23 Feb 2010
When reading comments on articles about Mac security, you find many people who are in denial about malware that targets the Mac. Granted, there are far fewer viruses, worms and Trojan horses affecting Macs than Windows PCs, but the risk is real, and it’s getting worse. In fact, the complacency of Mac users, who have almost been led to believe that their platform is germ-free, may lead to more serious outbreaks should virulent malware target the Mac. Most Mac users don’t know how to react to a malware attack.
If we look at 2009, we can see that malware writers are increasingly targeting the Mac. In January, shortly after Apple announced a new version of its iWork suite of productivity software, malware writers took advantage of it. Mac users who downloaded the software via BitTorrent were also treated to the iServices Trojan horse, hidden inside the iWork installer. The iServices Trojan opened a back door on infected Macs, and it connected to remote servers to download new code. It was actively used as part of a botnet that was involved in distributed denial of service attacks and more.
Shortly thereafter, the same cyber criminals planted the next version of their malware with copies of Adobe Photoshop CS4 for Mac found on BitTorrent trackers. The Photoshop installer was clean, but the Trojan horse was found in a crack application used to serialise the software. Functioning in a similar manner to the first version, the iServices.B Trojan horse allowed remote users to perform actions on infected Macs.
The RSPlug Trojan horse, which was first discovered in October 2007, exists now in more than a dozen variants. There were six new variants in 2009, some masquerading as video codecs, and some which claimed to be games, MP3 files and others. Several other types of malware targeting the Mac were spotted during the year. Phishing attacks targeting Mac users were on the rise as well, with well-crafted emails, purportedly from Apple, being sent to entice subscribers to the company’s MobileMe online service to surrender their credit card numbers. Other phishing emails specifically target users of other Apple products, such as the iPhone and iPad.
Malware is not the only security threat to Macs. Operating system and third-party software vulnerabilities can be chinks in computers’ armour, allowing remote exploits to take advantage of unpatched weaknesses. Apple issued 34 security updates in 2009, to patch Mac OS X, its software and hardware. Popular third-party software also saw a number of updates.
One of the new ways hackers can target Macs is by taking advantage of these vulnerabilities and attacking computers from web pages and over a network. A number of exploits are available that can gain access to Macs easily, if a user simply visits a web page. A noted Mac security researcher won a Mac hacking contest by exploiting a bug in Apple’s Safari web browser; all he did was point the computer to a booby-trapped web page and he took control of it.
For this reason, it is no longer sufficient to protect Macs with a simple anti-virus program. The only way to ensure that Macs are safe is to use combined protection, where anti-virus software works in concert with a two-way firewall, and software that protects from web threats, phishing, spyware, Trojan horses and more.
Apple’s market share is on the rise, and malware writers are sensitive to the
fact that Mac users are generally in a higher income range, and have less
experience dealing with security issues. And with targeted attacks from poisoned
web pages, cyber criminals can take control of Macs when users simply surf the
web.
Laurent Marteau is a BCS contributor
just passed by this and have to say that while I was administrating a company that had a lot of macs generally we had no issues with viruses etc the biggest problem was the denial of the users that there could be a problem, to the extent that when someone brought an infected word file in almost every user tried to open it on their mac before I found out and stopped them, and they said, well its a microsoft file!
the comments here just show that rather than being responsible about the fact that macs can be a target even if the risk is lower the general response of mac users is defensive, denying there is an issue because this is a browser problem or this is because of illegal software denies the fact that mac users should be careful and aware they too can affected by malware
Posted by: dave 06 Apr 2010
So how do people think you get a virus on a PC? By exactly the same ways the article mentions here for the Mac. Visiting a bad website, opening a silly attachment etc. If I have a PC and never read emails and the only website I go is bbc.co.uk/news do you think I will get a virus? That exactly proves the point of the article that mac users are not used to that kind of attacks, some of them are even in denial. Without anti-virus & firewall everyone is vulnerable.
