Tuesday, October 22, 2013

Straight facts about Mac malware, threats and responses

Does your Apple Mac need antivirus software, or any other kind of security software? This question has been asked repeatedly over the years and I think the “correct’ answer has changed over time. So what better time to revisit the question than MacWorld 2013? In fact, I will be at MacWorld in San Francisco this week, along with a number of my colleagues from ESET, so if you want to discuss the question in person, please stop by Booth #423.
MacWorld MacIT iFan 2013
In conjunction with our annual visit to MacWorld, ESET has put together something called “Straight facts about Mac malware” which is available as a printed brochure, an interactive website, and a.PDF file that you can download.

Frankly, I don’t think you have to spend much time looking at “Straight facts about Mac malware” before you realize the time is right to add some anti-malware software to your Mac.

Yet I continue to meet Mac users who are convinced that malware is nothing to worry about. Why is that? As I mentioned in my previous post about securing your Mac, many people have repeated the statement that Macs can’t catch viruses. There may be a qualified sense in which that is true, but it obscures the wider reality that Macs can, and do, get hit with other forms of malicious software.

A slightly different phrase, “Macs can’t catch PC viruses” is most certainly true, but even that statement obscures the fact that Macs can spread PC viruses, a fact of considerable concern to the many organizations that use a mix of Macs and PCs (including those who run Windows on Macs). But what if you are an all Mac shop, do you still need to worry about Mac malware? You do, because there is malware out there written to target and infect Macs, and that’s what you will find documented in “Straight facts about Mac malware.”

Now, when I say “target Macs” that doesn’t necessarily mean the bad guys are interested in your Mac because it is a Mac. A compromised computer, one on which criminal hackers have installed their software without your permission, has plenty of value that is “platform agnostic.” In other words, the bad guys can profit from taking over an Internet connected computing device regardless of whether it is Mac or PC.
If my goal is to put together a botnet, an army of compromised machines (bots or zombies), in order to harvest banking credentials or conduct a Distributed Denial of Service attack (DDoS), I don’t care if the bots are Macs or PCs, or Android phones for that matter. I also don’t care if the malicious code I am unleashing is classified as a virus or a worm or a Trojan, as long as it gets the job done. (And yes, this terminology is sometimes confusing, for example, the way to keep malware of all kinds off your Mac is to use an anti-virus product, even though it will spend most of its time being anti-worm and anti-Trojan, in other words, anti-malware).

Blocking access to an infected website
An example of a Mac antivirus program blocking access to a website infected with Mac malware 
However, there are times when bad guys do take an interest in the fact that you have a Mac. For example, if I am trying to spy on a group of people who typically use Macs, then I might target OS X with my malware. You can see evidence of that inOS X Lamadai and the Dockster OS X malware which attempt to spy on people interested in Tibetan issues and the Dalai Lama.


Post a Comment


Twitter Delicious Facebook Linkedin Stumbleupon Favorites More