STE WILLIAMS

Apple Support Told Don’t Confirm Malware Infections

Apple officials have instructed members of the company’s support team to withhold any confirmation that a customer’s Mac has been infected with malware or to assist in removing malicious programs, ZDNet’s Ed Bott reported on Thursday.

He cited an internal document titled “About ‘Mac Defender’ Malware,” which was last updated on May 16 and says that the trojan, which surfaced earlier this month and masquerades as legitimate security software for the OS X platform, is an “Issue/Investigation In Progress.”

“AppleCare does not provide support for removal of the malware,” the document, which was labeled confidential, stated. “You should not confirm or deny whether the customer’s Mac is infected or not.”

The memo’s disclosure comes as the number of reported Mac attacks has skyrocketed, Bott said. According to an earlier article he published, he recently found more than 200 separate discussion threads on discussions.apple.com in which users complained of infections that caused their Macs to behave erratically.

“Porn sites just started popping up on my MacBook Pro,” one user wrote. “Is this a virus? I have never had a virus on a Mac before and I have been using Macs for years. Please help!”

The con artists behind Mac Defender hook their victims by presenting Mac-using web surfers with images that depict an antivirus scan taking place on their machines. The images falsely claim users are infected with serious malware and urge them to download and install the antivirus package. Those who fall for the ruse are then infected. Similar scams have plagued Windows users for years, often to the delight and scorn of Mac and Linux fans.

According to a third article penned by Bott, AppleCare reps are seeing a four- to five-fold increase in the number of calls requesting support for rogue antivirus scams targeting the Mac.

 

Source

First DOS-based malware celebrates silver jubilee

The first virus capable of infecting DOS-based PCs celebrates its silver jubilee this month.

The Brain Virus, written by Pakistani brothers Basit and Amjad Alvi, was relatively harmless. The Alvis claimed the malware was there as a copyright protection measure to protect their medical software from piracy, an article by CIO magazine on the anniversary recalls.

Brain replaced the boot sector of an infected floppy disk with malicious code, moving the real boot sector to another part of the disc. The malware had the effect of slowing down disk access and, more rarely, making some disks unusable.

Any other floppies used on a machine while the virus was in memory would get infected, but the malware did not copy itself to hard disk drives, as explained in a write-up here.

The Lahore-based Alvi brothers were fairly upfront about their questionable actions, going as far as embedding their names and business address in the malware code. Although intended only to target copyright violators, the malware infected machines in the US and UK among other places.

It’s hard to believe now, but the very few computer viruses prior to Brain infected early Apple or Unix machines.

It is highly unlikely any of today’s generation of VXers would do the same. Instead of curios such as the Brain virus, security threats these days take the more ominous form of Zombie botnet clients.

The Alvi brothers could never have imagined we’d get here, even though they arguably helped pave a small part of the way towards a world of Windows malware.