Posted by: panos 24 Mar 2010
It always makes me chuckle when people come out with this completely unfounded rubbish, if you actually read the article and try to pick up on this alarming "rise" in Mac Malware you get:
1. You might get a trojan if you download some ILLEGAL software from a completely UNTRUSTED source.
2. You might get a trojan if....you could somehow be convinced to go to a suspect website, decide you want whatever is there to download, download it, put your username and password in, and then install it.
3. You might be the victim of a phishing attack
4. The Web Browser has security vulnerabilities.
So my answers would be,
No1: It's a trojan, a not very sophisticated piece of software that cant do anything to infect your machine UNLESS YOU INSTALL IT!!
No2: See Above
No3: Oh come on now is that the best you can come up with, really. Phishing is a completely OS agnostic problem and depends on the users stupidity and gullibility so to highlight it as a growing problem facing Macs just shows how ridiculous your whole argument is becoming
No4: Welcome to the IT World again as above this is a problem that faces pretty much every browser on every system, so it seems its a lazy point again.
I would just like to point out that there has never been a proven case of virus and/or a worm written for MAC OS X that has been shown to do ANYTHING of any consequence outside of a carefully controlled Lab environment.
I'd love a follow up article on this where Mr Marteau could at least TRY and validate some of his frankly rather stupid claims
Posted by: Jamie Forder 08 Mar 2010
Had mr. Marteau's vested interest as CEO of Intego (a supplier of Mac security software) been disclosed the tone of this article could have been put into context.
No, Macs are not impervious to attack. No computer that exchanges data with other machines ever is, with or without security software.
Examining the piece mr. Marteau points out that people installing software from dubious sources or using license cracking (let's face it stealing software) are vulnerable to malware ? Anyone surprised by this? Installing codecs from dubious sources, again no surprise that this makes you vulnerable. Responding to unsolicited e-mail, no surprise there either. All of these vulnerabilities require nothing more that common sense to avoid and, importantly, they will always be a problem even with defensive software in place because all scanners lag behind new viruses and malware meaning you can lose a lot before they catch up.
Mr. Marteau points out that Apple and other application vendors release security updates. Hardly a reason to buy his company's products but a sign of some diligence on the part of the application developers.
Don't install software from dubious sources. Don't respond to unsolicited e-mail (no matter the apparent source). Ensure that you keep your OS and applications up to date. Keep a firewall in place blocking incoming connections (most people can block all incoming connections and those who might allow connections probably understand how to secure their machine). Monitor all out-going traffic using a firewall, something like LittleSnitch is ideal. These are the best ways to protect any machine irrespective of the OS used.
In just one paragraph mr. Marteau provides a reason to install protective software; malware delivered via web sites. Certainly it is easy to find oneself visiting websites that, possibly unknown to the site owner, hosts malware. If you are concerned about this then run a virtual machine with no connections (e.g. shared folders) to the host, then use this to surf less trustworthy sites and you will be reasonably secure (just don't use it for any internet use you need to be secured, like banking).
Anti-virus and malware protection is a relatively small part of securing a machine. You might also like to consider that anti-virus and malware programs are as open to attack as any other software and using them can give an even greater false sense of security leading to more of the complacency that mr. Marteau would have us all be concerned about.
Posted by: Mark Bools 25 Feb 2010
If only I cared but sorry, considering Macs have pretty much usurped Microsoft as the big "EVIL" & boy, that's saying something, why would I care? I don't.
I don't use Mac/Apple (whatever it is now) nor do I use Microsoft's proprietary OS. They deserve each other & may they both fry in hell, not that I believe in hell.
Posted by: Rex Alfie Lee 25 Feb 2010
Have your say on this article
Newsletters
Latest stories from Security Technology
You may also like
Security Technology jobs
Technology Patent Wars
Case studies from large organisations across all sectors
... And rich media, and flexible working, and peaks in traffic ...
Upcoming Events
Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.
Date: 31 May 2012
Time: 11:00 AM
Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.
Date: 13 Jun 2012
Time: 11:00 am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
