Home > Mac News > And Here We Go Again

And Here We Go Again

May 19th, 2011

There seems no end to the stories in the tech media spouting the endless meme “Macs Are No Longer Safe.” In a story titled “Say goodbye to era of Mac malware immunity,” MSNBC’s tech reporter jumps on the bandwagon–with just as flimsy support as any of the other hacks who bought into the meme. The article begins:

Such is the predicament that Apple’s success has brought: Sophisticated malware has started to appear that’s directed specifically at Apple machines.

For years, security experts predicted that as Apple gained market share, cybercriminals would turn their attention from Windows machines toward Mac attacks. Now it appears to really be happening.

No, for years, security salesmen have been saying that hackers “really are” targeting the Mac, the firewall has broken, and Macs are no longer safe. Not “predicting,” but proclaiming. Here’s a sample from seven years ago, in October 2004:

The Apple community has, since its inception, been largely immune to nefarious hackers bent on spreading harm. If you are a Windows user, as I am, you know the routine. You complain about the latest spyware or virus attack, and Apple devotees respond with good-natured teasing–they don’t have worry about such nonsense. Well, now they do.

John Gruber from Daring Fireball listed samples of such stories ranging from that 2004 story to the present day–continuous stories about Mac security “finally” crumbling. And yet, here we find ourselves, barely changed from the days of the first false alarms. Today is little different; the MSNBC story is a jumble of tired scare tactics from people trying to sell anti-virus software, either bamboozling or bringing in on the scam a tech reporter who writes the story to make the issue seem a lot more serious than it actually is.

The story is based upon the most current threat from another trojan–maybe the third or the fourth ever made for the Mac–which doesn’t even really infect your computer. It’s more like an elaborate scam, except instead of emailing you about your eBay account expiring or your bank requiring a change in your status, it tries to trick users to install software which tries to get them to do the same thing by mimicking anti-virus software.

The thing is, this is malware only by the merit that it is software and wants to do something bad to you. But it is not what most would consider “malware,” in that it does not actually “infect” your computer. Instead, it completely bypasses security, using social engineering instead. It’s not a virus, it’s a scam.

This article, however, is even more misleading than most, as it then tries to imply that actual viruses are out there for the Mac, or at least iOS devices, and by extension, Mac OS X. Read this and tell me the author isn’t trying to imply that:

While Apple advocates have argued for years that Macs were inherently more secure, most experts say that the hackers simply follow the market.

So now there are viruses aimed at smartphones, for example, because tens of millions of them–tiny, powerful computers–are in use around the world.

Smartphones are also more attractive because they are constantly connected to the Internet. By the time an infection is discovered, the attackers have made their money with fraudulent charges and moved on.

Furthermore, because the computing world is no longer singularly dominated by Microsoft Windows, “we’re seeing more Web-based attacks that are platform agnostic,” said Zscaler’s Sutton.

That means fraudulent websites are designed to infect any computer that inadvertently visits the site, whether it be a Windows or Mac OS X computer running any of a half-dozen Web browsers.

The popularity of Apple’s iPhone and iPad has had a “halo effect” that attracts both consumers and criminals to the platform, so Mac owners should keep their browsers up to date and be more cautious.

After reading that badly-written garbage, the average reader will probably come away thinking that not only are iOS devices falling to viruses, but that your Mac can be infected merely by visiting a web site. If you follow the link, however, you find that the story is about Android viruses; in my own search, I was not able to find any legitimate reports of viruses for iOS. As for infection from visiting web sites, that is certainly not true. The web site danger comes from web sites which will initiate a download of a trojan–but not an infection.

While the threat may get as far as downloading and decompressing a trojan when you visit a malicious site, it still requires a user to be dumb enough to then approve the installation of the software and intentionally type in the administrative password. Even then, the trojan doesn’t exactly “infect” the Mac, but installs software which will make fake virus alerts pop up and then try to get the user to visit a malicious web site to buy fake software to get rid of the fake viruses. As far as I can tell, however, the trojan is just a standard app and can be gotten rid of simply by deleting the program file.

Ironically, these badly-written articles which are not much more than ads for Mac “security” software firms will only make more people susceptible. Believing that such virus attacks are possible, gullible users will be more prone to fall for the scam.

Ironically, the writer also uses dubious numbers to inflate the Mac’s market share–the opposite of what similar writers do when reporting only about market share–so as to make it appear that Macs have crossed the threshold that makes them attractive to hackers. The implied message is that the Mac OS is no more secure than Windows, and the only difference is the number of units in use–another longstanding canard. Just like the false impression that Macs are falling to “malware” in general, which in fact it is, so far, only trojans–which instead of defeating OS security, simply bypass it by tricking the user. If you buy an expensive home security system and then open the door for a criminal, it’s not a failure of the security system.

The only fact coming close to being actually relevant in this whole sham of a report lies in the fact that a Make-Your-Own-Trojan kit is being sold to scammers so they can use this method themselves. However, this is not an actual spread of malware, but just an indication that we might, at some future time, start seeing more trojans. But as far as I can tell, that’s it. Still no viruses, still no worms, still no threat other than the occasional social engineering scam that no OS could ever really protect against. And at that, these scams are very few in number.

Once again: the Mac in not invulnerable. It has no magical immunity. Someday, there undoubtedly will be viruses and worms for the Mac. However, we’re still not there yet.

In the meantime, the greatest threat is from stupid, alarmist articles like these.

Update: I have noted that many are reporting on the fact that the “MacDefender” trojan is becoming “widespread,” making this more of a game-changer. From what I can tell, that is true to a degree–this does seem to be more common a trojan than we have seen before–but still not a cause for general alarm. A calmly reasonable article on Wired says it very well:

Bott’s discovery renews this debate: A new piece of malware seems to be fooling more Mac customers than past examples. So does this change the scenario? Should Mac customers install anti-virus software by default like most Windows customers do?

Charlie Miller, a security researcher who has repeatedly won the annual Pwn2Own hacking contest by hacking Macs and iPhones, told Wired.com he doesn’t think so.

Miller noted that Microsoft recently pointed out that 1 in 14 downloads on Windows are malicious. And the fact that there is just one piece of Mac malware being widely discussed illustrates how rare malware still is on the Mac platform, he said.

And while 200 posts complaining about Mac Defender in Apple’s support forums may seem like a lot, that’s still a small fraction of the millions of Mac customers in the world.

While Mac Defender does show that the problem is getting worse and people should be more wary about malware, it doesn’t necessarily mean that every Mac user today should rush to buy anti-virus software, Miller said.

Ultimately, it’s up to the customer because there’s a trade-off involved. Anti-virus software will help protect your system from being infected, but it’s expensive, uses system memory and reduces battery life.

The best thing to do is to set aside ego and ask yourself honestly: do you ever download and install software from untrustworthy sources? Do you not monitor reports of Mac malware on a regular basis so you may recognize these threats before they reach you? Are you tech-savvy enough to recognize the signs of a scam?

Allow these to guide you to make the right decision.

Categories: Mac News Tags: by
Comments are closed.