Is it Necessary to Revisit the Mac Malware Equation?

January 26th, 2009

In recent days, there have been reports of new Mac Trojan Horse threats, and you have to wonder whether Apple’s continued growth will come at the expense of making the platform a serious target for Internet criminals. Or at least that’s what the tech media has been saying for several years now, although it hasn’t quite come to pass.

The most recent outbreaks reportedly involve iLife ’09 and Adobe Photoshop CS4. But wait! It has nothing to do with the legal versions you buy of these applications. Instead, the Trojan Horse strictly impacts pirated copies.

In the case of Photoshop CS4, Adobe uses a sophisticated license activation method, and the malware comes into play with a program used to crack the license.

Yes, that’s the real issue. We’re talking here about malware that only presents itself as a potential threat if you download and attempt to set up a bootleg copy on your Mac. According to Intego, the security software company, these aren’t proofs of concept, but have actually impacted thousands of people already.

What this means in the scheme of things is questionable. You see, if you don’t go after pirated software, this isn’t your problem. And for those of you who do prefer the torrent sites to dealers who handle legal product, I suppose I could be cavalier about this and suggest that you deserve what you get. More to the point, it’s not as if iLife ’09 is an expensive product. Aside from being free with new Macs, it’s just $79 for a copy. Surely that’s far too cheap to expose yourself to such risks.

Now when it comes to Photoshop CS4, I realize it can be an expensive product, and that it’s hard to come by extra free cash these days. On the other hand, you can get most of the important features in Photoshop Elements at a fraction of the cost and be entirely street legal. So again, I fail to see much justification in taking chances with illegal product.

It is, of course, perfectly true that Intego’s VirusBarrier and other security applications will protect you, and that may be a good reason to get yourself a copy, and I hope one that you pay for.

In the larger scheme of things, however, it still seems rather premature to begin to become concerned that malware is now sweeping the Mac platform. There’s far too much traction on the Windows side of the ledger, despite flattening sales.

Just the other day, for example, it was reported that some 15 million PCs have been infected by the latest malware epidemic. According to a UPI dispatch on the story: “The virus — a self-replicating computer worm known as Downadup, Conficker or Kido — spreads across computer networks using Microsoft Windows software which have not been patched or updated properly. Microsoft issued a patch that fixes the vulnerability the virus exploits last October.”

The key part of that story is the last sentence, that Microsoft patched the vulnerability in October. Unfortunately, when it comes to Windows patches, businesses may be somewhat behind the curve. You see, their IT people will generally want to run the patch in test mode before deploying to the entire network, just to make sure the fixes don’t create new problems. With Windows, they often do, sometimes undoing the protection that’s offered.

When it comes to home users, they will be far less inclined to be up to date on malware protection and Windows updates. So they become particularly vulnerable to such outbreaks. Worse, it’s not yet known just what’s going to happen to those infected PCs. Under normal circumstances, this infected computer army would ultimately be activated to spread spam or possibly denial of service attacks.

The latter can be particularly invasive, because it means that sites are suddenly inundated with loads of bogus requests, and servers quickly become overloaded. The targets of these attacks might be unable to withstand the onslaught or be knocked offline.

In contrast, none of the so-called malware threats to hit Mac OS X have targeted more than a few thousand people. That’s hardly enough to really cause serious damage to the platform. Indeed, one of the key factors that helps the Mac is that it’s more difficult for infections to spread on a wide scale. So long as that situation continues, the dangers are severely reduced.

But I’ll repeat our usual mantra about such matters: Always practice safe computing, which means don’t download files you didn’t expect to receive, even if you know the people who supposedly sent them to you. After all, you may not be able to detect whether that person’s email account has somehow been compromised.

You will also want to be especially cautious about mail that purports to originate from a bank or other financial institution. Such phishing scams are designed to entice you to click on the link in the email, which will take you to a simulation of the real site, except one run by Internet criminals, who want to extract your passwords or other private access information and steal your money. The best protection is go to the site directly to check up on the status of your account.

As far as installing security software is concerned, well maybe not yet. But that time may still arrive, ultimately, so never say never.

| Print This Article Print This Article

6 Responses to “Is it Necessary to Revisit the Mac Malware Equation?”

  1. shane blyth says:

    if u play with fire youll get burnt. It is a good lesson in paying up and shutting up rather than trying to cut a corner and get a “cheaper” option. Slef propagating Malware is the real problem but doesnt seem to exist in the Mac universe.. You here reports but funny it comes from people who sell software to combat it. I have not seen anything reports of it in the wild.

  2. shane blyth wrote:

    if u play with fire youll get burnt. It is a good lesson in paying up and shutting up rather than trying to cut a corner and get a “cheaper” option. Slef propagating Malware is the real problem but doesnt seem to exist in the Mac universe.. You here reports but funny it comes from people who sell software to combat it. I have not seen anything reports of it in the wild.

    Intego claims the number of people infected is in the thousands.

    Your decision as to how important that is.


  3. shane blyth says:

    there is only one way it spreads… U can go check to see the number of downloads on a torrent and it doesnt look to big and it is all fixed at that end so a 1 day flash in the pan and no way to propagate which is good. If u clean the source of infection u are right and it seems it has been.

  4. Bill in NC says:

    Or wait for someone to upload the new iWork ’09 retail which doesn’t require a password.

  5. rwahrens says:

    …and how do you KNOW which copy is the real safe deal or the infected copy? Maybe someone will take a clean new copy and infect IT? Bottom line: You DON’T know, so just go with the legal purchased copy. It’s basically cheap as such things go.

  6. Joe S says:

    The malware protection software does not offer much protection until after the malware has been analyzed and a new release of the protect released. As usual, honesty is the best policy.

Leave Your Comment