I don’t know of any live malware attacking Mac OS X, so you probably don’t need either anti-virus or anti-malware software at the moment. However, this does not mean you shouldn’t run it. If you are a home user, you don’t have to care what happens to your data, but business users do. It may be wise to take precautions, even if they don’t appear to be necessary.
People should also think about protecting their computers if they are a particularly attractive target for some reason. The Mac is not short of security flaws, and security consultant Nitesh Dhanjani recently commented to CNet that “the Safari web browser also has a lousy reputation in the security community — it almost seems a child’s play to locate an exploitable condition in Safari.” The fact that there are no mass exploits for the Mac doesn’t mean that an individual user could not be targeted in a sophisticated phishing attack. Again, even if the risk is very small, some people will want to err on the side of caution.
There aren’t many free anti-virus programs for the Mac, but you could always try ClamXav, which uses an open source antivirus engine. It’s a graphical front end to Clam AV, and also available from Apple.
Fact one: Mac malware is being written and distributed
We have seen more activity on the Macintosh malware front in the last 12 months, and in the last couple of years it has become more and more financially-motivated. Some of the malware is designed to help hackers create backdoor Trojans, which can give them access and control over your Mac.
The bad guys also plant Mac Trojan horses websites waiting for Mac users to visit. Sometimes this is legitimate websites that have been hacked.
This is not a proof-of-concept threat. It is real, and regular Mac users can get themselves infected.
Fact two: Mac malware uses the same tricks as Windows malware
Apple Mac malware has been planted on websites, posing as a program to allow you to watch a saucy video. Guess what? When you install it, the malware downloads additional malicious components from a third party server.
That’s exactly the same way so many Windows attacks work. You visit a website thinking you’re going to watch a naked video of Paris Hilton, Angelina Jolie or some other hollywood celebrity and it tells you you don’t have the right codec, or the right version of Adobe Flash to watch the movie. And when you upgrade yourself – BAM! – you’ve been infected.
Fact three: Mac users are just as human as Windows users
Owning a Mac doesn’t make you any less susceptible to social engineering tricks than Windows users. Mac users are just as keen to view a pornographic video as Windows users are.
Some Mac users in the past have argued that on Mac OS X you need to enter your system administrator username and password to install software, and that this is a defence.
Guess what? If you want to install a codec to watch a porn video, you will enter your username and password.
Fact four: There aren’t as many Mac malware threats as Windows threats
Not by a long shot. The Mac malware threat is still a raindrop in a thunderstorm compared to the problem of Windows viruses, Trojans and worms. But it does exist, and we are seeing some hacking gangs writing malware for both platforms, and planting their attacks on webpages in such a way as to serve up a Mac threat when Apple users visit, and a Windows attack when PC users surf by.
Fact five: Mac users have been more complacent about security
There has been a higher level of security complacency in the Apple user community than amongst Windows users. This is a consequence of Apple users having less threats to worry about (see fact four above), and been exposed to less danger, simply because most hackers have targeted their attacks at Windows.
With many Apple users incorrectly believing that they are somehow immune from the problem of internet security threats, there is the risk that Mac users are making themselves a soft target for future hacker attacks.
Even Apple has now acknowleged there is a malware issue for Mac OS X, and built in some (very rudimentary) protection into the operating system.
Fact six: It’s all about Trojan horses
Sometimes Mac users say “Oh, but these threats you’re talking about aren’t *real* viruses – they’re Trojans.
Well, guess what? 99.9% of the malware we see for Windows are Trojan horses as well. Viruses are rarely encountered on any platform today, as the money-grabbing hackers can make more money through Trojans which are more about making cash rather than ostentatious “look at me” infections.
Fact seven: Me writing this isn’t going to make any difference to those Mac users who don’t want to believe it.
Depressing isn’t it?
Graham Cluley, Senior technology consultant, Sophos
You can read more about Apple security threats on my blog at http://www.sophos.com/blogs/gc/g/category/apple/