Mac OSX Viruses Now?

astrosfan90

Golden Member
Mar 17, 2005
1,156
0
0
Is this a new thing? I've had Macs all my life and can never remember viruses being a problem, ever.

Text

Experts: Mac OS X Target of New Viruses

Benjamin Daines was browsing the Web when he clicked on a series of links that promised pictures of an unreleased update to his computer's operating system.

Instead, a window opened on the screen and strange commands ran as if the machine was under the control of someone ? or something ? else.

Daines was the victim of a computer virus.

Such headaches are hardly unusual on PCs running Microsoft Corp.'s Windows operating system. Daines, however, was using a Mac ? an Apple Computer Inc. machine often touted as being immune to such risks.

He and at least one other person who clicked on the links were infected by what security experts call the first-ever virus for Mac OS X, the operating system that has shipped with every Mac sold since 2001 and has survived virtually unscathed from the onslaught of malware unleashed on the Internet in recent years.

"It just shows people that no matter what kind of computer you use you are still open to some level of attack," said Daines, a 29-year-old British chemical engineer who once considered Macs invulnerable to such attacks.

Apple's iconic status, growing market share and adoption of same microprocessors used in machines running Windows are making Macs a bigger target, some experts warn.

Apple's most recent wake-up call came last week, as a Southern California researcher reported seven new vulnerabilities. Tom Ferris said malicious Web sites can exploit the holes without a user's knowledge, potentially allowing a criminal to execute code remotely and gain access to passwords and other sensitive information.

Ferris said he warned Apple of the vulnerabilities in January and February and that the company has yet to patch the holes, prompting him to compare the Cupertino-based computer maker to Microsoft three years ago, when the world's largest software company was criticized for being slow to respond to weaknesses in its products.

"They didn't know how to deal with security, and I think Apple is in the same situation now," said Ferris, himself a Mac user.

Apple officials point to the company's virtually unvarnished security track record and disputed claims that Mac OS X is more susceptible to attack now than in the past.

Apple plans to patch the holes reported by Ferris in the next automatic update of Mac OS X, and there have been no reports of them being exploited, spokeswoman Natalie Kerris said. She disagreed that the vulnerabilities make it possible for a criminal to run code on a targeted machine.

In Daines' infection, a bug in the virus' code prevented it from doing much damage. Still, several of his operating system files were deleted, several new files were created and several applications, including a program for recording audio, were crippled.

Behind the scenes, the virus also managed to hijack his instant messaging program so the rogue file was blasted to 10 people on his buddy list.

"A lot of Mac users are in denial and have blinders on that say, 'Nothing is ever going to get to us,'" said Neil Fryer, a computer security consultant who works for an international financial institution in Britain. "I can't say I agree with them."

Fryer, also a Mac user, said he has begun taking additional precautions over the past year to make sure he doesn't fall victim to an attack. He spends more time than in the past scrutinizing his security logs for signs of intruders, and he uses a firewall and additional security applications, just as he would with a Windows-based machine.

Among the other signs Macs are a growing target:

? The SANS Institute, a computer-security organization in Bethesda, Md., added Mac OS X to its 2005 list of the top-20 Internet vulnerabilities. It was the first time the Mac has been included since the experts started compiling the list in 2000.

? This week, SANS updated the list to warn against flaws in Safari, the Mac Web browser, which the group said criminals were able to attack before Apple could fix it.

? The number of discovered Mac vulnerabilities has soared in recent years, with 81 found last year, up from 46 in 2004 and 27 in 2003, according to the Open Source Vulnerability Database, which is maintained by a nonprofit group that tracks security vulnerabilities on many different hardware and software platforms.

? Less than a week after Daines was attacked in mid-February, a 25-year-old computer security researcher released three benign Mac-based worms to prove a serious vulnerability in Mac OS X could be exploited. Apple asked the man, Kevin Finisterre, to hold off publishing the code until it could patch the flaw.

The Mac's vulnerability could also increase as Apple transitions to a product line that uses microprocessors made by Intel Corp., security experts said.

With new Macs running the same processor that powers Windows-based machines, far more people will know how to exploit weaknesses in Apple machines than in the past, when they ran on the PowerPC chips made by IBM Corp. and Motorola Corp. spinoff Freescale Semiconductor Inc.

"They have eliminated their genetic diversity," said independent security consultant Rodney Thayer. "The fear is that we're going to run into a new class of attacks."

Bud Tribble, Apple's senior vice president of software technology, disagreed.

"All the things we've been doing to make Mac OS X secure continue to be relevant on Intel," he said.

Mac OS X, he said, is designed to be Internet safe out of the box, without the need for firewalls or additional security software. He praised Mac OS X for making it easy for users to automatically install security patches.

