How Safe is your Mac?

Written by James Harder Monday, 14 June 2010 10:23

When questioned about their computer’s security and vulnerability, Mac users generally smile and reply with confidence, “I’m on a Mac.” The Mac user’s confidence is based on the belief that using a minority OS keeps them off of the malware / virus writers radar. The facts, however, dispel this idea as Mac users have plenty of nasty threats on the Internet to worry about.

 

It’s true that Mac OS doesn’t have nearly as many known Trojans, exploit kits, or other types of malware that Windows variants do. However, Mac users should be aware that new malware targeting Mac OS is found nearly every week, and the amount of malware targeting Mac OS seems to be growing along with Apple’s market share. A recently discovered Trojan called “HellRTS” (aka Pinhead) disguises itself as the popular iPhoto app and has back-door functionality. Another recent malware dubbed “Onionspy” enters your computer in the form of free screensaver packages. During the installation process, the malware is downloaded and infects your computer.

Apple’s recent surge in popularity, coupled with the common mentality about Mac invincibility, actually makes OS X a prime target for botnet authors and exploit pack designers. In fact, a botnet comprised of OS X machines was already discovered in January 2009. The Trojan was bundled with cracked copies of iWork and Adobe Photoshop CS4 available on P2P networks. There is inconclusive evidence that the botnet was used in DDoS attacks, but the Trojan didn’t cause much noticeable damage.

Although we haven’t yet seen a major botnet campaign targeting Mac users, it’s only a matter of time before it happens. Mac users need to be aware that they aren’t invincible on the web and should take just as much care as Windows users to protect themselves.