this post was submitted on 06 Sep 2023
90 points (95.0% liked)

Apple

17647 readers
159 users here now

Welcome

to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!

Rules:
  1. No NSFW Content
  2. No Hate Speech or Personal Attacks
  3. No Ads / Spamming
    Self promotion is only allowed in the pinned monthly thread

Lemmy Code of Conduct

Communities of Interest:

Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple

Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode

Community banner courtesy of u/Antsomnia.

founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] _bug0ut 5 points 1 year ago* (last edited 1 year ago) (1 children)

I'm not sure where I said anything about the reason any of those platforms get viruses because you're right, Windows was often more targeted because its footprint was massive by comparison (whole lotta end users out there, but also tons of domain controllers and enterprise systems running it) - I'm not arguing that.

AMOS itself is distributed in all kinds of ways including phishing, being bundled into crap no-name software, shady ads, tainted torrents, whatever. You still have to be tricked into downloading whatever it is that infects your machine with it.

As to this partially being Google's fault, from the article itself:

The ads are legitimate and paid for but disguise themselves as the website or software the user is searching for.

In the given example, it sounds like the ad was for Trading View, a pretty popular stock market charting platform, but the ad itself took users to trabingviews.com and it looked like a clone or Trading View's site or some kind of landing page that purported to be a download for a desktop client. In the Malwarebytes article I share below, the fake URL purporting to be Trading View's website is actually tradingsview.com

I'm not exactly sure where you're getting the idea that this was a fake ad caused by malware pre-existing. These are "legit" Google ads that are bought and paid for and not quality checked by Google before they display them.

Here's the article directly from Malwarebytes, the folks who kindly did the write up the author of the above article is talking about:

https://www.malwarebytes.com/blog/threat-intelligence/2023/09/atomic-macos-stealer-delivered-via-malvertising