More Mac Viruses, Similar Sources: Time to Worry?
Depending on how closely you stick to the word of the law, you may or may not be aware of the potentially dangerous trojan called “OSX.Trojan.iServices.A” unleashed on some of the Mac community last week via a pirated copy of iWork ‘09. The trojan, discovered by Mac security software company Intego, allows the distributor of the malicious software to access and modify the affected system remotely, performing actions such as adding files. Such a vulnerability is potentially fatal to an operating system.
According to Intego’s numbers, more than 20,000 people have downloaded the affected file, a number which also says something about Apple’s ability (or desire?) to curb piracy of its proprietary software. Instructions on how to rid your computer of the virus in case you are among that unlucky 20,000 can be found here, but they can’t take away your shame.
This week, another round of infections has appeared, this time targeting a different, but similar group of pirates. The victims are users who downloaded a pirated copy of Adobe’s popular photo editing program, Photoshop CS4. Again, the people responsible for finding and broadcasting the existence of the trojan are Intego. This one is aptly dubbed “OSX.Trojan.iServices.B”, and actually comes from the serial generator that packages with the Photoshop installer, and not the installer itself. The CS4 trojan presents the same risks as the iWork ‘09 version. Intego reports 5,000 downloads to date.
With two such high-profile virus detections coming so closely on each other’s heels, the question inevitably arises: Is Mac’s status as a highly secure option to Windows in danger? Clearly, Mac users are beginning to present a more attractive target to hackers, because the platform itself is becoming more popular. Not only that, but Mac users may be even more susceptible than others, since they traditionally haven’t had to worry much about malicious attacks.
No doubt the conspiracy theories that security companies cause and cure viruses will also crop up, especially with two such similar detections from the same source in such a short period of time. The reaction might be especially strong, considering how secure most Mac users believe their computers to be.
Really, as it stands, the only people at risk are those trying to pirate software, so it’s not really a case of “Is the OS less secure?”, so much as it is one of “Are Mac users security savvy?”. Pirated software distributed via Torrents has always been a high-risk area, but those running a Mac OS have had the luxury of being less guarded about those types of threats because the malicious code they contained was generally written to attack Windows machines.
The time may have come to star learning more smart surfing practices, but I think the general Mac-using populace can hold off on putting their computers on lock-down. Unless, that is, they plan on pirating like crazy, in which case, shields up.
ShadowBottle on January 26th, 2009 at 2:54 pm
Trojans aren’t viruses. Can you please not feed /this/ particular fire?
Franco on January 26th, 2009 at 3:18 pm
I believe the fault is applications that need installers. Without installers this would not happen, but I see that requiring your administrator password is more common this days.
If they need to install fonts and things like those, let me choose if for all users or the active one. That way, I think, if I selected the active one you should not need my administrator password.
Franco on January 26th, 2009 at 3:26 pm
ShadowBottle: viruses prctically no longer exist, not even in Windows world. All are trojans this days.
Joel Fagin on January 26th, 2009 at 4:02 pm
Franco: Viruses are still extremely common in the Windows world. Heck, many of the worst trojans are actually delivered by a virus (and, indeed, vice versa). I’m cleaning the things off people’s computers constantly.
HobbesDoo on January 26th, 2009 at 4:08 pm
This risk always existed and I have to agree with ShadowBottle. Trojans are not viruses.
Anytime you give your admin password to an unknown source you’re playing with fire. It may burn you or it may not. It’s still a big gamble.
All a pirate needs to do is to add one line to the crack application supplied with the pirated software that runs “rm” on the root of your main volume. No rocket scientist required. With your admin password the application can do pretty much anything it wants.
PB on January 26th, 2009 at 4:08 pm
A worm is a sub-class of a virus. It replicates and spreads itself. They practically don’t exist in Windows? This story is about a week old:
http://www.nytimes.com/2009/01/23/technology/internet/23worm.html?_r=1
Trojans are another matter altogether because they depend on social engineering to install, rather than vulnerability in the OS.
Rob Oakes on January 26th, 2009 at 4:19 pm
Regardless of whether a trojan counts itself as a virus or not, Mac malware is still on the rise. The (somewhat) perfect record of the Mac as a secure platform with no known threats in the wild has now been more or less tarnished. Further, as the Mac grows in popularity, we can expect more malware hackers to target the platform. It appears as though the Windows people were partially right. The Mac was more more secure by its relative obscurity. That situation is starting to change.
Joel Fagin on January 26th, 2009 at 4:53 pm
Allow me to put something in perspective.
Trojans rely on human gullibility to work and you can therefore get them on any platform unless it’s completely locked down (like the iPhone). Trojans, like any good con, can’t really be stopped except through education.
That is a long, long way from a virus or worm. They don’t rely on gullibility but rather insecure operating systems with flaws they can take advantage of. It’s the difference between handing over your money to a Nigerian scamster and having someone hack into the bank account computers to steal the same ammount.
I would expect more trojans on the Mac. I would not expect many viruses and worms.
PB on January 26th, 2009 at 5:01 pm
@Rob Oakes: Disagree. It’s like saying the record of the post office has been tarnished by Nigerian check scams. Nonsensical.
Trojans are like STDs via unprotected sex with strangers. A virus or worm is like being assaulted on a public street. If you lump them all together in the “crimes” file, you’d be booted off the police force.
Bottom line: Can your OS become infected by following a link or mounting a disk? That’s the test.
Amnell on January 26th, 2009 at 10:56 pm
Would little snitch give you a accept/deny-dialogue if the trojan wants to communicate with the outside world?
justcorbly on January 27th, 2009 at 6:33 am
Ordinary folks don’t make any distinction between trojans, worms, viruses, etc. Whatever it is, it’s a ‘virus.”
