Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Development
    • Networking
    • PC Hardware

    New Mac Trojan Proves There’s No Such Thing as a Malware-Proof Platform

    By
    Wayne Rash
    -
    October 26, 2011
    Share
    Facebook
    Twitter
    Linkedin

      We’ve been hearing the stories for years about how Apple’s Macintosh is immune to malware. For years I’ve heard the smug claims from Mac owners about how it’s too bad that Windows users have to load their computers with antivirus software to be safe, but Mac owners don’t. For years I’ve known it was only a matter of time.

      So let’s say it right now. There’s no such thing as a malware-proof platform, especially if that platform is somehow connected to the outside world. But evennetworks isolated from the Internet are no longer immune as the victims of the Stuxnet worm can attest. The fact is theMacintosh platform is highly vulnerable, especially since relatively few Macintosh users buy and use security software.

      So when security company Sophos revealed on Oct. 25 that a newbackdoor infection named Tsunami had been detected in the wild, I wasn’t surprised. I mostly wondered what took so long.

      The reality, of course, is that malware writers look at market share when they’re creating their payloads, and Windows gives them the biggest bang for the buck. But the Mac is growing in market share, so it’s now worth some attention. This is made more tempting to malware writers by the fact that relativelyfew Macintosh computers are protected against malware, so it’s a very soft target.

      So, Mac users, your time has come. You’re going to have to plunk down the money and deal with the lost CPU cycles like everyone else, unless you want some botmaster in Lithuania to own your machine. But, of course, it’s not just Macs. For too long device owners have taken few if any precautions against malware except on Windows computers. Owners of other devices, whether they’re running Linux or BSD or some other Unix-like OS, have assumed that they have no exposure to malware.

      And the mobile market is even worse. Ask yourself what kind of protection you have for your BlackBerry or your Android device or your iPad or iPhone. Chances are, the answer is none. While there has been some movement in the Android world after apps in the Android Marketplace were found to contain malware, relatively few Android devices are delivered with anti-malware apps. Worse, the companies selling such apps aren’t reporting huge sales, and that’s too bad.

      Meanwhile, the Apple App Store and BlackBerry AppWorld are tightly controlled, so owners tend to assume that they don’t have to worry about malware-infected apps showing up on their devices, and in that sense, they’re correct.

      Its Time for Mac Owners to Invest in Antivirus Software

      But malware doesn’t need to be delivered in an app to infect your device. As is the case in Windows machines, malware can be delivered in email attachments, images from the Web and anyplace else where binary content is opened in a device. If your BlackBerry malware arrives in an infected attachment, it’s still malware, and your device is still infected.

      But the Mac isn’t the only soft target out there. In fact, given the success of the iOS platform, the relatively small amount of attention is a little surprising. Even more surprising is the fact that until recently, Apple resisted allowing AV vendors to sell anti-malware apps through the App Store. That’s changed, but the view of owners that they’re somehow immune hasn’t.

      So the time has come for a reality check. If you have an unprotected platform of any kind, you’re subject to attack. As Windows machines get better and better protection, and as Windows users finally get a clue about avoiding malware, the bad guys will focus on easier targets. That means you.

      This also means that you will need to start taking the precautions that people with Windows computers have been taking for years. Those precautions include being careful what Websites you visit, being careful about opening email attachments and being careful about viewing images where you don’t know the source.

      At this point, you have time. Relatively few malware creators have focused on the mobile environment just yet, and relatively few are targeting Linux and Macintosh platforms, but they will. Those platforms are currently really easy pickings, and that’s what the bad guys love. As the relative market share (compared with Windows computers) increases, the amount of malware targeting those platforms will also increase.

      This means, among other things, that it’s time for you to start investigating security software for all of your platforms, not just the ones running Windows. This is actually pretty easy to do just by searching for “Security” in whatever app market you use. In the enterprise, it’s even easier since many enterprise security packages already cover mobile devices either as part of the basic package or as an option.

      But the bottom line, Mac users, is that your free ride is over. The bad guys of malware have you in their sights, and you can find out just how frustrating it is to have your machine taken away from you and made part of a botnet. Fortunately, it’s only one really bad Trojan so far. But there will be more.

      Wayne Rash
      https://www.eweek.com/author/wayne-rash/
      Wayne Rash is a freelance writer and editor with a 35-year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He is the author of five books, including his most recent, "Politics on the Nets." Rash is a former Executive Editor of eWEEK and a former analyst in the eWEEK Test Center. He was also an analyst in the InfoWorld Test Center and editor of InternetWeek. He's a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine.

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×