This is another reminder of how the security model of desktop OSes is pretty terrible. Every time you install software on Windows, you trust it with everything on your computer by giving it administrative rights.
OS X doesn't have this problem usually, as most apps don't require admin rights to install, you just copy them to /Applications, but it still has some apps that use installers.
I agree, in a way, but what is the point of root access on an OS X workstation? The "good stuff" -- bank accounts, personal data, etc. -- is inside that user account, even if it's not an admin user. And you can backdoor the user account to a point that the average user will never find it, making getting root less of a useful achievement.
Yeah, at this point I'd like a warning on first launch of an app that's not sandboxed (sandboxed apps can only access files that have been selected through a system "open" dialog). Although of course once Apple do that it'll launch cries of slippery slope across the community and it won't really help casual users who don't understand the security model...
OS X doesn't have this problem usually, as most apps don't require admin rights to install, you just copy them to /Applications
/Applications requires administrative rights to update. I never use an admin account for every day activity, so I need to type in a password to update /Applications.
There still is not (AFAIK) much partitioning between apps on most desktop OSes. So even if a malicious app doesn't have admin rights, it still can run under your UID, which is almost as bad as it then has access to nearly everything you care about.
Apps on OS X that have been installed through the App Store are sandboxed which is pretty close to the partitioning on iOS - for instance they can only access files the user has explicitly given access to (open dialog, double-clicking, drag and drop onto the app).
That doesn't help you with apps you downloaded through the web though, which for me is all my apps because the App Store is a PITA.
Pretty much true. As these attackers stated on their own twitter "You ran it as admin, just be glad we didn't steal everything". All it takes is user access to dump all your stored passwords and run, which is what most attackers would do (there are even public tools they can deploy like iStealer that basically do this for them), from there they sell your accounts. From what I gather on their twitter these guys are pretty much doing it for the lulz.
OS X doesn't have this problem usually, as most apps don't require admin rights to install, you just copy them to /Applications, but it still has some apps that use installers.