There Are Indeed Virusses For Mac
With that said, there have been a number of viruses written to target Mac computers over the years. That number is growing year over year. We recently hosted an episode of our Checklist podcast talking about the history of malware and the Mac. Jun 26, 2012. Apple's Macs can indeed be infected with trojans, viruses and other. There haven't been that many outbreaks of Apple specific viruses.
Do Mac Computers Get Viruses
. ZDNet writer Ed Bott has today published a fascinating conversation with an AppleCare support rep on the subject of Mac malware. For reasons which will become obvious when you, the Apple support rep has chosen to remain anonymous. Chances are that if he hadn’t kept his identity secret that he would be thrown out of the company pretty quickly. According to Bott’s source at Apple, AppleCare’s call volume is “4-5 times higher than normal” and the overwhelming majority of calls come from Apple customers who have been hit by the current of on the Mac OS X platform. The Mac Defender fake anti-virus attack, and its variously named variants, are becoming common problems it seems: It started with one call a day two weeks ago, now it’s every other call.
It’s getting worse. Perhaps most astonishingly, the interview reveals that Apple’s official policy is that representatives are “not supposed to help customers remove malware from their computer.” The reason for the rule, they say, is that even though Mac Defender is easy to remove, we can't set the expectation to customers that we will be able to remove all malware in the future. That's what antivirus is for. Although the support rep does admit that he often ignores corporate policy and help customers remove infections, he does acknowledge that this could get him into trouble if it comes to the attention of higher management.
But I can sympathise with the support rep, as it’s hard to justify refusing to help a user with an infected Mac when it is using scare tactics and to hoodwink them into handing over their credit card details for a “fix”. As the AppleCare support rep describes: Well, I’m sure you’re aware of what Mac Defender pops up on your screen if you don’t buy it. Last call i got before the weekend was a mother screaming at her kids to get out of the room because she didn’t want them seeing the images. So, panicking, yes, I’d say that would be the situation usually.
I had a teacher call about Mac Defender last week. You can read the on the ZDNet website. Here’s a where we caught one of the fake anti-virus attacks in action: (Enjoy this video?
You can check out more on the and subscribe if you like.) Sophos detects the latest Mac malware as, and as we continue to encounter more waves of this attack we will enhance our protection. If you’re not a Sophos customer, but have a Mac at home, you can still protect your Mac right now. It’s automatically updated to protect against the latest threats. Follow for the latest computer security news.
Follow for exclusive pics, gifs, vids and LOLs! So what’s the difference between your product and Mac Defender? I guess that your product detects Mac Defender and doesn’t demand payment.
But your product is designed to create fear and demand for a product that Mac users don’t need yet. It’s that fear that drives users to install nonsense like Mac Defender. Be honest about exactly what your product detects. It’s barely worth installing right now – the sum total of OSX malware in the wild can be avoided and detected manually. But I guess you guys are in the industry of sales through misinformation. Prevention is better than cure.
I personally will be taking the opportunity to point and laugh, saying 'Told you so' when all the OSX and Linux fanbois don't install any AV until after they have been the victims of fraud or ID theft. There is never any harm in being safe and increasing your security. One of the biggest threats is going to be when someone finds a hole in IPhone or Android software for the remote execution of malicious code without user interaction. 99% of users don't protect their phones (Which are more computers than phones). If your only going to learn the hard way then on your own head be it.
At least all the security 'experts' (Myself included) out there have given you plenty of warning and you'll have no-one to blame but your own arrogance. Laughing Boy Richard: Convince me by answering two simple questions. Be honest about the total number of genuine in-the-wild OS X threats that are actually detected by Sophos malware definitions. I require a link to the list and it MUST NOT include any hint of padding.i.e., pre-OS X malware, proof of concept, low grade but legit adware or threats already nullified by OS X updates.
Further, I require an honest indication by percentage of that figure within the '100%' content that is the defs file. Please explain to me how Sophos, or any other, AV product can protect an end-user from threats which don't yet exist (on any platform).
Is Sophos magic, or do you just keep your fingers crossed and wish reeally hard. Granted the current number in the wild is currently limited.
There Are Indeed Viruses For Mac
This is why I said 'when'. From what I can tell Sophos don't currently have a listable way to see all threats for OSX. This would be nice if they did and would not only be a useful resource but serve as a proof of concept at least. Search the net a bit and there are several definitions of recent malware.
