backtop


Print 35 comment(s) - last by Azethoth.. on May 3 at 4:11 PM


MACDefender is the latest piece of malware to pop up targeting Apple's OS X platform. Its risk is minimal as it can only install via a combination of an exploit and user carelessness.  (Source: Intego)
Cybercriminal community's interest in attacking Apple users is growing, but still lacks discipline

According to a handful of dedicated hackers of Apple, Inc.'s (AAPL) computer operating system, OS X, the OS is actually less secure than Microsoft Corp.'s (MSFT) Windows.  But thanks to the OS's small market share (traditionally 5 percent or less) most cybercriminals haven't felt it worthwhile to target the platform.  Also, some hackers have misgivings about attacking Unix-like operating systems (e.g. Linux, OS X).

Still, Apple's growing market share and boastful claims of security have lead to an increased interest in attacks and some OS X malware has been popping up of late.  

The latest malware to target OS X is dubbed "MACDefender".  Attack pages for the new malware exploit the way Apple's default Safari browser handles Javascript, running a script that auto-initiates the download of a script file.  If the user has opted to open "safe" files, the archive will then auto-open and initiate an install dialogue.

The risk is minimal as users must approve of this dialogue and enter an administrative password to complete the installation.  Still it may be a bit more widespread as the attack pages have boosted themselves to near the top of many search results, thanks to search engine optimization (SEO) poisoning.

It is unclear what the software does when active, though it appears to be logging user activities.  Users who accidentally installed the software can still delete it by killing its process and dragging it from the Applications folder to the Trash bin.

Members of the Apple Support community first noted the malware last Saturday.  

On Monday, security firm Intego released an advisory, calling the risk of the malware "low".  Intego writes:

When a user clicks a link after performing a search on a search engine such as Google, this takes them to a web site whose page contains JavaScript that automatically downloads a file," Intego said. "In this case, the file downloaded is a compressed ZIP archive, which, if a specific option in a web browser is checked (Open 'safe' files after downloading in Safari, for example), will open.

The malware unfortunately shares its name with a legitimate OS X software firm.  MacDefender is a small software firm that makes geocaching software, including GCStatistic and DTmatrix.  The company has released a statement emphatically saying that it is not affiliated with the rogue software.

The company writes:

IMPORTANT NOTE: As it seams (sic) someone wrote a virus/malware application named mac defender (MacDefender.app) for OS X. If you see an application named like this DO NOT DOWNLOAD/INSTALL it. I would never release an application named like this.

In recent months botnet-forming worms and trojans have targeted OS X.  Most of these pieces of malware have been amateurish efforts, though, or works in progress.  Nonetheless it remains a very real possibility that Apple could one day see a serious attack.

For its part Apple has suggested users get an antivirus program, though it still claims in advertisements that its platform does not suffer from malware like Windows.  Apple has refused to provide customers with free antimalware software like Microsoft does, so security firm Sophos Plc. has picked up the ball offering free basic protection to Mac users.  Some other smaller firms also offer free Mac antimalware suites.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: I'm not saying..
By PaterPelligrino on 5/3/2011 6:13:33 AM , Rating: 3
quote:
To sum up the position of many commentators around here: In the real world 99.99% of actual and successful malware attacks happen to Windows PCs This is not a symptom of any weakness in Windows but rather is a symptom of how successful Windows is.


Isn't that common sense? Windows receives the vast majority of malware attacks because of it's vastly superior market share. Windows is where the money is.

Armed robbers target banks and armored cars instead of information booths, not because the former is less secure than the later, but because there's no profit in attacking info booths.

I repeat: Hackers are in it for the money, and the money is in the OS that has a market share that dwarfs the competition. As Willie Sutton said, he robs banks because that's where the money is. Which explains why Macs don't get a percentage of malware infections proportional to their market share. Very few in-it-for-the-money hackers are going to target an OS that is only run of one out of every 15(?) computers, no matter how easy it is to hack Apple stuff.

Malware attacks succeed because a certain percentage of the users of any OS are going to be dumb enough to click on or download something they shouldn't. And ten percent of Windows users is a hell of a lot more people that 10% of Apple users, so if you made your living by infecting computers, which OS would you target?

Anything else I can help you out with?


RE: I'm not saying..
By Tony Swash on 5/3/11, Rating: 0
RE: I'm not saying..
By PaterPelligrino on 5/3/2011 7:02:03 AM , Rating: 3
Tony, have you ever made a post to this forum that wasn't a defense of Apple/attack on Msft? Do you even have a life that doesn't somehow revolve around Apple? I hope you're getting paid for all this Apple agitprop, because if you do this for free, if proselytizing for the Apple brand is your purpose in life, that's kinda pathetic don't you think? It's just a computer ffs.

If computer use were a religion, I'd think of Windows users as agnostics/atheists and Apple fanboys as Evangelical Christians. Those guys sleeping in line for two days to get the latest iteration of the iPhone remind me of pilgrims to Lourdes.

Umberto Ecco had a different take on the distinction between the two. Ecco once wrote an essay arguing that the Apple Mac was a Catholic device, while the Windows PC was a Protestant one. His reasoning was that, like the Roman church, Apple offered a guaranteed route to salvation – the Apple Way – provided one never doubted or wandered from the path. PC users, on the other hand, had to take personal responsibility for working out their own routes to heaven.


"The Space Elevator will be built about 50 years after everyone stops laughing" -- Sir Arthur C. Clarke














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki