“Piggybacking is a method used to gain unauthorized access to the computer. This occurs when an authorize application allows another non-related or unauthorized application to pass through or get into user’s system.”
Couple of weeks ago while I was working in my infect machine, I got this alert message from Apple Software Update. I was a little bit busy so I just minimize the window. Last monday, I had the chance to check and read what it says. Surprisingly, I found Safari 3.1 in the list which I know I haven’t installed any of its version. So, what’s happening here ?
As shown in the figure above, the QuickTime program I installed checks for updates. Then, the server replied with the update information. However, it doesn’t end there, the server exploited the communication to perform an unauthorized task, which is to offer Safari 3.1 installer.
This is completely unacceptable behavior and a breach to information security.
March 18 - Apple Released Its Gigantic Update.
- Security Update 2008-002 fixes 95 security vulnerabilities found in different components of Mac OS X operating system.
- Safari 3.1 fixes 13 security vulnerabilities found in Safari for Mac (10) and Windows (3).
March 20 - “iMunizator” The 2nd Rogue In Mac
- iMunizator a rebranded version of MacSweeper.
- It was first seen in Apple Discussions web site, where someone asked this question “What is iMunizator?”
- Difference between the two:
-
- iMunizatorSetup.dmg file size is 1.49Mb while MacSweeper 1.52Mb.
- iMunizator company is iMunizator.com while MacSweeper is KiVVi Software.
- iMunizator executable file size is 407,036 bytes while MacSweeper 407,468 bytes.
- iMunizator resource folder does not contain TODO.txt.
- If Last time, MacSweeper is sharing NS server with Cleanator (a known rogue program in windows) this time iMunizator.com neighbor is AntiSpywaredeluxe.com [67.205.72.9] which is also a rogue program in Windows. iMunizator.com network information below:
March 27 - Mac OS X Hacked in 2 Minutes Read [CNET News]
-
-
- VAIO VGN-TZ37CN running Ubuntu 7.10
- Fujitsu U810 running Vista Ultimate SP1
- MacBook Air running OSX 10.5.2
- March 26 (1st Day) when the contest started. However, nobody was able to hacked any of these three operating systems in a limited resources and confined local network connection.
- March 27 (2nd Day) when the attackers were given internet connection.
- March 28 (3rd Day) when the attackers were allowed to use popular software to exploit.
- The results are as follows:
-
-
- On the 2nd day, Mac OS X was successfully hacked in 2 minutes using a zero-day exploit in Safari.
- On the 3rd day, Vista was successfully hacked after 7 hours using zero-day exploit in Adobe Flash.
- Linux stays intact and won against hackers.
As shown in the figure above, the QuickTime program I installed checks for updates. Then, the server replied with the update information. However, it doesn’t end there, the server exploited the communication to perform an unauthorized task, which is to offer Safari 3.1 installer.
Recent Comments