Those days are over. Recent iPad security scares are a sign that Apple’s devices are a growing target for hackers, spammers and malicious coders.

“Market share is a pretty good indicator of who hackers are going after,” said Kevin Haley, director at Symantec Security Response. “Hackers are motivated by money, so they want to get access to the most amount of people.”

Hacker group Goatse Security was able to obtain 114,000 iPad 3G users’ e-mail addresses and iPad SIM card ID numbers from AT&T’s website last week. The vulnerability was on AT&T’s site, but any hit against the iPad dings Apple as well. And in a blog post, Goatse Security said Monday that a “skilled attacker” could take advantage of a weakness in the iPad’s Safari Internet browser to launch a spam attack from a compromised iPad.

“This is a wake-up call for Apple, and it cannot afford to hit the snooze button,” said Hemanshu Nigam, founder of SSP Blue, a cybersecurity consulting firm. “The hacker community focuses on companies that are on the top of their games. Apple has gained enough market share that it has caught hackers’ attention.”

It’s not surprising that Apple is becoming a growing target — it’s simply a matter of scale. Cybercriminals try to hack the software that most people use to access the Internet, and increasingly, that software is made by Apple. While Apple’s PC market share is still in the single digits, Apple is now the second largest smart phone maker in the United States, behind only BlackBerry maker Research in Motion. It has also sold more than 2 million iPads in just two months.

“Any company’s device or platform on which lots and lots of people are exchanging or storing data is going to be susceptible to an attack,” said Fred Rica, principal security analyst at PricewaterhouseCoopers. “Hackers are beginning to change over to other platforms that hadn’t been traditional targets, particularly to mobile.”

As Apple products become higher-profile targets, its response is going to be tested. The company’s stance on security has long been “don’t worry about it.” For instance, on its website Apple says simply, “Mac OS X doesn’t get PC viruses.” The iPhone and iPad websites don’t even mention security.

Apple claims that the Unix framework that its Mac operating system is built on is inherently safer than Windows. The truth is that Mac OS has as many vulnerabilities as Windows, according to Nigam — Apple patches its products just often as Microsoft does.

In the past, Apple has responded quietly when vulnerabilities are exposed, patching products through automatic updates with no announcement. The company’s famous “Get a Mac” ads say Microsoft’s constant security updates and alerts interfere with users’ ability to do work on their computers. Ironically, Apple’s Safari browser’s lack of security alerts is one of the factors contributing to the security hole in the iPad, according to Goatse Security.

“Suggesting Apple doesn’t get viruses gives its users a completely false sense of security,” Nigam said. “It’s essentially taunting hackers. They’ll take it as a challenge, and just start exploiting Apple’s user base.” As a result, Nigam suggested it’s time for Apple to change it’s attitude. Right now, Apple prioritizes the user experience ahead of security. That can backfire. ”Apple has the capability to take charge of this situation now,” he said. “If it doesn’t, it’s risking damage to its reputation for the long haul, a la Microsoft.”

Previously only bookmarks could be synced across various machines, but with this latest release, users will now be able to port their preferences – including zoom defaults, themes and homepage settings – to the various computers they browse from. By associating browser settings with a Google account, users can quickly sync the settings on their various installations of Chrome.

Additionally, this newest version of Chrome now supports some fancy new HTML5 features, including geolocation APIs, and drag-and-drop functionality. Beta release testers of Chrome may have already spotted the ability to use Google Maps’ location functions, as well as drag-and-drop of attachments from within Gmail.

Chrome Benchmark Results

According to Google, today’s release of Chrome is the fastest ever, improving “by 213 percent and 305 percent in Javascript performance by the V8 and SunSpider benchmarks” since its initial beta release. Google is also working with Adobe to fully integrate Flash into the browser with new plug-in APIs, but this will not be available until the next full release of Flash Player in the near future.

Good news for users of Google’s Chrome browser on the Apple platform. Extensions and bookmarking are now fully supported (thank goodness!).

The new version means users can take advantage of more than 2,200 extensions that add features and bolster the usability of Chrome within Mac OS. Extensions can be selected and managed through the options menu.

As for bookmarks, Google explains that bookmarks can be synced between multiple computers, even between Macs, Windows and Linux machines. It also adds bookmark and cookie managers “in a way that feels completely at home on the Mac.” A new Task Manager will help power users keep better track of tabs.

For the impatient, the new version can be downloaded right away. The version number is 5.0.307. The link is here. Haven’t tried it yet? Well it seems to be catching on fast and is super fast, so you might want to give it a shot because it could just replace your current browser… it sure did for me!

Here are a couple of videos that Google through together to explain how it all works.

Unlike the earlier variants which only posed as versions of QuickTime, this one also poses as pirated versions of Foxit Reader and several antivirus applications. In addition, like the June variant of JAHLAV—OSX_JAHLAV.B—at least one website hosting OSX_JAHLAV.I could also deliver malware onto Windows systems, although the said file is no longer available from the said website.

