we are disappointed that they don't want their products measured by this standard anymore."
Among other things, the EPEAT requirements hold that electronics must be easy to disassemble, so their components can be recycled. The iPhone , the iPad, and the new MacBook Pro with Retina display  don't pass muster because of things like batteries and glass displays that are glued to casings and backings. Apple may soon introduce an alternate green standard to apply to its products, CIO Journal reports.
We've contacted Apple for comment and will update this post if and when we hear back. CIO Journal said Apple had declined to comment but had referred the site to the Environment section of Apple's Web site.
Show Apple you support their decision.

Monday, July 2, 2012

Mac espionage trojan targets Uighur activists


Researchers at Kaspersky Lab said Friday that they have come across a new "advanced persistent threat 
(APT)" campaign targeting Uighur activists who use Mac OS X.

The backdoor, dubbed MaControl.b, is being used to spy on Uighur dissidents. On Wednesday, researchers said they discovered the "new wave" of APT attacks targeting the Turkik-speaking Muslim group, which mostly lives in the northwest Chinese province of Xinjiang.

The attackers are sending their prospective victims legitimate looking emails that contain a difficult-to-detect exploit disguised in a ZIP file, which is attached.

"When executed, it installs itself in the system and connects to its command-and-control server to get instructions," wrote Costin Raiu, a senior security researcher at Kaspersky, in a blog post. "The backdoor allows its operator to list files, transfer files and generally run commands on the infected machine."

The Uighurs have sought greater religious freedoms and autonomy, and have staged a number of uprisings against Chinese rule. The U.S. State Department has called out the Chinese government for repressing and committing human rights abuses against the minority group.

This is not the first time this year that virus authors have customized their wares to run on the Mac and go after dissidents. In March, the security firm AlienVault reported that Tibetan activists were being targeted by remote access trojans, or RATs, which took advantage of a three-year-old vulnerability in Microsoft word.

"With Macs growing in popularity and their increased adoption by high-profile targets, we expect the number of Mac OS X APT attacks will also grow," Raiu wrote.
Why not keep yourself safe on the Internet?

Sunday, July 1, 2012

Apple Store In Georgia Refuses To Sell iPad, iPhone To Farsi-Speaking Customer, Citing Company Policy

I'm sorry Apple nazi, was it my accent?
A 19-year-old woman in Alpharetta, Ga., claims that her local Apple store refused to sell her anything after she was heard speaking Farsi with her uncle while she was trying to buy an iPhone and iPad.

"When we said 'Farsi, I'm from Iran,' he said, 'I just can't sell this to you. Our countries have bad relations,'" Sahar Sabet told WSB-TV.

According to the report, the Apple store employee cited the company's official policy, which prohibits the sale of their products to countries with which trade is prohibited by U.S. embargo.

Apple makes note of the policy on its website:

PROHIBITED DESTINATIONS The U.S. holds complete embargoes against Cuba, Iran, North Korea, Sudan, and Syria
The exportation, reexportation, sale or supply, directly or indirectly, from the United States, or by a U.S. person wherever located, of any Apple goods, software, technology (including technical data), or services to any of these countries is strictly prohibited without prior authorization by the U.S. Government. This prohibition also applies to any Apple owned subsidiary or any subsidiary employee worldwide.

Apparently this is not an isolated case. Zach Jafarzadeh of Virginia told WSB-TV he experienced similar treatment when he was trying to help a friend from Iran buy an iPhone.

The Consumerist gave the following reason for Sabet's experience being alarming;

[The] 19-year-old woman is a U.S. citizen living in the country, who just happens to also speak the language spoken in a country that is the subject of a trade embargo. This would be like the Apple store refusing to sell to anyone who speaks Spanish because they might have defected from Cuba. And are Apple employees asking every Korean customer whether they were born in North or South Korea?
The lack of Apple service within Iran itself has been discussed on Quora. In response to a thread on the App Store's accessibility in Iran, one said, "No, it has been filtered." Another said it could be accessed, though only with the aid of a proxy server.
Just buy an Android phone and be done with it.