According to Apple‘s popular marketing slogan, people should choose Macs over Windows systems because they ‘just work.’ But as hackers and malware writers start to target the platform, owners might need to do some work of their own to make sure that their Mac continues to ‘just work’ as intended.
Traditionally, Mac users have felt safer than Windows users, and with good cause, because for a long time there was hardly any malware targeting the operating system. It’s been far easier for the bad guys to go after Windows users given the dominance of the platform. But as more and more people – in particular dissatisfied Windows users, who bring their bad habits of clicking on everything and installing everything offered to them – turn to the Mac platform, the operating system is now on the radar of malware writers and other ne’er-do-wells.
About a year ago Mac users were targeted by a piece of malware called Mac Defender. The malware was very primitive by Windows standards and spread using infected image files appearing in Google Image searches, but despite this limited exposure it gained enough traction to infect tens of thousands of Macs. The problem, along with the associated media attention, forced Apple to release a security updates for the Mac OS platform to block it. Then for a several weeks Apple and the malware writers played a cat and mouse. The malware code would be tweaked so it would get past Apple’s defenses, and in response, Apple would release another security update.
The episode was finally brought to an end not by Apple but by Google when it stopped displaying the infected images in search results. But this was not before it was shown that Mac OS was leaving users wide open to attack.
Fast forward to today, and a completely different threat is facing Mac users. It is estimated that some 600,000 Macs have been taken over as part of a botnet by a new variant of an old Trojan called Flashback. This Trojan spreads via infected web pages and exploits Java vulnerabilities that have been known for some time, yet Apple didn’t see fit to release a patch until this week (Java for Mac OS X 10.6 Update 7 and Java for OS X Lion 2012-001).
And it’s not hard to become infected with this Trojan. All the user has to do to become compromised by this malware is visit an infected web page, and if the system is not patched the Trojan will be downloaded and installed silently without the user having to click on anything. The Trojan is incredibly sophisticated and scans network traffic for usernames and passwords, which is records and sends back to the bad guys. If you think that your Mac is already infected, Finnish security firm F-Secure have removal details here.
Note: Apple stopped bundling Java with Mac OS X 10.7 ‘Lion’ but continues to give users instructions via the Safari browser on how to download and install it.As a part-time Mac user myself, I don’t feel that Apple has my back. Apple doesn’t have a good track record of patching vulnerabilities promptly, with it taking the company more than three years to fix one hole. And because of that I feel the need to install third-party antivirus software onto my Macs.
Worried that antivirus software for your Mac will be expensive? Don’t! Sophos Anti-Virus for Mac Home Edition and ClamXav 2 are both excellent products and won’t set you back a dime. If you’d rather go for a paid-for solution then I suggest that you take a look at Intego’s VirusBarrier X6 or Internet Security Barrier X6.
Don’t believe the hype that Mac’s are invulnerable to malware, even Apple has now toned down this rhetoric over the years and now uses tamer phrases such as ‘more resistant to attack.‘ Get protected, and then stop worrying about malware.
It’s that simple.