This is bad news as it seems that lately there have been more and more attacks on the Mac community. Macs are known to not really have many types of security threats that they need to watch out for allowing a good number of users to not even worry about having antivirus software installed. If Mac users are not careful they are going to be easy targets for some of these new threats if they continue to browse around with their care free attitude.

So even for all you Mac users out there, you are not completely safe from the dangers on the internet. There are guys out there trying to compormise your system to use it for very bad things so if you do not have antivirus software installed I would highly suggest that you look into it. Even if you do not want to buy any software for this there are tons of free versions out there as well so there is really no excuse.

The Trojan is supposedly a QuickTime Player update with the file name QuickTimeUpdate.dmg. As with its earlier variants, users are prompted to download the malware when trying to view certain online videos from .com domains with the IP address, 91.214.45.73 such as:

• allincorx
• bigdron
• cikaredo
• civilizxx
• comeandtryx
• deribrowns
• draxxtermania
• givendream
• hitrowzone
• jumborad
• ltdkeeper
• operationelx
• oxxadox
• paxxtiger
• rednetx
• rstdeals
• simplexdoom
• sinisteer
• tdenuwas
• tniredrum
• ufapeace

If infected, a victim’s Web traffic can then be diverted to the website of the attacker’s choosing.

The Trojan contains component files detected as UNIX_JAHLAV.D and obfuscated scripts detected as PERL_JAHLAV.F. The Perl script then downloads a file from a malicious site and stores it as/tmp/{random 3 numbers}, detected as UNIX_DNSCHAN.AA, which allows a malicious user to monitor the affected user’s activities. This may also cause the user to be redirected to phishing sites or sites where other malware may be downloaded from.

Trend Micro Advanced Threats Researcher Feike Hacquebord notes the domain names have been set up such that when the main IP goes or is taken down, cybercriminals can easily move the backend to another IP address without the need to change code or scripts.

It would serve Mac users well to stay away from the above-mentioned domains and IP addresses or be wary of prompts to download software updates that do not come from Apple’s legitimate website. This is just another small example that proves that even Mac users aren’t

The variants have been found inside bogus copies of iWork ’09 and Adobe Photoshop CS4 which were shared on the popular p2p torrent network. The author of the malware downloaded the original/trial versions of each program and introduced a copy of the malicious binary into the packages.  Users who then downloaded and installed the applications from the torrent download would have been infected. It is estimated that thousands of people have downloaded the infected torrent files.

They describe this as the “first real attempt to create a Mac botnet” and notes that the zombie Macs are already being used for nefarious purposes. The researchers pointed to this blog entry that describes a PHP script, running as root, launching attacks against an unknown Web site.

The article goes into detail on the botnet’s peer-to-peer engine, startup and encryption capabilities and configuration file structure and concludes that the person who wrote the malware is not the same as the person who actually ‘used’ it. “The code indicates that, wherever possible, the author tried to use the most flexible and extendible approach when creating it – and therefore we would not be surprised to see a new, modified variant in the near future,” the researchers added.

Doing some reading about this new threat I came across a pretty simple and easy way to quickly disinfect yourself. If you think you and your Mac may have been infected by this, you can take the following steps to help clean up your system:

1. open Terminal.app
2. sudo su (enter password)
3. Type “rm -r /System/Library/StartupItems/iWorkServices”
4. Type “rm /private/tmp/.iWorkServices”
5. Type “rm /usr/bin/iWorkServices”
6. Type “rm -r /Library/Receipts/iWorkServices.pkg”
7. Type “killall -9 iWorkServices”

Hope this helps, and if anyone who thinks they have been hit by this and don’t understand how to do the above steps, feel free to leave a comment or contact me through the “Contact Us” page and I will be glad to help!

As for the Linux version, Google initially thought that a Windows clone would be acceptable, since Chrome itself is already such a fast application. However, the people working on the Linux version of Chrome made a case for using Gtk+ instead, and Google went with that option. Since Chrome is open source, it could still be possible that a Qt version will be developed independently of Google, of course.

When it comes to the Mac version, Goodger explains that the plan there has been to develop a native version all along. ”A Windows-clone would most definitely not be acceptable on MacOS X,” Goodger says, ”where the APIs for UI development are highly evolved and have many outstanding features. So that’s always been the plan there.” The Mac version is coming along nicely, and Google hopes to deliver both the Linux and Mac versions somewhere in June. Hopefully, they will also implement something like Firefox’s NoScript extension because according to some users, the security model is still lacking.

iWork ’09:

Mac security software maker Intego discovered last week what it calls “OSX.Trojan.iServices.A” in pirated copies of Apple’s iWork ’09 making the rounds on BitTorrent file sharing networks.  An additional package not found in retail copies of the iWork installer called “iWorkServices.pkg” is installed as a startup item with read/write/execute abilities with the pirated versions. According to Intego, the rogue software connects to a remote server to notify its creator that the trojan has been installed on different Macs, and he or she can “connect to them and perform various actions remotely”, including downloading additional components to the machine.

