All the aggregator did was to provide bogus links, so that users who thought that they were being connected with the vendor’s download were actually hijacked to the malware delivery sites (which were being hosted on Adobe’s servers, hence the name of this malware).įor an aggregator providing off-site links to downloads, this is pretty well the oldest trick in the book. In the case of the three malicious updates known to have been offered by MacUpdate, none was actually hosted on MacUpdate’s servers. In this respect, this week’s new malware, OSX.CreativeUpdate, is an excellent lesson in what not to do. And given that breaches will continue to occur, one of their most important tasks is responding to such breaches. Given that we are going to have to rely on online distribution, the burden of minimising risk is placed on distributors.
APPLESCRIPT MACTRACKER INSTALL
Besides, no Macs now ship with optical drives, so finding a way to install cheap distribution media wouldn’t be easy for the great majority of Mac users. With rapid delivery services from almost any part of the world, this is not such a bad alternative, but major intermediaries like Apple would lose a lot of revenue. One solution might be to return to physical media, at least for new purchases. So we need strategies to minimise the risk to our Macs. There seems no escaping the fact that our sources of new software and updates will continue to be under attack, and that, from time to time, they will deliver us malicious software.
APPLESCRIPT MACTRACKER UPDATE
They have also hit update aggregators: this is at least the third time that MacUpdate has generously helped its users to install malware, the last incident involving Eleanor. They have hit a succession of individual providers, some repeatedly the most recent victim was Eltima, for example, whose software delivery and update service must now be one of the most secure. They have hit Apple’s App Store with XcodeGhost, delivering malicious apps to millions of users in east Asia for around six months before its detection. Those who develop and distribute malware now target all online sources of software products, including update sites. Since I first started visiting update aggregators, the threat landscape has changed considerably. My favourite has not been MacUpdate, thankfully, which in the last few days has once again been found to have been inadvertently distributing malware by proxy. For many years, one of my routine daily web visits has been to a software update aggregation service, to check for new updates.
0 kommentar(er)
