Mac Malware

Please pass this info on to your Mac friends. Mac users tend to be complacent believing that Macs are impervious to malware/viruses/trojan horses/worms. That is not so. The Mac’s safety from these was largely based on the small market presence, especially in business. Now that Mac sales are approaching 7-10% of the market (Depending whose figures) the bad guys are beginning to target Macs and they are vulnerable. Here’s an article from Sophos’ Naked Security.

Mac malware evolves – time for Apple owners to wake up

Join thousands of others, and sign up for Naked Security’s newsletter

by Graham Cluley on October 19, 2011 | Comments (14)

Mac malwareMac users have once again been reminded not to be complacent about the malware threat, with the discovery that cybercriminals have enhanced an existing Trojan horse to disable the rudimentary anti-virus protection Apple has built into Mac OS X.

Despite the growth of Mac malware in the last 12 months, many users are still not protecting themselves from the threat. This is despite there now being industrial-strength free Mac anti-virus software available.

Our friends at F-Secure blogged today that they had noticed a new variant of the Flashback backdoor Trojan – which poses as an update to Adobe Flash – disables XProtect.

XProtect isn’t really comparable to a real anti-virus product on your Mac, but it does provide a limited amount of protection.

The fact that Mac malware is now being written to prevent XProtect from updating itself with new security definitions underlines that cybercriminals are keen to infect Apple computers because of the potential financial rewards.

The good news is that Sophos’s Mac anti-virus products (including our free anti-virus for Mac home users) has been detecting the malware as a member of the OSX/FlshPlyr malware family since October 12th.

The SHA1 checksum for this Mac malware sample is 627813f62ed32dfe083df8e6b04ad5b28300912d.

Update: An earlier version of this article claimed that Mac OS X’s built-in virus protection was not detecting this malware. We are happy to confirm that our test results were incorrect, and Mac OS X can detect this malware when downloaded. Read this article for more insight as to the differences between XProtect and a full anti-virus product.

Clearly the Mac malware authors are not resting on their laurels. Maybe if you have a Mac you shouldn’t be too laid back about the genuine threat that exists also?

If you need any further convincing – maybe you should check out our short history of Mac malware (which, after today, needs updating.. sigh)


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: