New Mac OS X trojan horse goes live, acts as Adobe Flash Player updater application

Posted by:
Date: Monday, August 8th, 2011, 08:46
Category: News, security, Software

The bad news: There’ll always be people designing viruses, trojans and malware for computers.

The good news: It’s quite a bit rarer on the Mac OS X side of things.

Even so, the latest attempt from digital wrongdoers to infect your Mac has been spotted taking on the look and feel of Adobe’s Flash Installer.

According to CNET, the trojan, which has been dubbed as fairly serious since it mimics the Adobe Flash Player updated, has been named the Trojan Bash/QHost.WB by F-Secure, which provided some insight as to how it works.

Once installed, the Trojan adds entries to the hosts file to hijack users visiting various Google sites (e.g., Google.com.tw, Google.com.tl, et cetera) to the IP address 91.224.160.26, which is located in Netherlands. The server at the IP address displays a fake Web page designed to appear similar to the legitimate Google site.

The Trojan is currently dormant, meaning that while it will take you to the fake Google site, nothing will happen. It is, however, programed to serve pop-up ads once the user has accessed the false IP.

The current solution is to only install Adobe updates from Adobe’s official Web site. As with any Trojan designed for Mac, the malware only works if the user allows it. Most of the threats currently in the wild can be avoided by simply sticking to paid versions of software obtained directly from trusted creators of the product.

Stay tuned for additional details as they become available.

Russian police raid points to MacDefender scam

Posted by:
Date: Friday, August 5th, 2011, 04:26
Category: News, Software

If you wanted to know who was responsible for all that MacDefender malware nonsense a few months ago, they might have something.

After a raid on Russian payment giant Chronopay’s offices, authorities have found evidence linking the company to the MacDefender fake anti-virus scam that targeted Mac users.

Per security expert Brian Krebs’ blog post, Russian cops have discovered “mountains of evidence” that Chronopay employees were providing technical and customer support for bogus anti-virus software, including MacDefender.

Police discovered “Website support credentials and the call records of 1-800 numbers used to operate the support centers,” Krebs wrote. Evidence was also found linking the company to Rx-Promotion, an online program that worked with spammers to promote sites selling counterfeit prescription drugs.

Chronopay has a 45 percent share of the Russian e-commerce market and had denied involvement with the scam in May after Krebs leveled accusations against the company. Co-founder Pavel Vrublevsky was arrested in June over allegations that he hired a hacker to attack his company’s rival.

“If allegations against ChronoPay are true then we should expect significant decrease of revenues received by cyber criminals in the appropriate segments of black market in the near future,” said Maxim Suhanov, a specialist at computer-forensics firm Group-IB.

A recent analysis of the fake anti-virus distribution networks found that scammers were using highly profitable pay-per-install programs to deploy the malware. PPI networks reportedly charge as little as US$750 for 10,000 installs.

“If you do the math, it’s almost like you’re printing money,” researcher Damon McCoy said. “You could pay the PPI networks US$75 to get 1,000 fake AV installs. And if you had an average conversion rate of one in 50, making between US$25-US$35 on each install, that works out to about 20 sales — or conservatively US$500 per one thousand installs.”

Users first discovered the MacDefender malicious software in late April. Using a method known as “SEO poisoning,” the malware automatically downloaded itself onto users’ computers and posed as an anti-virus software in an attempt to trick users into providing credit card information. Security firms categorized the threat as “low” because the users were still required to agree to install the software and provide a password.

However, in late May, a variant of the malicious software was discovered that installed itself without administrator approval. Apple issued a security update to Mac OS X meant to detect and disable the malware.

Security researchers have applauded Apple for its recent security efforts, especially in Mac OS X Lion, while also warning that the Mac platform’s increased visibility may open it up to increased threats from hackers.

Stay tuned for additional details as they become available.

Carbon Copy Cloner updated to 3.4.2

Posted by:
Date: Friday, August 5th, 2011, 04:49
Category: News, Software

carbon.jpg

Late Tuesday, Carbon Copy Cloner, the shareware favorite for drive cloning operations by Mike Bombich, reached version 3.4.2. The new version, a 5.2 megabyte download, adds the following fixes and changes:

- Fixed an issue in which scheduled tasks with a remote Macintosh specified as the source would not run properly if the scheduled task had been upgraded from an earlier version of CCC.

- Fixed an issue in which a task scheduled to run when the source or destination was reconnected would not fire unless the disk was physically detached from the Mac.

- Fixed an issue that would interfere with the execution of scheduled tasks configured to back up to a network volume.

- Fixed an issue in which some network filesystems would not appear in the source and destination menus, or would cause a crash when selected.

- Fixed an issue in which the Cloning Coach would appear frozen on screen.

- The email recipients field should now be editable on Tiger systems.

- Several general tweaks to user interface behavior.

