独立研究人员InfoSecSellout发现并利用了Mac OS X中的mDNSResponder漏洞,开发了一款名为“Rape.osx”的蠕虫病毒,并在约1500台Mac组成的局域网中进行了测试。尽管作者声称不会将该蠕虫散布出去,并已通知Apple,但此事件预示着Mac平台未来可能面临更多的恶意软件威胁。
今天看到了这则消息.一点惊异的感觉也没有.总觉得这是迟早的事情.而且此举的出现.看来各大杀毒软件公司又要做好准备开发全新的 for mac 版本的杀毒软件啦...
据网上的消息.此病毒是由InfoSec Sellout这个安全组织开发,利用mDNSResponder漏洞并加以变化,可影响1.0.4以上的版本.这个病毒叫"Rape"并在1500台MAC机组成的局域网内测试成功.
高兴的是,组织声称不会散布此病毒.并已经对APPLE报告该漏洞的.不过好像苹果的FANS非常抵制.依然大部分人都依然坚信.苹果系统不会出现蠕虫..( 我不明白他们为何如此坚持 )
Tags - mac
据网上的消息.此病毒是由InfoSec Sellout这个安全组织开发,利用mDNSResponder漏洞并加以变化,可影响1.0.4以上的版本.这个病毒叫"Rape"并在1500台MAC机组成的局域网内测试成功.
高兴的是,组织声称不会散布此病毒.并已经对APPLE报告该漏洞的.不过好像苹果的FANS非常抵制.依然大部分人都依然坚信.苹果系统不会出现蠕虫..( 我不明白他们为何如此坚持 )
下面是此组织的站址以及Engadge上的原文资料
http://infosecsellout.blogspot.com/
引用
New OS X vulnerability found: worm released in lab?
Look, we're fine with Apple gloating about the security of OS X in their Mac vs. PC adverts. After all, we have yet to see a large-scale worm released into the Macintosh community. However, the fact that a worm hasn't been released on a Windows-esque scale likely has less to do with Apple's superior coding than the size of their market share, i.e., OS X is a smaller target. That might soon change, however. A vulnerability has reportedly been found and more importantly, exploited by an "independent researcher" known only as "InfoSec Sellout." Apparently, a previously undisclosed vulnerability in the OS X mDNSResponder (which Apple has patched before) allowed Sir Sellout to cobble together a worm dubbed "Rape.osx." InfoSec Sellout claims to have released the worm into a controlled environment thereby infecting a network of about 1,500 OS X systems by nabbing root and dumping a text file as an evidentiary foot print. However, the worm's author claims that it can be broadly weaponised with a payload of choice across both PPC and Intel-class Macs with just a bit more work. InfoSec Sellout will disclose the vulnerability to Apple only after his/her "research is complete" and after an appropriate level of compensation (er, InfoSec Ransom?) received. Dubious as that sounds, for better or worse, it's the way the game's currently played.
Look, we're fine with Apple gloating about the security of OS X in their Mac vs. PC adverts. After all, we have yet to see a large-scale worm released into the Macintosh community. However, the fact that a worm hasn't been released on a Windows-esque scale likely has less to do with Apple's superior coding than the size of their market share, i.e., OS X is a smaller target. That might soon change, however. A vulnerability has reportedly been found and more importantly, exploited by an "independent researcher" known only as "InfoSec Sellout." Apparently, a previously undisclosed vulnerability in the OS X mDNSResponder (which Apple has patched before) allowed Sir Sellout to cobble together a worm dubbed "Rape.osx." InfoSec Sellout claims to have released the worm into a controlled environment thereby infecting a network of about 1,500 OS X systems by nabbing root and dumping a text file as an evidentiary foot print. However, the worm's author claims that it can be broadly weaponised with a payload of choice across both PPC and Intel-class Macs with just a bit more work. InfoSec Sellout will disclose the vulnerability to Apple only after his/her "research is complete" and after an appropriate level of compensation (er, InfoSec Ransom?) received. Dubious as that sounds, for better or worse, it's the way the game's currently played.
Tags - mac
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
