True confession: malware on my Mac
Summary: I'm an experienced computer user. Imagine my shock when I found I had over 25 pieces of malware on my Mac!
I'm an experienced computer user. Imagine my shock when I found I had over 25 pieces of malware on my Mac!
Ed Bott's been having fun with the 1st ever Mac specific phishing attack - MacDefender - so I checked it out. Following Adrian Kingsley-Hughes excellent suggestion, I downloaded the free Sophos Antivirus for Mac and let 'er rip.
A mere 6 hours later, Sophos gave me the bad news: 25 pieces of malware on my undefended Mac! OMG!
I made a silent promise to never laugh at hyper-ventilating, Windows-bigot alarmists again.
25 viruses!!! OK, a mix of viruses, phishing attacks and trojans. But 25! Holy crap!
With trembling fingers I brought up the helpful Sophos descriptions for each one.
Living the "impregnable Mac" fantasy Then came the 2nd shock: it was ALL Windows malware! Not a single piece of Mac malware. And none since then.
I'd no idea Windows malware was that bad. Lambs led to malware slaughter by Window's 90% market share. No wonder Windows bigots are ecstatic over 1 piece of Mac malware!
The Storage Bits take Seriously, would any Mac user who believed his machine impervious to malware buy a flashing "scanning for viruses" message? No, it's folks who don't know any better who fall for it.
It's the ignorance, stupidity and gullibility that scam artists have exploited for millennia - in computer guise. We can't idiot-proof the Internet.
Macs really are more secure than Windows. But people still have to use their brains to avoid every scam - which means some scams will work - regardless of platform.
What do I tell my Mac-using computer illiterate friends about Mac malware?
First, ignore the alarmists. Mac's are well locked down as they're based on Unix. Hackers have been beating up Unix for decades and it's solid.
Make it harder: don't download apps from sites you don't know; don't open up zip files from people or companies you don't know; don't install anything - which requires your password - if you didn't specifically want to install it. If in doubt, leave it out.
Buy new apps from the App Store. They're safe and will automatically be updated - with updates from the App Store.
One more thing: go to Safari Preferences->General and UNCHECK "Open "safe" files after downloading". Exploits can come in through JPEGs and movies. Only open files that you selected and trust.
Much of that advice goes for Windows users too. Except you should be alarmed: Windows malware is everywhere!
Comments welcome, of course.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
RE: True confession: malware on my Mac
I wont bother to point out the phishing attacks are not OS specific.
To quote a poignant statement I recently read "It's the ignorance, stupidity and gullibility that scam artists have exploited for millennia - in computer guise. We cant idiot-proof the Internet." It is just this ignorance that would allow an experienced computer user to download Windows executables on a Mac.
By the way, most of anti-virus software detects many utilities and ...
Better to prepare for the worst, instead of hoping for the best
[i]So how many of these twenty five pieces of "malware" on Robin's system are *actually* malware, is not known.[/i]
Does that matter? Why not just assume they all are malware, and protect yourself in the off chance they really all are all malware?
It doesn't cost you anything.
RE: True confession: malware on my Mac
RE: True confession: malware on my Mac
RE: True confession: malware on my Mac
RE: True confession: malware on my Mac
What do I tell my Mac-using computer illiterate friends about Mac <a href="http://www.careworx.co.uk">care home jobs</a> malware?
First, ignore the alarmists. Mac???s are well locked down <a href="http://www.careworx.co.uk">care jobs</a> as they???re based on Unix. Hackers have been beating up Unix for decades and it???s solid.
Make it harder: don???t download apps from sites you don???t know; don???t open up zip files from people or companies you don???t know; don???t install anything - which requires your password - if you didn???t specifically want to install it. If in doubt, leave it out.
Buy new apps from the App Store. They???re safe and will automatically be updated - with updates from the App Store.
One more thing: go to Safari Preferences->General and UNCHECK ???Open ???safe??? files after downloading???. Exploits <a href="http://www.careworx.co.uk">nurse jobs</a> can come in through JPEGs and movies. Only open files that you selected and trust.
Much of that advice goes for Windows users too. Except you should be alarmed: Windows malware is everywhere!
RE: True confession: malware on my Mac
And yet no Apple competitor has started selling anything that clearly answers a fundamental question: ???Why should somebody buy this instead of an iPad???? Sure <a href="http://www.married-woman-personals.com/have-an-affair.html">have an affair</a>, it???s easy to point at specific things that other devices do better (or at least differently) than the iPad, and some of the people reading this article can explain why they chose another tablet and don???t regret the move. (If you???re one of them, please do!) Still, sales figures for tablets show that when consumers compare the iPad to other choices <a href=http://www.LLCinPA.com>Pennsylvania LLC</a>, an overwhelming percentage conclude that the iPad is the best option.
RE: True confession: malware on my Mac
This was a really interesting read. As a <H1><a href="http://www.my-houstonchiropractor.com">Houston chiropractor</a></H1>
I can really appreciate this article.
RE: True confession: malware on my Mac
Good question. All the files in question came in the form of spam emails - such the "United Parcel Service notification" spam - which includes a .zip file with the malware. I delete them, but I don't catch all of them.
If someone made such a file specifically for OS X, I'm sure they'd catch some folks. But they haven't - yet.
RE: True confession: malware on my Mac
On top of that, the whole "Don't view JPEGs from untrusted sources" thing doesn't apply 100% of the time. The fact is web developers are careless, and even if you trust someone, they could be subject to an XSS attack and be displaying hostile JPEGs, which can lead to arbitrary code execution. The only thing that points to is antivirus software.