The Mac’s reputation for security is likely giving some folks the impression that it is invulnerable. I.e., that pirated software stuffed with trojans can’t harm a Mac, even if the trojans target that platform.And that’s assuming they even know that pirated software is a distribution path for the stuff.
Luca on January 30th, 2009 at 6:56 pm
This is the biggest problem. Apple seems to think that obscurity=security.
OS X is not as secure as BSD, because it forked from BSD a long time ago, and the kernel is not maintained to include these new security updates like BSD.
The more attention and exposure that Apple gets, the more we’re going to see exploits like this. They have two solutions, drop the childish accusations that OS X is infact secure, or they have to start staying up to date with the BSD kernel updates.
Ahmed Melton on March 4th, 2009 at 4:40 am
I use facebook but till I not get any message of this kind and if I will get any message of this kind I will ignore that.
Bob on April 19th, 2009 at 1:56 am
Macs are NOT secure. Its a misnomer to use that phrase. They are still prone to security issues, its just no one has so far bothered to try because of the low penetration rate. If someone was to target the community via a website that lots of mac users visit, then you wouldnt even know you had been infected, since no one runs a virus checker. Then all it would take would be for that small code to start spamming out of your machine to all your email contacts etc etc…
yes, and look how easy it is to spread a virus via facebook these days, with all those pointless appz.
Its analogous to saying im invincible and bullet proof, because no one is pointing a gun at me!
montex on April 19th, 2009 at 9:49 pm
The facts are that no viruses or trojans or any malware has cause ANY significant damage to Macs running OS X in the 8 years the operating system has been out and used by millions. I’ve been hearing for years how, any minute now, the Mac community will be taken down by some terrible malware and those smug Mac fanbois will be so sorry they don’t use anti-virus software.
But it hasn’t happened yet. No breaches of Mac security have occurred outside of very contrived circumstances. Will it happen next year? In 5 more years? Anyone care to predict when Mac security will crumble? Not just in some hacker contest, but in the real world where millions of Macs are affected.
Apple claims that there are over 25 million users currently running OS X. And with Macs reputation for being far more expensive than PCs, isn’t it amazing that all those hackers just happen to overlook such an elite group of users. All those Mac users with unprotected operating systems with all that disposable income to spend on Apple products… nope. Can’t see any reason to go after those people. That OS is just too OBSCURE. It’s beneath all those hacker’s time to even bother with it.
I think we should all stick with Windows because the hackers like it so much better that they write viruses for it. That can only mean that Windows is really, really good!
ritorujon on November 9th, 2009 at 5:21 pm
If OBSCURE = neat, well organized, usable, working, fast…. then yeah, Mac OS X is obscure:-)
Windows is really really good for hackers for these reasons:
1) it’s easy to hack
2) it’s widespread
3) it’s widespread among people who don’t know anything about computer security or even about computers :-D
PB on April 20th, 2009 at 4:38 am
@ montex +1
DOS/Windows users get over it. It is a crappy system that Gates foisted on unsuspecting computer users and got market share good and early. I remember when it happened. I was like WTF? You have a choice and this what you chose? Managers in companies that had graduated to their Peter principles jobs patted themselves on the back and for more than 20 years now, they have been stuck with a system that is making their lives hell but most are too addicted it to make a change. They deserve all the viruses and malware that the hackers can heap on them.
Jay on July 30th, 2009 at 1:42 pm
The point is can mac be attacked by a malware, be it a Virus, worm or Trojan etc. Mac users (excluding some technically savys) are under the impression that it cannot be done. it hasn’t happened in the past and will not happen in futrue. Wake up people. if it can happen, it will. The more we become popular, the more we become vulnerable. choosing an operating nowadays is a matter of preference and not which one is better or worst.
Skippy on August 13th, 2009 at 5:18 pm
Virus, Trojan, Worm….. ALL now fall under the “virus” definition. These “hackers” aren’t out to wipe out your hard drive now. They want the INFORMATION that’s on it!! The “hacker” now isn’t some kid in Mom & Dad’s basement- they’re crime organizations in foreign countries where YOUR personal information is worth a LOT more than just screwing up your hard drive.
Mac’s make it easy by giving a false sense of security.
Mac/Windows User on August 21st, 2009 at 4:03 pm
It’s amusing, yet sad to see how many people still live in their shadows of faith that there is any such system that is NOT vulnerable… Wake up, this IS 2009 after all… and Mac’s CAN and DO suffer from viruses just not as many as does windows.. to be so smug and ignorant as to believe that Mac’s are so fail safe, that’s just inviting the hackers to show you otherwise. Do you think they DON’T read these posts? Do you think they are not laughing at you right now ? Come on, we are not in the 1980’s .. wake up and take a whiff of the coffee that’s brewing right under your nose.
PB on August 21st, 2009 at 7:10 pm
>>Mac’s CAN and DO suffer from viruses
Where???
Unix_guy on August 24th, 2009 at 2:46 pm
I’m not a fan of either system. So take this article as it is intended, just as information.
http://www.msnbc.msn.com/id/12537279/
PB on August 25th, 2009 at 9:18 am
msnbc? That sounds like one of Bush’s terror alerts. Give me some facts, not hyperbole. Can you run a PC without AV, click on any link you like, and be virus free? No. Can you do it on a mac. You betcha!
nicnax on November 6th, 2009 at 7:25 am
i think i have a trojan on my mac
how do i get rid of it? i downloaded the cs4 for a friend and deleted from my mac. now i have the virus. can someone help me? PLEASE