About Mac Malware Threats

January 9th, 2014

When the Flashback trojan horse outbreak occurred in 2011, an estimated 600,000 Macs were infected, a frightening development for those who felt the platform was pretty safe and secure. A Java virus, Apple received lots of criticism for not releasing a fix promptly. At the same time, those who felt that Mac malware would intensify no doubt felt vindicated by the circumstances, although this was not the sort of exploit that caused serious harm; in other words, your data wasn’t in danger of being corrupted, though that sort of infection could have done some serious damage if the hackers took that approach. It was also easily removed by apps that were released by Apple and others.

Now even though you hear about security vulnerabilities of Mac OS X and the Safari browser from time to time, it’s not as if there’s an epidemic of outbreaks. Most have been small, confined to a tiny portion of users. Apple also periodically issues security fixes for recent versions of OS X that are designed to close the holes before they can be exploited.

But Flashback didn’t represent a shortcoming in OS X. It was all about Java, a cross-platform development system currently published by Oracle. But until things changed, Apple had the responsibility to maintain Java on the Mac platform, and issue security updates as needed.

Indeed, Flashback took advantage of loopholes with the Java plugin used for some apps, such as chat rooms, which run through a browser such as Safari. One step Apple took to reduce such problems was to disable the plugin, though you can enable it if you wish. Oracle has also taken over maintenance of Java, so if there’s a vulnerability that needs to be fixed, it’s their responsibility.

Now the dream of Java was to have cross-platform apps, apps that would run on Macs, Windows PCs and even Linux boxes. Some are still around, but not so many. Most Mac users can exist perfectly well if Java wasn’t present on their computers. If you need it, it can be installed the first time a Java-enabled app is run, which delivers a prompt from OS X to that effect. That works for me.

As to the Flashback trojan horse, according to Intego, a publisher of Mac security software,  “Intego purchased some of the command and control server domain names to monitor the Flashback threat that infected hundreds of thousands of Macs. It studied those domains, recording all connections from Macs where Flashback is still active and trying to contact the C&C servers. After recording for five days, it counted at least 22,000 infected machines.”

All right, so it’s still around, but, as I said, if your Mac has the latest version of Java, and you keep up with OS X updates, your not susceptible to the infection. If you can avoid anything that requires Java, you won’t have to worry.

The larger issue, however, is whether, after more than 12 years of OS X, you need to install security software on your Mac to stay safe. Every time there’s a minor outbreak, you can bet some tech pundits will say, yes, it’s time to take that precaution because things will inevitably get worse. Obviously the publisher of security software is only too happy  to sell you their apps. But, other than Flashback, has there been any reason at all to consider such protection?

You see, with Flashback and other trojan horses, they rely on social engineering. It’s all about convincing you to download someone’s app or sign up for their services, in order to open up your Mac to a possible infection. If you are careful about the sites you visit, the email links that require a click, and certainly what you download, you’re probably going to be safe.

My personal experience with Mac malware has been fairly limited, and not very recent. Back in the late 1980s and early 1990s, I encountered a few. Indeed, I once bought a commercial app for my Mac and, upon loading that app, it caused a serious infection that required rebuilding my system. This was before I understood the need to backup, but my critical documents were kept on floppies, so I didn’t lose anything other than time.

Somewhat later, when I was employed at a prepress service in New York City, we received a bunch of floppies from clients infected with what were known as desktop viruses. Annoying, yes, but they didn’t actually cause you to lose your data or, it seems, damage your apps, OS or your documents.

From time to time, I still receive emails from readers and listeners that have encountered problems with their Macs and wonder about virus infections. But most of what they hear about such threats is the result of exploits on the Windows platform. I have yet to actually hear from a Mac user, in recent years, who has been infected by malware of any kind. Not that it doesn’t happen, and not that the risk isn’t there. But it’s not commonplace.

At the same time, some of you will install security software either because your office requires it or you just want to feel safe. Some of these apps also protect against Windows malware, so you aren’t in any danger of passing on something nasty to a PC user. There’s no harm in having an added ounce of protection, but try app demos first to see what works best. Some security software, the result of background scanning, may slow down your Mac, particularly when opening apps or documents.

| Print This Article Print This Article

3 Responses to “About Mac Malware Threats”

  1. Ted Schroeder says:

    Wish I could help out, man. But after some problems, I closed down my PayPal account. Hang tough.

  2. IT Secure Site » Blog Archive » Why the Flashback Botnet is a Threat says:

    […] are also doubtful of a threat. In response to a latest research, Gene Steinberg during Tech Night Owl discussed his take on Mac malware, and wrote, “All right, so it’s still around, but, as we […]

Leave Your Comment