Intego considers the risk of infection to be serious, warning of “extremely serious consequences” if a user’s Mac is compromised by software. The security firm said 20,000 people had already downloaded the installer at the time of its alert.  As of now, Intego counts 1,000 more since the initial warning. In an update on the matter Monday morning, Intego said Macs infected with the trojan are being pushed new code that downloads in the background, which is then being used to facilitate a DDoS (distributed denial of service) attack on certain websites.

Photoshop CS4:

As part of its update, Intego also says it has discovered a new variant of the same Trojan horse called “OSX.Trojan.iServices.B”, which can be found in pirated versions of Adobe Photoshop CS4.  This installer has already been downloaded by 5,000 people who are now at risk, the firm says. This installer compromises the system not by installing an additional package, but through a crack application that serializes the program for use without a purchased retail key.  This app extracts an executable from its data and installs a backdoor in /var/tmp/.  If the user runs the crack app again, a new executable with a different random name is created, making it difficult to safely remove the malware.

Once the administrator password is entered, a backdoor with root privileges is launched, copying the executable to /usr/bin/DivX and a startup item in /System/Library/StartupItems/DivX.  It then makes repeated connections to two IP addresses, according to Intego. A malicious user can then connect to the affected Macs and perform various actions and downloads remotely.  Intego predicts this Trojan horse may also be used to execute similar DDoS attacks.

Warning:

As a result of these two very serious risks, Intego is warning Mac users not to download any cracking software from sites that distribute it.

“The risk of infection is serious, due to the number of infected users, and these users may face extremely serious consequences if their Macs are accessible to malicious users,” reads a notice on the security firm’s website.

Intego recommends that users never download and install software from untrusted sources or questionable websites.  It says its own VirusBarrier X4 and X5 products with virus definitions dated January 22, 2009, or later will protect against these two Trojan horses. This just goes to show that not even the almighty Macs are immune to viruses these days and as Apple’s line of computers continues to get more popular, these hackers will start to produce more viruses for them as it is starting to be worth it to infect Apple computers! So be safe out there on the internet and make sure you have a decent antivirus program protecting you always!

Intego said OSX.RSPlug.D has been widely confused with a separate threat publicized this week by several security firms. That threat is called OSX.TrojanKit.Malez by Intego and OSX.Lamzev.A by other vendors, including Symantec and Trend Micro.

OSX.Lamzev.A is a hacker tool designed primarily to allow attackers to install backdoors in a user’s system, according to Intego. However, the company dismissed the tool as a serious threat because a potential hacker has to have physical access to a system to install the backdoor. ”Unlike true malware and Trojan horses, OSX.TrojanKit.Malez requires that a hacker already have access to a Mac in order to install the code,” Intego stated. Other antivirus vendors noted that Lamzev could be disguised as a piece of legitimate software and used to trick users into creating the backdoor themselves.

Lamzev is not related to RSPlug, despite several high-profile reports confounding the two, Intego emphasized. “This hacker tool has nothing to do with the RSPlug Trojan horse,” Intego stated. Security vendors have long warned that the Mac platform is not as secure as some users might like to believe. Apple had not responded to a request for comment at the time of publication. So with the Mac OS X on the rise and with more and more people starting to use Apple computers, we can only expect these types of attacks to increase. Basically, Mac users need to be careful when on the web because as much as they like to think their computers are safe, they have threats out there as well!

The biggest improvement to OpenOffice 3 is the ability to open Office 2007 files. However, some files, such as .docx, .xisx, and .pptx, can only be read. The second major enhancement is a new version for the Apple Mac. The upgrade installs and runs like a normal OS X application. For the longest time now since Microsoft Office 2007 has been growing popularity and more people are using it, the most common problem was that when someone saved the file in the default 2007 format, Open Office could not open the file to read. Now with this new version out and kicking, users of Open Office now have that ability to read those files and although they can not alter them in that format, they are able to save them to formats which will allow them to edit the documents. This is also good news for Mac users because with this version Open Office installs and runs like a native Mac program would on the system.

This release was big enough to also cripple the Open Office website for almost a day and a half with tons of people trying to download the latest version and give it a go! Almost all day Monday and well into Tuesday they had a message up on their site which stated:

Apologies — our Web site is struggling to cope with the unprecedented demand for the new release 3.0 of OpenOffice.org,” the site said. “The technical teams are trying to come up with a solution.”

All that was on the site other than this simple message was different links to download the software. With me dual booting Windows XP and also Ubuntu Linux, this is a very good release for me and others like me because now I can work on my stuff saved with Microsoft Office on my Linux partition when I am booted into Ubuntu. So download and Enjoy!

Click Here for the official Open Office Website!