Skip to Content
Skip to Table of Contents

← Previous Article Next Article →

ATPM 18.03
March 2012



How To



Download ATPM 18.03

Choose a format:


by Mark Tennent,

Our Macs Are Under Attack

Just recently we have received e-mails from our bank asking us to approve a payment. Click on the link and it tells you your account has been suspended; please enter security details to get it reinstated. Then there has been the e-mail, “How would you like your ad on 2 million Web sites,” with two attachments called BlogBlaster and Unsubscribe.

The bank e-mail looked exactly like the real thing; even the reply-to e-mail address was correct. It was the Click Here button where the problem lay; hover over the button and it reveals the redirect to a host located in Iran. BlogBlaster may be a real piece of software but perhaps not in the best of taste, judging from the amount of spam that blog comments can attract. However, as the sending e-mail address was in mainland China it doesn’t give one much faith in its integrity.

Macs have become targets after decades of living the good life, free from nasty viruses and trojans that jump from PC to PC. Or the voodoo that turns a computer into a zombie, sneaking unmentionable content onto the hard drive, making it act as a transceiver of whatever data the nefarious villains send around the globe.

The attacks are going to get worse despite Apple’s best efforts to protect us. The latest (as far as we know) uses Java to climb aboard a computer. As a partial solution, Apple stopped installing the Java runtime by default.

Undesirable code can latch onto the back of seemingly innocent software. Gatekeeper, new to the next version of Mac OS X, tries to circumvent this by giving Mac users three sources for obtaining software: Apple’s App Store, or trusted developers who are on the Gatekeeper white list, or from everywhere else. Mac users decide the level of risk they take.

The security walls of the App Store are a smart way for Apple to keep control of software quality as well as providing a reasonable level of safety. They also make a little money from every item sold, a nice cash crop.

Software downloaded from trusted sources will be digitally signed and let through by Gatekeeper, but users can still turn off security to open the doors for anyone smart enough to prise their way in. Malicious code attached to PDFs, Flash files, and Java will still be able to sneak past because they are not hidden inside applications.

Which means it is time to think more seriously about running preventative software. In the days of System 7, the free Disinfectant virus checker found many for us in the course of our work. Nowadays security software ranges in price from free to £70/$100. Our preference is for Sophos, an enterprise level solution on Windows with a free home user version for the Mac. Others swear by ClamXav or iAntivirus, both free and used by us in the past. Norton AV kept us clean for many years, though it used to be problematic and was a trial to uninstall. When Norton asked for annual fees we moved on.

The one to avoid is Mac Defender or Mac Security, which was scareware issued last May. It pretended to scan computers for security issues, created a list of supposed threats, and offered a solution to delete them…at a cost. If users ignored the “threats” Mac Defender fired up a Web browser to display pornographic images.

But perhaps you have set your Mac to do that already…

Also in This Series

Reader Comments (3)

Darwin · March 2, 2012 - 21:03 EST #1
Pre-OS X Macs had plenty of issues with viruses for the same reason as Windows. It was easy to write them. It is much harder to write malware for OS X which is why there is so little of it. Security through obscurity is a mtyh and macs are far from obscure anyway. This article really makes very little sense and shows little knowledge of Mac history or malware.
Dave Trautman · March 3, 2012 - 14:52 EST #2
Macs aren't the target, we are.
Grover Watson · April 1, 2012 - 20:30 EST #3
I just wish I could filter this junk out at the ISP level.

Add A Comment

 E-mail me new comments on this article