全球第一个MAC系统蠕虫病毒诞生

独立研究人员InfoSecSellout发现并利用了Mac OS X中的mDNSResponder漏洞,开发了一款名为“Rape.osx”的蠕虫病毒,并在约1500台Mac组成的局域网中进行了测试。尽管作者声称不会将该蠕虫散布出去,并已通知Apple,但此事件预示着Mac平台未来可能面临更多的恶意软件威胁。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

今天看到了这则消息.一点惊异的感觉也没有.总觉得这是迟早的事情.而且此举的出现.看来各大杀毒软件公司又要做好准备开发全新的 for mac 版本的杀毒软件啦...

据网上的消息.此病毒是由InfoSec Sellout这个安全组织开发,利用mDNSResponder漏洞并加以变化,可影响1.0.4以上的版本.这个病毒叫"Rape"并在1500台MAC机组成的局域网内测试成功.

高兴的是,组织声称不会散布此病毒.并已经对APPLE报告该漏洞的.不过好像苹果的FANS非常抵制.依然大部分人都依然坚信.苹果系统不会出现蠕虫..( 我不明白他们为何如此坚持 )

下面是此组织的站址以及Engadge上的原文资料



http://infosecsellout.blogspot.com/



引用
New OS X vulnerability found: worm released in lab?

Look, we're fine with Apple gloating about the security of OS X in their Mac vs. PC adverts. After all, we have yet to see a large-scale worm released into the Macintosh community. However, the fact that a worm hasn't been released on a Windows-esque scale likely has less to do with Apple's superior coding than the size of their market share, i.e., OS X is a smaller target. That might soon change, however. A vulnerability has reportedly been found and more importantly, exploited by an "independent researcher" known only as "InfoSec Sellout." Apparently, a previously undisclosed vulnerability in the OS X mDNSResponder (which Apple has patched before) allowed Sir Sellout to cobble together a worm dubbed "Rape.osx." InfoSec Sellout claims to have released the worm into a controlled environment thereby infecting a network of about 1,500 OS X systems by nabbing root and dumping a text file as an evidentiary foot print. However, the worm's author claims that it can be broadly weaponised with a payload of choice across both PPC and Intel-class Macs with just a bit more work. InfoSec Sellout will disclose the vulnerability to Apple only after his/her "research is complete" and after an appropriate level of compensation (er, InfoSec Ransom?) received. Dubious as that sounds, for better or worse, it's the way the game's currently played.

Tags - mac
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值