The key here is yet
the pwn2Own contest show us that your "exploit" is not coming... the code execution vulnerabilities you are pointing out, STILL NEED THE USER TO BE socially engineered, even Charlie white's exploits REQUIRE an accomplice sitting at the Mac pointing the mac to a website...
this is the most sophisticated attack yet, yet it takes months for charlie white to identify a buffer overflow, and then weeks to write an exploit by experimenting with that buffer overflow, AND AFTER ALL THAT, it is exactly the same, in that the user still has to be coaxed to a malicious website....
no black hatter (as opposed to the white hatters like charlie) is going to spend that kind of time for the same results it takes him a few hours to do... proof is in MacDefender.... which is simply telling a person a lie, like someone calling and telling you your roof needs to be fixed, and then you telling us that your phone is has a critical vulnerability???... whatever....
here i will prove the point further, i will set up a 10.4 OSX on a mac pro make it a server, with NO PATCHES connected to the web, i'll give you the IP address, and an open port, and I challenge you or Charlie white or ANYONE ELSE to break into it and tell me something individual about it.... I will even offer $100,000 dollars to the person who does it... remember this is a 5 year old system, 2 generations behind WITH NONE of your precious "arbitrary code execution vulnerabilities" patched, ALL of them open, NO PATCHES, and not a single person can exploit that mac....
why is that????? if you did that with a 5 year old Windows OS, you're system would be a bot within mins, it was shown that it took i believe less than 4 mins for a Windows system, the same Mac from that era, was never hacked, yet it was probed about the same number of times the windows system.
that is what a user needs to be concerned with, can someone just go into a mac user's system without their permission, (like they used to do within seconds of a Windows OS being plugged in to the web) and taking over their computer....
a slightly educated Mac user can tell a social engineering con a mile away... we don't need protection from that.... we need to know about the "virus" the thing that is autonomous, or a remote exploit, an autonomous action... not a single exploit like that for OSX, and there never will be.. because OSX will be a completely new OS long before anything like that could happen.
don't believe my 5 year old challenge?
put "h t t p :" before, and "h t m" after.
//www.usatoday.com/money/industries/technology/2004-11-29-honeypot_x.
notice how many times the systems were probed, notice that OSX had zero vulnerabilities, also notice the Windows falling within a few mins...
you could take that SAME exact OSX system, with NO PATCHES, NO updates, and plug it into the internet today, and make it a server even, still no remote exploits...
yet people still come here and say, "not yet" notice how old that system is.... the point isn't how bad Windows was... which it was, but that if there is "yet" to be an attack, why won't a 6 year old OSX system fall even today?
RE: True confession: malware on my Mac
And FYI, the accomplice's role was to click a link, that's all... Nothing more. No downloading a file, no authenticating like mac defender. If someone authenticates, you're not pwning the machine, and that can't qualify for pwn2own. What makes that a compelling attack vector is the prevalence of XSS attacks in the wild. The way IE-based attacks spread so rapidly is the fact that so much web software is vulnerable to XSS attacks, and thus making it easy to embed exploit code in trusted websites.
RE: True confession: malware on my Mac
I'm pretty certain you don't have $100,000 to back up your offer so I guess you're safe.
RE: True confession: malware on my Mac
Nowhere did Robin say that Mac OS X is invulnerable. I hear this argument all the time, that Mac users "claim the mac to be invulnerable," yet I have YET to see anyone claim that.
However, since there are still ZERO viruses for Mac OS X, I think that it is reasonable to state that *in some ways* the Mac OS IS more secure.
And yes I realize there is a proof-of-concept virus that exists, but it was written years ago as an experiment, and there are STILL no viruses in the wild for Mac OSn
RE: True confession: malware on my Mac
<a href="http://www.barskareviews.com/barska-binoculars">barska binoculars</a>
RE: True confession: malware on my Mac
I have no doubt that the author of the piece was just smacking himself, thinking "why didn't I come up with that answer?" Don't download executables that don't run on my machine, that's a thought! Perhaps you've noticed that some of the messages in your spam folder have attachments. If you've configured an email client on your computer, those messages may well have been downloaded to your computer without your screening them first. In fact, some Windows viruses are distributed that way, so that even an experienced computer user with the full knowledge that .exe files are not intended to run on a Mac could have those files on said Mac.
More to the point, there were 25 bits of malware on that machine that would do no harm to the host operating system . It DIDN'T MATTER that they were on the machine.
It could matter, if...
These files were accidentally passed on to someone whose machine is running an OS for which this malware has been written.
Just as I don't want to get malware, I wouldn't want to be responsible for passing it on.
RE: True confession: malware on my Mac
Due to most work places being Windows-only, I, like most Mac users, live in 2 worlds: Windows at work, OSX at home. I too have ran Sophos scans that have turned up malware...all for Windows. I was actually quite impressed when Sophos was able to detect an old Windows program I had written to keep tabs on my young daughter's Internet activity (that was before we switched to Mac). Since I wrote it myself, I knew that (A) it was not a virus/trojan and (B) it had never escaped into the wild. No other antimalware software, including that crappy McAffee we use at work, has ever detected the software I wrote, only Sophos. So, I now scan my work thumbdrive on my Mac every night when I get home.
RE: True confession: malware on my Mac
?