According to a handful of dedicated hackers of
Apple, Inc.'s (AAPL)
computer operating system, OS X, the OS is actually
less secure than Microsoft Corp.'s (MSFT)
Windows. But thanks to the OS's small market share (traditionally 5
percent or less) most cybercriminals haven't felt it worthwhile to target the
platform. Also, some hackers have misgivings about attacking Unix-like
operating systems (e.g. Linux, OS X).
Still, Apple's growing market share and boastful
claims of security have lead to an increased interest in attacks and some
OS X malware has been popping up of late.
The latest malware to target OS X is dubbed
"MACDefender". Attack pages for the new malware exploit the way
auto-initiates the download of a script file. If the user has opted to
open "safe" files, the archive will then auto-open and initiate an
The risk is minimal as users must approve of this
dialogue and enter an administrative password to complete the installation.
Still it may be a bit more widespread as the attack pages have boosted
themselves to near the top of many search results, thanks to search engine
optimization (SEO) poisoning.
It is unclear what the software does when active,
though it appears to be logging user activities. Users who accidentally
installed the software can still delete it by killing its process and dragging
it from the Applications folder to the Trash bin.
Members of the Apple Support community first noted
the malware last Saturday.
On Monday, security firm Intego released an
advisory, calling the risk of the malware "low". Intego writes:
When a user clicks a link after performing a search on a search
engine such as Google, this takes them to a web site whose page contains
this case, the file downloaded is a compressed ZIP archive, which, if a
specific option in a web browser is checked (Open 'safe' files after
downloading in Safari, for example), will open.
The malware unfortunately shares its name with a legitimate
OS X software firm. MacDefender is a
small software firm that makes geocaching software, including GCStatistic
and DTmatrix. The company has released a statement emphatically
saying that it is not affiliated with the rogue software.
The company writes:
IMPORTANT NOTE: As it seams (sic) someone wrote a virus/malware
application named mac defender (MacDefender.app) for OS X. If you see an
application named like this DO NOT DOWNLOAD/INSTALL it. I would never release
an application named like this.
In recent months botnet-forming
worms and trojans
have targeted OS X. Most of these pieces of malware have been amateurish
efforts, though, or works in progress. Nonetheless it remains a very real
possibility that Apple could one day see a serious attack.
For its part Apple has suggested
users get an antivirus program, though it still claims
in advertisements that its platform does not suffer from malware like
Windows. Apple has refused to provide customers with free antimalware
software like Microsoft
does, so security firm Sophos Plc. has picked up the ball offering
free basic protection to Mac users. Some other smaller firms also offer
free Mac antimalware suites.
quote: Security through obscurity is NOT a security model.
quote: And here I sit so patientlyWaiting to find out what priceYou have to pay to get out ofGoing through all these things twiceBob Dylan
quote: Windows was designed as an insecure single user OS
quote: Why do you Windows user put up with this crazy shit?
quote: Because you Mac user keep lying. Try to read Wikipedia and stick to facts about Windows NT being multiuser from the start, see if my treatment of you Mac user changes.Besides, Mac OS X can get infected exactly the same way if Mac user agrees to download some "web codec" just like stupid Windows users do. But you are not worried about the facts at all, are you, Tony?
quote: multi-user functionality was added to Windows
quote: its also still true that the OS has never been re-written from the bottom up and all the old crud has never been thrown out
quote: The proof of the pudding is in the eating and the fact that major zero day holes are being found in Windows all the time is an indicator of just how piss poor the architecture is
quote: Stop using Windows and you can dispense with anti-virus software.
quote: To sum up the position of many commentators around here: In the real world 99.99% of actual and successful malware attacks happen to Windows PCs This is not a symptom of any weakness in Windows but rather is a symptom of how successful Windows is.
quote: Isn't that common sense?