Although currently these do rely much more on social manipulation than on an actual software vulnerability. It is only a matter as time, in the last few years apples popularity outside of the ICT/Digital Arts professions has been steadily growing and making it a larger and juicier target. While currently the number of threats are limited they do exist and having an added layer of 'Free' protection can do no harm, in the long term by keeping up to date with definitions updates you will more than likely be able to download a required definition file before you actually get hit with an infection. On the other hand you don't choose the added protection until afterwards then you haven't got the definitions and the infections costs you something. I am not trying to argue the fact that everyone currently needs it. More advanced users that are less susceptible to social engineering are less likely to get an infection.
As I have previously mentioned in posts regarding this subject I have seen several infections first hand in the last few weeks on home Apple machines. These users don't understand what they are doing when asked to install something and thus get infected. I would like to know why having an anti-virus product is a bad thing? But this says more. Charlie Miller's considered opinion trumps Kingsley-Hughes straw man: 'Should Mac customers install anti-virus software by default like most Windows customers do? Charlie Miller, a security researcher who has repeatedly won the annual Pwn2Own hacking contest by hacking Macs and iPhones, told Wired.com he doesn't think so.'
'Miller noted that Microsoft recently pointed out that 1 in 14 downloads on Windows are malicious. And the fact that there is just one piece of Mac malware being widely discussed illustrates how rare malware still is on the Mac platform, he said.' 'And while 200 posts complaining about Mac Defender in Apple's support forums may seem like a lot, that's still a small fraction of the millions of Mac customers in the world.' Viruses aren't so much of a deal on Windows or Mac these days – both platforms have a bigger problem with Trojan horses, and folks are getting hit increasingly commonly unfortunately. Yes, even on Mac OS X.
Your argument about having to download and run an installer seems to forget the social engineering aspect of many of these attacks which do indeed fool users into taking risky courses of action (such as running dangerous software on their computer). In the case of these fake anti-virus attacks, the user is fooled into believing that they have a security problem on their Mac, and are tricked into handing over their credit card details. This scam has worked remarkably well on Windows users for some time, and sure enough it's working on Mac users too. Judging by Apple's online support forums, more and more Mac users are being hit? So, are we really spreading FUD, or should you wake up to the possibility that maybe there is a genuine problem for Mac users?
There is a real Mac Defender which is a legit anti-virus product and there’s the fake one. That’s part of what makes this fake av so successful and has created big problems for the real MacDefender.
The Sophos product is completely free – they’re not drumming up sales through misinformation there is no money – hence no sale. Simply because Macs haven’t been hit with a fraction of the issues PCs have, doesn’t mean that having extra security is a dumb idea That’s like saying it’s pointless to have safe sex because x% of the time you won’t get a disease or get pregnant so why take the precaution to lower the odds?
Not to mention – at what point does the% turn from being low enough to “ignore” to high enough to be worth considering? If I have a lower% risk with my Mac but want to lower it more and make it more secure – what’s wrong with that? Look at all the security breaches that happen every day – I’m sure many settled with what they thought was “good enough” as opposed to having a truly layered security which took the already low odds and made them lower. Here is what I truly laugh at with compulsory denialists like yourself ALL OS variants on ALL computers (even those permanently disconnected from the 'net short of NEVER connecting to an external device of ANY kind) should have some sort of effective AV protection installed. That is NOT scaremongering, just common sense.
The fanbois often go on about how OS X descended from Linux and therefore is impervious yet forget some basic FACTS # OS X derives from Nextstep whist THAT derived from UNIX (not Linux), it was a forked development that stepped further away from the fold when it evolved into OS X. # Apple has continued to weaken OS X's natural resilience in the name of 'user friendly' the whole update process (giving so little details on ANY update package it is tough to know what is legit and what has hacked the update process) is a security joke for starters. # Apple's own habit of denying the need for any security/AV app till now has only helped entrench these beliefs al in the name of trying to increase sales of the back of PC viral fears little wonder they are now so ill-prepared # A number of Linux distro's have found elegant balances btwn hardened OS builds and user-friendliness. And yet ALL Linux dev's I know of DO encourage users to still use AV software many also either encourage or include in their OS sand-boxing technology as well. These are OS builds CONSIDERABLY safer than OS X and yet they advise safe practices from the outset the fact that Apple has not followed suit demonstrates a distinct aura of blatant nepotism! Yes Graham, there is a genuine problem for Mac users and unfortunately Sophos are part of that problem.
Yes, social engineering is the easiest way to spread malware and in this example people are so afraid of the threat of malware that they actually install the malware themselves. And what do you do? You try to capitalise – see everyone, you DO need malware protection to protect you from fake malware protection.
Sophos AV is a decent product, but it’s free on the Mac right now, because it isn’t needed yet. The company is just building mindshare.
