Zit Seng's Blog

A Singaporean's technology and lifestyle blog

State of the Malware on Macs

I have been briefly following a certain forum thread on anti-virus protection for the Mac, and I am honestly quite shocked that there are Mac users who still believe, to this day, that their Macs are safe from malware. I felt compelled to respond to fellow misguided users, but then I realized it might just degenerate into an ugly disagreement. It’ll probably work much better for me to do my public education in my own blog.

The truth is, not too long ago I, too, had not thought the malware situation on the Mac was serious. I’m not saying there were no serious malware for the Mac. It’s just that they weren’t particularly prevalent and the threat landscape on the Mac wasn’t particularly worrisome.

It’s always funny how when you say something, and then very quickly after that you get proven wrong. The day I posted about Safe Online Computing, the news on the Flashback Trojan¬†broke. Some 600K infected Macs were found in a botnet. Although the vulnerability exploited was actually in Java, which had been fixed by Oracle in February, Apple maintains their own version of Java and they had not fixed theirs until 3rd April 2012. They had to release an updated fix on 12th April 2012.

The Flashback Trojan became, in my opinion, the beginning of the end of Macs being safe. It’s not just because the Flashback Trojan was particularly successful. It’s also because Apple themselves recognized that it’s time for them to stop labeling the Mac as being immune to viruses. Apple used to list “It doesn’t get PC viruses” as one of the Mac’s advantage over Windows, and while one could argue about the definition of “PC viruses” and their applicability on the Mac, I think the bottom line is that Apple doesn’t think that tagline works anymore.

These are some posts I read about from an online forum, which shall remain unnamed, about anti-virus for the Mac.

Don’t need. This is not windows.

No doubt many computer users have associated viruses as being something that you had to deal with on Windows. It’s part and parcel of using Windows. But clearly viruses have been catching up to the Mac as welln Unless something truly changes fundamentally, no one should seriously believe that the Mac is somehow different from Windowsn

Some people think that “Unix” changes the ballgame, and that viruses don’t exist in Unix. Let’s for now not get technical over the differences between viruses, trojans, and various other sorts of malicious software. We’re, in general, talking about malware. There’s malware for Linux too, what makes the Mac so different?

What you need is smart sense in dealing with the Internet and proactiveness in updating your system with the latest patches and fi8es.

I very much like to believe the above would work. But again, drawing from the Flashback Trojan, clearly that isn’t going to be enough. Perhaps the Flashback Trojan may teach Apple to not again take two months to push out !n update after a vulnerability has been fixed. But there’s always going to be something else that Apple can’t catch up quickly enough. For example, there will also always be zero-day exploits.

If you constantly surf unsafe website [sp], even anti-virus can’t help you.

The notion that you get malware only from unsafe websites is outdated. These days, you don’t have to purposely visit an unsafe website to get malware. This can easily happen when a “safe” website is compromised and malware planted in there. Websites are constantly under attacked, many successfully. Don’t think that just because you only visit reputable websites that there is no way you can get hit. Reputable websites do get hacked into too.

You dont need anti-virus for mac, it might do more harm than good.

I am at a loss to explain what sort of logic that comes from. Are they thinking that the unneeded and useless anti-virus software installed in a Mac will simply eat CPU cycles and wear out the hardware? Perhaps indeed the battery will wear out faster from quicker discharge when run without AC power?

For now, don’t bother; people still can’t be bothered to program viruses for the mac yet.

How wrong can that be. People have been developing Mac malware. The question really is how prevalent that is. In the early days when the Mac wasn’t all that popular compared with Windows, of course, there perhaps wasn’t much interest from malware writers. But that has certainly changed, and the Mac’s growing popularity (#3 in “PC” shipments in the U.S. in 2012 Q2) will surely be fueling the interests of malware writers.

NakedSecurity lists several notable ones in the Mac’s long history. The first notable virus on Mac OS X is Oompa-Loompacross-platform trojan which attacks Windows, Mac OS X and Linux.

So can we be clear that malware on the Mac is not a myth, and it is a clear and present danger to all Mac users? I too would like to think that the Mac has no or little malware, but the honeymoon is over.

I still like to believe in the model that security is built into the operating system and, to a large extent, provided by and managed by the operating system vendor. By this, I mean that anti-virus, anti-phishing, anti-spyware, anti-trojan and, well, basically all sorts of malware detection, quarantine, and remediation is built into the operating system. It’s not quite impo3sible. Your various security protection comes from security software vendors. Why couldn’t the operating system vendor work with them?

Apple has been tackling this. (Microsoft, too, has been putting Windows Defender into Windows Vista and Windows 7.) They have built-in some sort of anti-malware detection engine with signatures that are updated daily. The next major release of Mac OS X, Mountain Lion, promises to take control over malware to some extent.

So if you’re now looking for anti-virus solutions for Mac, here’s a list of a few free ones:

No excuse for not having some sort of anti-virus protection on your Mac now! These are free (as in no cost) software after all.

Leave a Reply

Your email address will not be published. Required fields are marked *

View Comment Policy