- Fixed an issue in which a restored volume wouldn’t be bootable if the volume had been restored while booted from a different version of Mac OS X than what was being restored.

- CCC now avoids setting file flags and permissions on files that are not owned by the user account that was used to mount a network filesystem.

- Fixed an issue in which CCC would report that it was unable to enable ACLs on the destination volume when specifying a folder as the destination.

- Fixed an issue in which CCC would not display the list of currently-configured scheduled tasks in the Scheduler window.

- Added undo and redo support to the “Ask a question about CCC” form in CCC’s Help window.

- Fixed an issue in which the “Send test email” button would be unclickable if the Scheduler window was resized vertically.

- Fixed an issue in which a scheduled task would not run, rather it would only display the background “Defer/Skip” window. This issue was associated with a “-[__NSCFBoolean objectForKey:]: unrecognized selector sent to instance” error in the CCC log file.

- Fixed an issue in which CCC would report an error enabling ACLs when the source was a remote Macintosh. The error would subsequently cause the backup task to fail.

- Growl notifications should now work with scheduled tasks.

- /.DocumentRevisions-V100 is now excluded by default. A note on this exclusion has also been added to the appropriate section of the documentation.

- CCC now deletes the per-task archive folder at the end of the backup task if that folder is empty. The _CCC Archives folder will also be deleted if it is subsequently empty.

- Archive folders were occasionally created with restrictive access that would prevent the user from accessing their contents. These folders will now be more reliably created with the user set as the owner.

- Fixed a bug in which an improperly unmounted volume would cause scheduled tasks to fail. Suspending a Parallels VM, for example, could trigger this behavior (Parallels unmounts the “C” drive but does not remove the mountpoint folder).

- Fixed an issue affecting Leopard users in which CCC would hang when the user clicked the Stop button.

- Fixed an issue in which Growl notifications would not be accepted by the Growl helper when sent from a CCC scheduled task.

- The “Maintain a backup (Archive modified and deleted items)” preset no longer calls for archive pruning. Archive pruning must be requested explicitly by the user.

- Fixed an issue in which CCC would report permissions problems while accessing some files on network filesystems.

- Made a couple tweaks to the sending of email notifications that should make it work better with some email servers.

Carbon Copy Cloner 3.4.2 retails for a US$10 shareware registration fee. The application requires Mac OS X 10.4.8 or later to run.

If you’ve tried the new version and have any feedback to offer, let us know in the comments.

Apple releases updated Mac OS X 10.6 drivers for HP, Samsung and Brother printers

Posted by:
Date: Thursday, August 4th, 2011, 06:05
Category: News, Software

On Wednesday, Apple released printer driver updates for both HP and Samsung printers. The HP Printer Drivers 2.7 update, a 494.47MB download containing the latest printing and scanning software for HP printers, requires Mac OS X 10.6.1 or later or later to install and run and can also be snagged via Mac OS X’s Software Update feature.

The Samsung Printer Drivers 2.2 update for Mac OS X includes Samsung printing software that shipped with Mac OS X 10.6 Snow Leopard. The 26.86MB download requires Mac OS X 10.6 or later to install and run and can also be snagged via Mac OS X’s Software Update feature.

Finally, the Brother 2.7 Printer Drivers update installs the latest software for Brother printers or scanners. The 136.55MB download requires Mac OS X 10.6.0 or later and can also be snagged via Mac OS X’s Software Update feature.

If you’ve tried these new drivers and have any feedback to offer, please let us know in the comments section.

Apple releases QuickTime 7.7 for Mac OS X 10.5, Windows users

Posted by:
Date: Thursday, August 4th, 2011, 06:20
Category: News, Software

quicktimelogo.jpg

Late Wednesday, Apple released the latest version of QuickTime, its multimedia support system for Mac OS X and Windows. The new version, known as QuickTime 7.7, is available as a variably-sized download (depending on version chosen through the download page), and improves security and is recommended for all Mac OS X 10.5.x (“Leopard”) users.

The update requires Mac OS X 10.5 or later to install and run and can be located and snagged via Mac OS X’s built-in Software Update feature.

If you’ve tried the update and have any feedback to offer, let us know in the comments.

Google Chrome updated to 13.0.782.107

Posted by:
Date: Wednesday, August 3rd, 2011, 04:21
Category: News, Software

google-chrome-logo

Google Chrome, Google’s new web browser, just reached version 13.0.782.107 for the Mac. The new version, a 42.1 megabyte download, offers the following the following changes:

- Instant Pages.

- Security fixes and improvements.

Google Chrome 13.0.782.107 requires an Intel-based Mac running Mac OS X 10.5 or later to install and run.

Onyx 2.3.0 released

Posted by:
Date: Tuesday, August 2nd, 2011, 04:04
Category: News, Software

onyxicon

Onyx, Titanium Software’s popular freeware multifunction utility for Mac OS X, has been updated to version 2.3.0. The new version, a 18.8 megabyte download (courtesy of MacUpdate), adds the following fixes and changes:

- Bug while deleting the Safari cookies corrected.