Now if you guys were honest about that, I’d have no problem. At this point in time, Mac users can be vigilant and protect themselves. If that seems beyond the individual, then your free product is a good alternative. But stop spreading the fear – disclose the facts on how much genuine “in the wild” malware you’re actually scanning for and let user decide for themselves. I’m afraid this article just illustrates that your current marketing strategy is hurting the Mac community, not helping it.
I'm afraid your argument doesn't stand up. Because we have been honest and up-front about the reason why we produced our free anti-virus product for Mac. See – you see, there's no conspiracy here. Our free Mac anti-virus product for home users makes people think we're cool and gets our name out there. That should help us sell even more software to businesses. In other words, it's all about brand awareness. It's pretty cool that you can benefit at home from us wanting to raise our brand awareness.
Of course, we're not made of money, and so we can't give users of our free home Mac anti-virus the same high level of support that we offer our paying business customers. May i suggest you go to Apple's support forum and try to convince the users who have been infected by the latest attacks that they don't need anti-virus. Especially if it's free. I'd love to hear how you get on. Regardless of what Mr Jobs tells you in the adverts, Mac users aren't all streetwise 20 year olds with a good head on their shoulders. A large amount of Mac users are just your usual everyday person who probably would have the first clue about social engineering attacks or malware. 'Hold up, my computer is asking for my password.
I best enter it then'. Oh, you've been pwned.
What's the big deal about putting AV on your system? If you're sure that you know what you're doing then fine don't install it but don't talk like you're the all knowing voice of the Mac community and suggest that no one needs it. Afterall, Apple convinced you to buy a product that's way overpriced. Oh dear, you've just been socially engineered by 'your mate' Steve. Anyway, I'm sure Sony had the same attitude until recently. Just a comment to all the pessimists who seem to read this blog.
The information provided by Sophos and all the other security firms try to help the average user. The expert users should know better and need the information less. Most users are not computer experts are are allot more susceptible to social engineering and will most likely install malware voluntarily. It is these basic home users we need to reach and protect as without the support of the IT community and some guidance they will get infected and this will result in fuelling the bad guys will to produce more malicious software and continue their activities. Stop thinking about your own expertise and think about helping those without your level of expertise in avoiding infection. To the naysayers- I am a fairly computer savvy person, not an expert or anything but savvy. After installing Sophos antivirus on my computer it detected 6 Trojan Viruses.
Now considering that I keep up to date on current threats, do not open E-mails unless I know who they are from, & do not visit questionable websites, How did said viruses get on my computer? Answer- I am not the only one in my household who uses our MAC, I have 3 children & a husband who use it as well. Recently I discovered one of my credit cards was compromised (which is still in my wallet), the thieves cleaned the account in one day. Now I do not know how they got my number as I have used the card twice online on 'secure' sites back in December & not since then. But I suspect it may have had to do with the Trojans that were on my MAC. Just wanted to share, because I thought as a MAC owner we were safe from threats & clearly we were not! Better safe than sorry indeed & Thank you Sophos for the Free Mac virus protection as well as all of your knowledgable security updates.
Mac owners have long stood by the saying 'Macs dont get viruses'. Now its everyone elses fault that they are according to them. Most Mac owners I talk to still say it and have no Idea that the criminals have unleashed on them.
These criminals were smart as they waited a long time letting the users think they does need antivirus and then pouncing on them when they all there pants down. Wait till they start getting rootkits that are silent as they steal the banking and credit card information.
Apple and its stance on 'Macs cant get viruses' has led to this slaughter on the dillusional owners, and I believe because of this Apple should help with the removal. Apple should be ashamed for their claims and years long campaign about being protected from viruses. But for all the people that still want to go on without protection, that is their dimise not mine. Part of the problem is that when buying a MAC they'll actually tell you NOT to add AV as it supposidly will mess with their built in security and make you MORE vulnerable to attack. Then you have so many people who have drank that kool-aid for years still saying it – despite the fact that there is proof that the criminals have started to work on MACs too and the more users there are – the more attempts there will be. It's sad when the average user is told that they don't need any extra protection by the so called experts and as a result are left vulnerable to attack. All Mac owners take note of this: THERE’S NO SUCH THING AS 100% SECURE!!
Even Macs can be infected as there’s also cross platform malware out there. Having anti-virus installed on your Mac is a must, so don’t be complacent. I’ve known long ago that even Macs can be infected, and so I took steps to protect myself.
I keep all my software up to date and I’m careful on where I go. It’s time for Mac users to wake up and face the reality!! Even though the amount of malware is nowhere close to that of Windows, Macs still need to be protected. Sophos is doing a great job of letting everyone know. The Java vulnerability is one such example.
I’ve never been infected, thanks to the free anti-virus product that Sophos released, and I get piece of mind know I’m protected while online. Please pay heed to the warnings and don’t be complacent when it comes to security.