He noted that the operating system was derived from FreeBSD, open source software that was built from the ground up to provide security for computers networked together. Since its origins in the early 1990s, the Unix-based FreeBSD has continually been battle-tested by college students and computer security specialists.

"The bottom line is we still feel more comfortable using a Mac than a (Windows) PC," said Alan Paller, director of research for SANS.

But as Daines can attest, there are no guarantees.

"We're all sort of waiting with bated breath to see if any problem will happen and the jury is still out," said Thayer, the independent security consultant. "I don't think you'll find a consensus."
 

Tu13erhead

Diamond Member
Mar 28, 2005
3,238
0
76
Now that more people are switching to OS X, I guess h@x0rz are finally shifting their efforts?
 

ForumMaster

Diamond Member
Feb 24, 2005
7,792
1
0
well this was inevitable. as more people are trying, and liking, Mac OS X, the target for the hackers is getting bigger. and since there have never been serious security problems with Mac OS X so far, people don't feel that they have to have antivirus software and the likes. i hope this give them a wake up call.
 

Schadenfroh

Elite Member
Mar 8, 2003
38,416
4
0
(conspiracy theory): Symantec wants to sell its products to Mac users, therefore they need a few viruses for the operating system.
 

astrosfan90

Golden Member
Mar 17, 2005
1,156
0
0
Originally posted by: Schadenfroh
(conspiracy theory): Symantec wants to sell its products to Mac users, therefore they need a few viruses for the operating system.

I like it, but it lacks teeth. Needs more linking in to big oil, the Bush administration, and 9/11. :p
 

rudder

Lifer
Nov 9, 2000
19,441
86
91
Originally posted by: Schadenfroh
(conspiracy theory): Symantec wants to sell its products to Mac users, therefore they need a few viruses for the operating system.

conspiracy theory II - Microsoft has a whole group of virus writers targeting the Mac now that they have moved to Intel.
 

zephyrprime

Diamond Member
Feb 18, 2001
7,512
2
81
Most likely the widespread low level knowledge of the x86 architechture is now now being leveraged for the new Macs.
 

FreshPrince

Diamond Member
Dec 6, 2001
8,361
1
0
good! I hope virus writers all move to MAC OSX and all variations of 'nix and leave us poor M$ guys along! ;)

I mean linux and OSX are 1337 now right? please move to these OSes and stop bugging us M$ folks :p
 

funboy6942

Lifer
Nov 13, 2001
15,309
393
126
Originally posted by: Schadenfroh
(conspiracy theory): Symantec wants to sell its products to Mac users, therefore they need a few viruses for the operating system.

I feel they are the orginators of viruses just so they can sell thier products. And what a way to tap into more billions of dollars then to have your team make one up to scare the mac users into buying thier products now as well ;)
 

chcarnage

Golden Member
May 11, 2005
1,751
0
0
Mac viruses have existed in the Mac OS Classic era, to a very low degree. There have been about 35 viruses between 1984 and 2001. Anyway as a long-time Mac user, I've never encountered any of them.

Since the arrival of OS X, there have been zero, I repeat: zero viruses or exploits that need little or no user interaction to infect and to spread (read: anything that doesn't include the download of a file or entering the Admin password).

What happened here is that every six months some Antivirus company or individuals make a press release and certain media go all "omg first post" over it. Sophos and Symantec already have some entries of OS X "viruses" in their database that either are non-propagative proof of concepts or that aren't known at all anywhere else.

Installing antivirus software on a Mac means to waste money on a pretty firewall GUI and a database of tens of thousands of viruses that can't even infect your OS.

Don't understand me wrong, no OS is perfect and it is possible that one day OS X will face a potent malware. Recently Safari met with criticism for an automatic decompression feature for downloaded files and proof of concepts are there for a reason. But discussing such weaknesses and speaking of malware that combines destructive and reproductive abilities are two different things and the latter did not happen in OS X so far.

Messages of so-called OS viruses are often poor on details (Instead, a window opened on the screen and strange commands ran as if the machine was under the control of someone ? or something ? else. -- Is that a quote from a security expert or an Ellen Feiss commercial?), as are the already mentioned OS X malware documentations of Antivirus companies.

I also disagree with the idea that the switch to x86 makes it easier to write malware for OS X. The OS matters, not the architecture, i believe.

Those interested can follow this topic at slashdot, where many users have a similar opinion than I, and explain it better.

One option to increase security on a Mac may be to not use Safari (and maybe Apple Mail), because Safari is the dominant browser on OS X these days (monoculture argument) and because of the recent critics. Mac Antivirus software is a joke. Another good way to avoid viruses is to not install Boot Camp. ;)