- Some little improvements.

Onyx 2.3.0 requires Mac OS X 10.6 or later to install and run.

Adobe announce Edge 1.0 HTML 5 creation tool, offers preview for free

Posted by:
Date: Monday, August 1st, 2011, 05:27
Category: News, Software

adobelogo

Sometimes you have to transition to the next thing.

Per Adobe’s blog, Adobe has released a free public preview of Edge, a new motion and interaction design tool that lets users build Flash-style animated Web content using HTML, JavaScript, and CSS.

Edge is planned for commercial release sometime next year and is designed to work in concert with the company’s existing professional design tools—Dreamweaver CS5.5, Flash Professional CS5.5, and Flash Builder 4.5 (as well as earlier versions)—is targeted to designers seeking an efficient way to use Web standards like HTML to create content featuring motion and transitions.

The application works natively with HTML and lets users add motion to existing HTML documents without altering the design or CSS-based layout. Users can also import standard Web graphics such as SVG, PNG, JPG, and GIF files and style them using CSS3. It also lets users create visually rich content from scratch with familiar drawing tools that produce HTML elements styled with CSS3.

The design stage (the workspace in Edge) uses WebKit to enable content design, preview, and manipulation. The timeline offers advanced techniques to boost productivity and precision in creating animations, and lets users define and customize motion applied to HTML elements, Adobe says.

Content created with Edge is designed to work on browsers such as Safari, Chrome, and Firefox. Edge content can also be viewed on mobile devices running iOS, Android, BlackBerry Playbook, and HP webOS.

Adobe Edge is immediately available worldwide for Mac and Windows and requires Mac OS X 10.6 or 10.7 or later to install and run the application.

Forthcoming Microsoft Office 2011 update to add support for Mac OS X 10.7 feature base

Posted by:
Date: Thursday, July 28th, 2011, 12:25
Category: News, Software

microsoftlogo.jpg

The good news: Mac OS X 10.7 (“Lion”) is out.

The bad news: Not all of Microsoft’s products support all of the Mac OS X 10.7 feature base.

Still, there may be hope on the horizon.

Per the Office for Mac blog, Microsoft has revealed that a forthcoming update for Office for Mac 2011 will add support for new features in Mac OS X 10.7, including versions, auto-save and full-screen.

Pat Fox of the Office for Mac team wrote on the company’s official blog this week that inquiries about those features have been the “most common question” for users of late. The Microsoft team is said to be “working hard with Apple” to enable the features.

“I know your next question will be ‘when?’, and unfortunately I can’t answer that — but it’s likely measured in months not days — just to set expectations,” the post reads.

The news came alongside the release of an update to Communicator for Mac, which addresses an issue related to crashing in Lion. The download is available through Microsoft AutoUpdate.

The company also reiterated that Office for Mac 2004 will not ever work on Lion, because the software was a PowerPC-based product, and Lion no longer includes Rosetta.

“Now would be a great time to upgrade to Office for Mac 2011 if you’re upgrading to Lion!” Fox said.

Office for Mac 2011, the industry’s most popular productivity suite, was released last October, delivering better compatibility with the Windows version of Office and corporate server products. It also features a revised user interface that’s similar to the “ribbon” interface used in Windows.

Those user interface elements are built on Cocoa, the development layer of Mac OS X. And the all-new version of Outlook that shipped with Office for Mac 2011 was also built from the ground-up with Cocoa for the Mac.

File versions, auto-save and full-screen are major features touted as part of the newly released Mac OS X 10.7 Lion operating system. With support for Lion, documents are automatically saved, and multiple versions of the file are stored allowing for Time Machine-like recovery of previous iterations of a file.

The new full-screen support in Lion will bring an iPad-like feel to the operating system, allowing users to concentrate on one task at a time and quickly swipe between full-screen applications with a multi-touch gesture.

Apple’s own competing productivity suite, iLife, was already updated for Lion earlier this month. iWork Update 6 adds support for full-screen mode, resume, auto-save and versions to Pages, Numbers and Keynote.

Stay tuned for additional details as they become available.

Skype updated to version 5.2.0.1572

Posted by:
Date: Tuesday, July 26th, 2011, 11:23
Category: News, Software

skypelogo.jpg

On Wednesday, version 5.2.0.1572 of the Skype VoIP application went public. The new version, a 20.8 megabyte download, offers the following fixes and changes:

- Updated localizations.

- The removal of “Professional Account”.

- Minor improvements.

- Skype credit balance will be shown to users who are member of Skype Manager by removing “Professional Account”.

Skype 5.2.0.1572 requires Mac OS X 10.5.8 or later to install and run.

If you’ve tried the new version and have any feedback to offer, please let us know.