So you’re the proud owner of a Mac. Chances are you think its operating system, OS X, completely guards against viruses and other malware and that you don’t need Internet security software. But is this really the case? Read on to find out why it’s a good idea to bolster your Mac’s own protection with a comprehensive security solution. But I thought Macs were safe A Mac running OS X is indeed more secure than a PC running Windows, but that doesn’t mean Macs are completely immune to threats.
The Mac’s sandboxed operating system makes it harder to crack, but it’s not unhackable and remains vulnerable to risky user behaviour. Although the vast majority of malware targets the prevalent Windows PC and Android devices, Windows is getting more secure – and the number of Mac users is on the rise. As Mac adoption increases – particularly in high-profile companies – and more valuable data is available on them, cybercriminals are likely to increasingly turn their attention to Macs. This means there’ll be more Mac-targeted malware about. Attacks by, and have all exposed weaknesses in the Mac’s defences.
WireLurker was found to be able to infect devices running both Apple’s iOS and Mac OS X, and could even attack non-jailbroken devices. But targeted malware isn’t the only hazard. Macs are also vulnerable to flawed third-party software, phishing scams, spyware. Neither can the Mac OS X defend against bad user decisions. We’re all human, and therefore vulnerable to ‘social engineering’ ploys that aim to trick us into divulging personal information such as account logins and credit card details. It’s also worth mentioning that Macs are relatively pricey, so there’s a common misconception that their owners have more money than most PC users and are therefore a worthwhile target. The likelihood of an unprotected Mac becoming infected by malware is increasing, so adding extra defences in the form of Internet security software makes sense.
What protection does Mac OS X offer? The Mac operating system is based on Unix, which stores executable code and data in separate folders and provides a number of that can help protect you. These include Gatekeeper and XProtect (file quarantine). Gatekeeper blocks apps that have not been approved by Apple, while XProtect scans downloads for recognised malware. However, Gatekeeper and XProtect offer no protection against third-party software vulnerabilities that could be harbouring malware. How can my Mac become infected?
Malware usually finds its way on to Macs via links and email attachments, compromised downloads, fake antivirus programs, infected USB keys or drive-by download. Most of it is installed inadvertently by us, the users. The main threats are: 1. Mac-specific malware. There’s currently not a great deal of this about, but it’s on the increase.
Non-platform-specific malware: man-in-the middle attacks, spyware and phishing scams. These widespread threats aim to steal your sensitive data.
Your Mac may also pick up Windows malware, which – although it won’t affect your Mac (unless you’re running Windows on it) – can be passed on to PC users. Not good netiquette. Third-party software vulnerabilities. Lack of awareness on the part of the user. A good antivirus solution can help save you from bad decisions.
How can I protect my Mac? Even though the Mac OS X is generally very secure, it’s worth taking the following steps as an extra precaution:.
Install comprehensive Internet security software, and keep it up to date. You can ensure this by setting it to update automatically. Run regular scans. Outdated software puts your Mac at increased risk. Always apply operating system updates when prompted. The same goes for any other programs installed on your Mac.
Encrypt all sensitive data. Use strong passwords and keep them private. Set your Mac to lock after a defined period of inactivity. Set a required password to unlock it. Whenever possible, use the Mac App Store to install apps.
Be careful that all software you install is legitimate, and not malware in disguise. Think before you click. Avoid suspicious-looking attachments or links in emails, even if you know the sender. You can check out a link’s address by hovering your cursor over it – the link address will appear in the bottom left-hand corner of the window, above the taskbar. Definitely don’t click on pop-up ads or dubious dialogue boxes. Avoid web sites that contain misspellings. Don’t plug any iOS device or USB key into untrusted computers.
Similarly, don’t connect any untrusted devices to your Mac. Use a standard, non-administrator user account for everything except administrative jobs. Administrators usually have full access and can install and remove software, change settings and manage user accounts. If an administrator’s security is breached, there is a greater chance that damage can be done to your Mac and its contents. Disable connectivity features such as Bluetooth when not in use. Cutting this off gives hackers less chance to access your Mac.
Consider removing commonly targeted browser plugins like Java and Flash. Avoid unsecured file-sharing applications. An added layer of protection Although Macs are undoubtedly more secure than PCs when it comes to Internet threats, they’re not immune. Mac-specific malware may be rare but it exists – and third-party software, phishing attempts and ‘man-in-the-middle’ attacks all pose significant risks. As the steps above show, there’s a lot you can do to help keep your Mac safe. Installing an up-to-date comprehensive Internet security solution and being vigilant when online are the two most important actions you can take to lessen your chance of becoming a victim. This entry was posted on Mon Sep 21, 2015 filed under,.