Apple Becomes Proactive About Security

May 26th, 2011

It’s curious about the phenomenon of synchronicity. As I was writing this column, I got an unsolicited call on my Skype account; the first I might add, and I’ve been a member for several years. Out of curiosity, I answered, only to hear a clumsily recorded robotic male voice warning me of potential security problems on my computer. I promptly hung up, and checked my Skype preferences about blocking unsolicited calls.

Now understand that getting so-called telemarketing calls on regular phones is nothing new, although it might be a novelty on Internet telephone services. Junk phone calls have persisted for years, forcing the U.S. Federal Trade Commission to set up a National Do Not Call Registry. Once your phone numbers are entered into the online database, and it takes just a couple of minutes to register up to three numbers at a time, a business cannot call you unless they have a prior business relationship with you. If they violate the law, they can face severe fines, though I wonder how often that really happens.

But what really got my dander up is that this unsolicited call was using the very same scare tactics that Internet criminals have used for years to attempt to induce you to buy bogus security apps. The tactics are usually the same. You suddenly see a pop-up window in your browser warning you that your computer might be infected with a virus. You can just dismiss the warning and get on with your business, but if you accept the scan, you will be, in short order, notified that you must download and install a special app to remove the malware on your computer. They’ll even sell you a user license, but, in the end, the warning was a fake, and you will be paying for a product that does absolutely nothing — other than to take your money of course. And once they have your credit card number, you are in danger of having that number used for more fraudulent purchases.

Up till now, this phenomenon has been primarily a Windows-based annoyance, with a recent estimate that a whopping one of every 14 Windows-based downloads may represent a bogus app of some sort.

However, Mac users have not been immune to social engineering of this sort. It just took the Internet gangs who engage of this form of thievery to seek out a new audience for their scareware. So very recently, you probably read of this new threat, called MAC Defender, MAC Security, or something similar. The approach is the same. You see a warning that still resembles a Windows prompt, but it appears the actual software is very much in tune with the Mac interface. No doubt, the criminals involved have been boning up on their Xcode skills, so they can create Mac apps that look and behave very much like the real thing, except, of course, that they are useless.

Up till now, Apple hasn’t really paid much attention to the occasional flare ups of Mac OS X malware, since they haven’t been widespread. They will half-heartedly inform you that there are security apps available if you choose to protect yourself. Most of the problems up till now have involved downloading and installing malware-ridden software. But the same people who fool you into installing a bogus security app can also fool you into installing something that literally takes over your computer, and steals your personal information, including passwords, bank account numbers, and other critical data.

Up till now, Macs have resisted such outbreaks partly because of a “security through obscurity” situation, meaning that Apple’s relatively low market share didn’t make it a serious target for malware. Computer virus authors are also highly skilled at creating viruses for the Windows platform. Even though Microsoft has been far more active in fixing security issues on Windows in recent years, loads of people still run PCs with older, unprotected operating systems, thus leaving tens of millions of people vulnerable to virus infections.

In their recent security feature, Consumer Reports spoke of multi-billion dollar losses, although they didn’t state the obvious, that perhaps 100% of those losses were on the Windows platform. I suppose that equation might change a little now, considering that some Mac users are being successfully coerced into buying MAC Defender licenses.

After apparently attempting to ignore the issue for a while, Apple has decided to take a surprisingly forthright approach. They have already posted a Knowledge Base article that describes the extent of the problem, which they classify as “phishing,” and how you can easily remove the offending software and, with a few extra steps, a startup item that causes the app to run each time you reboot your Mac, along with an accompanying background app.

Apple is also promising a forthcoming update for Mac OS X that will protect your Mac from MAC Defender and its variants, which include the latest threat, known as MacGuard. You probably don’t know that Snow Leopard actually has built-in malware protection, but it’s very limited in functionality, and is not regularly updated. By taking this measure, Apple may enter quicksand, as updates to MAC Defender and other Trojan Horses will continue to appear, thus forcing them to issue regular updates. And I haven’t mentioned the standard security updates, issued occasionally, which usually address issues that could cause your Mac to be compromised.

Now I’m not about to suggest you should be installing virus protection software on your Mac, although it probably won’t do any harm, since the better products don’t seriously hog system resources or slow down your computer. But the arrival of MAC Defender may be only the first of many serious threats to appear, so the best advice is just be careful, and practice safe computing. In other words, don’t download any software except from trusted sources, such as the Mac App Store, and responsible third-party developers and software repositories.

| Print This Article Print This Article

6 Responses to “Apple Becomes Proactive About Security”

  1. Jon T says:

    “..Snow Leopard actually has built-in malware protection, but it’s very limited in functionality”

    The point is that it covers the not very many issues that exist for Macs. So it doesn’t need to be more extensive, does it?

    When the update comes along in a few days, it will be 100% up to date again.

    • @Jon T, Well, not quite 100%. But certainly an improvement.


      • doug petrosky says:

        @Gene Steinberg,
        Really? why not 100%?
        Just because someone could write another piece of code, doesn’t change the fact that 100% of malicious software is being stopped. What percent would you assign?

        I hope this turns out to be a bump in the road, and the malware designers, decide that the mac is not worth the trouble. I also hope Apple keeps making it hard on the malware designers.

        You don’t have to be faster than the bear, just faster than the guy next to you.

        • @doug petrosky, Well, the point is that these are Trojan Horse or phishing types of scams. They aren’t viruses in the traditional sense that replicate. If you check Intego’s online blogs, you’ll see there have been Mac OS X Trojan Horses of various sorts over the years, but nothing that was as widespread as MAC Defender, it seems. So it’s not going to be 100%. But it may make Apple more conscious about the future dangers.


  2. Keyword says:

    I’m not sure I understand the flame war participants who sneer at advocates of caution and preparation when it comes to malware for Macs. There are Macs that have multiple users (think “the family computer”) of varying levels of sophistication. When these macho characters say, “anyone who falls for that stuff is so stupid, they deserve what they get” does that include Grandma? How about their 6 year-old sister?

    This isn’t a game. If someone gets a keylogger onto your machine and cleans out your banking and savings accounts, you’re hosed. This is the wrong issue to adopt some kind of “Mac purist” stance on. Mac fans who don’t lock down their machines as a point of pride are like nuclear power operators who cut corners because, after all, accidents are rare. Yes, they’re rare, but when they do happen they have the potential to be catastrophic. The depth of the downside should change the dynamics of your risk assessments.

    • Jon T says:

      @Keyword, Nobody is advocating a stance of anything other than caution.

      We just do not need to be cajoled and misled into agreeing that Macs are in anyway comparable to Windows PC’s.

      The gulf is getting wider by the day, and one social engineering ploy like MacDefender which affects a handful of users is not going to make any difference.

      Apple will batten the hatches where necessary and all will be forgotten shortly. It’s happened before.

Leave Your Comment