Still no Mac virus

Posted on 2011-06-12 20:52

As far as I can tell from some quick research, there are still no true Mac viruses, a friend's recent comment that there is a virus that can be installed on a Mac without user intervention does not appear to be correct. While the software in question can run automatically, if a certain option is enabled, and so then pop up a window which looks legitimate, the software can't actually be installed on a Mac without user action (more below). If true, this is quite amazing considering that Macs have become fairly popular for home use (where there generally aren't IT folks working to protect people from themselves all day like in the business world). There are several variants of a TROJAN which can be installed on a Mac but only through user intervention (requires the user to enter the admin password to install the software).

Even the latest one (Mac Defender trojan - created to act like a similar fake security program on Windows) is only able to run (and pop up a window) if you have a certain option turned on in Safari (look for "Open safe files after downloading") and it can do that even if you don't use Safari as your browser, but it still can't be installed without entering the admin password (which should be a pretty good clue something fishy is going on). Still, its a good idea to turn that option OFF in Safari immediately if you haven't already. A window popping up is still going to burn people like another friend at work who actually got bitten by the Windows version of this twice and GAVE THEM HER CREDIT CARD NUMBER!!! The most common way to get these trojans on a Mac is by installing cracked or stolen copies of Photoshop, etc. from bit torrent which have been purposely modified to carry the trojan and seeded by the trojan's creators. I am very circumspect about the software I install. The main difference here is that depending on the version, an admin user on Windows will be able to just install whatever software they want by double clicking (or clicking OK to a window asking if they want to run it) while an admin user on a Mac will still have to enter their admin password to install software which is a clue that system files might be modified or at the least that they should be really sure about what you're doing.

Its been almost 10 years of hearing people say there is a Mac virus coming its just a matter of time, and there just isn't one yet. A virus is a piece of software that can replicate itself and spread from one computer to another without user interaction. Since a virus doesn't require user intervention, a virus could potentially cripple a network without warning. A trojan is a program that appears to be benign but once installed does lots of unexpected bad stuff. Trojans are installed through social engineering (tricking people into installing it) and as such, are avoidable. You're going to have warning from some users who see a nasty screen pop up so you'll have time to warn others. If Macs are only really susceptible to trojans, thats a much lower risk. Since the core of the Mac is based on unix - its difficult to say that the virus writers haven't had time or incentive to write viruses against it. Unix has been running what would become the internet since the 70s and for a good amount of time unix was the only operating system around. Hackers created all the programs that are found on all modern unix systems so its not like the code is a secret (like in Windows) - you can look right at the code and try to find loopholes yourself. Thing is, its exactly because the code for the free unixes is open to everyone that most of those loopholes have been found and closed down. The entire internet and most of the big sites you use every day run on some kind of unix (including google, yahoo, facebook, amazon, etc.) there simply isn't a very much bigger target than the internet. Of course, Macs don't run the internet - Linux does - but Mac users benefit from the daily attacks on Linux since the code for Linux is all open, Apple engineers can just read the bugraq lists and make sure they make the important changes on their (very similar) OS too. Apple can basically let the entire world of Linux (and BSD) users do some of their security testing for them.

I don't consider myself an apple fan boy but I switched from Linux (not windows) to Mac in 2002 (when they first started using BSD unix - I hated the old Mac OS, it sucked) and I am now on my third Mac and have never run any antivirus software and to date have never gotten a virus. That said, my dad has been running Windows for that same period and he doesn't use antivirus and he's never gotten a virus either (he does use Zonealarm and noscript in firefox and some other stuff but no behemoth anti-virus software as far as I'm aware). It really comes down to how diligent, careful, and aware a user is.