How-To Geek
Week in Geek: The Macs Have Viruses Too Edition
We’ve all seen the Mac vs PC ads mocking us, claiming that Macs never get viruses. If that were true, there wouldn’t be a botnet of infected Macs completely controlled by unknown hackers.
Botnet? Infected Macs? What?
Security researchers at Symantec recently discovered a group of thousands of Mac OS X computers infected with a trojan horse application embedded in pirated copies of iWork 09.
The infected users had installed the software without scanning it for viruses, no doubt in part because of Apple’s commercials implying that Mac users don’t need to worry about security.
Once the hacker managed to get his malware installed on these zombie Mac computers, the entire group was fully under his control – and he began to use them to attack web sites, but they could be used for other, more nefarious purposes: like sending spam!
Wait, a Mac can get a virus?
That’s exactly right: no operating system is immune to viruses, worms, trojans, or even spyware. To be fair, the vast majority of all malware targets Windows users, especially unpatched and horribly insecure Windows XP machines – but that doesn’t mean other platforms can’t or won’t get viruses, especially as Apple gains market share and attracts the notice of the hackers.
My problem with this whole story is that Mac users should be educated – you simply cannot download software from BitTorrent and start using it without doing a virus scan first, and Apple should stop mocking security in their commercials.
But this Hack Required User Intervention, it’s Not Apple’s Fault!
That’s quite true! This problem was caused by users downloading software illegally, entering their admin password, and installing it by choice. Hardly Apple’s fault.
But… this is part of a broader issue: Lying about security features will not keep the hackers away! Apple needs to take security more seriously, or else they will run into the same problem that Microsoft did with Windows XP: massive virus/worm infections across the board, and millions of zombie computers sending us spam.
Case in point: last month, a couple of hackers were able to crack a fully patched MacBook in a few seconds, requiring nothing more than clicking on a link using the built-in Safari web browser. If Mac users are conditioned into thinking that they don’t need to worry about security, these types of attacks could escalate in the future.
Perhaps it’s time to recommend security software to Mac users?
Think Botnet – the Wallpaper!
In honor of the first Mac-powered botnet, I’ve created some wallpaper images for your enjoyment =)
Just click on the thumbnails to download the full wallpaper, designed for 1680×1050 resolution. Yes, it’s silly.
Interesting Random Stuff We Found This Week
Here’s a few things that we found this week while wasting our time browsing the web:
- Curveball Flash Game
It’s like a 3D version of Pong, in a web browser. It’s silly and fun and there are way too many ads on the page. - Tutorial: Disable the Digg Toolbar Forever
Our own Mysticgeek writes up how to disable that irritating Digg toolbar, although it should be noted that Digg recently turned it off by default unless you are logged in. - How to change your foldericons, using an *.icl
Sarah, one our our forum moderators, writes up a great post explaining how to change the icons for any folder using an ICL (Icon Library) file. - Windows 7 Release Candidate 1′s Best Surprise New Features
Gizmodo writes up the latest features in the upcoming RC – including some very weird wallpapers. - Windows XP Mode for Windows 7 Screens
The latest breaking news is the secret feature Microsoft added in the upcoming Win7 RC: they will bundle a virtualized copy of XP into Windows 7, so you can use old XP applications in Windows 7 natively. Paul Thurrott has a screenshot tour.
The How-To Geek on Lifehacker
In my other home at Lifehacker, I write lots of short articles linking to various interesting software packages. Here’s a few of my favorites from this week.
- Hack Your Voicemail to Save Time
How many valuable seconds have you lost wading through your slow voicemail prompts just to delete a message you didn’t really need to listen to in the first place? - Lesser-Known Firefox Feature Slows Down Mouse Wheel Scrolling Speed
Ever wanted to slow down the speed when using the mouse-wheel to scroll through a page? - The Aero Geek Firefox Customization
The default Firefox theme doesn’t match Windows Vista very well—but with a few extensions and a Stylish script, you can customize Firefox to use a slick, well-integrated look with Vista Aero transparency effects. - First Look at Ubuntu 9.04 Jaunty Jackalope
This article was written by another Lifehacker contributor, but it’s an interesting look at the newest Ubuntu version. - Google Calendar Agenda Puts Your Schedule in the Vista Sidebar
Sidebar gadget Google Calendar Agenda adds quick access to your calendar right in your Windows Vista sidebar.
Latest Reviews at How-To Geek
Our software reviews section continues to grow, thanks to the excellent work by associate editor Mysticgeek. Here are the newest reviews this week:
| Malwarebytes Anti-Malware
The Good: Fast and effective at detecting and removing malicious software The Bad: License required for real-time protection and scheduled scans |
|
| Replay Music
The Good: Records high quality audio MP3 or WAV files from any internet source. Very easy to use The Bad: Recording to other types of music formats would be welcome |
|
Vipre Anti-virus + Anti-spywareThe Good: Runs very light, taking up few resources making it a perfect choice for netbooks and older systems. Liberal licensing policy. Compatible with Windows 7 |
|
You can always check out the latest reviews by clicking on the Reviews link on the HTG site menu, or at the bottom of the daily articles.
The Daily Articles
Just in case you missed them, here’s the list of daily articles from the week.
- Great Sounding Music and Skin Possibilities with Xion
- How To Manage Action Center in Windows 7
- Change Folder Colors and Themes with Folderico
- How to Send Large Files in Outlook with YouSendIt
- Friday Fun: Watch HD Video Content with Meevid
We finally hit 10,000 Email Subscribers!
At some point in the last few hours, the 10,000th daily email subscriber confirmed their subscription. Sweet!
Got Feedback? Join the discussion at discuss.howtogeek.com
Comments (28)
Programmer by day, geek by night, The Geek, also known as Lowell Heddings, spends all his free time bringing you fresh geekery on a daily basis. You can follow him on Google+ if you'd like.
- Published 04/25/09
Spot on the money. It’s good you cleared that up. :)
nice, but seriously, this is a trojan and the people were doing something illegal. Maybe you can celebrate when the first worm comes out for mac or linux, you know, something with no user intervention.
It’s pretty sad when the person writing an article on a Geek website doesn’t even know what a computer virus is!
Wikipedia: A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner.
The botnet (if it really exists, I tend to believe it does) was created via Trojan Horse
Wikipedia: The Trojan horse describes a class of computer threats (malware) that appears to perform a desirable function but in fact performs undisclosed malicious functions that allow unauthorized access to the host machine
The vast majority of Mac users understand that it is theoretically possible to get a virus / worm on a Mac but know that in reality it does not happen.
If a user is stupid enough to download, install AND enter an Administration level password for software from a non-trusted source than they should absolutely be using security software.
I choose to run without virus software on my Mac because I don’t believe I am at risk (i.e. there has NEVER been a virus in the wild for Mac OS X). If things change, so will I. I am not a zealot, just a realist.
@sfmitch
Oh give me a break! I know very well the difference between each type of malware.
The fact is, the lines are blurred between all the different definitions:
A trojan horse is actually a program BUILT SOLELY for the purposes of tricking the user, as the ancient story goes – they didn’t just find a giant wooden horse sitting around and hide in it. A virus is a program that infects another application, in this case the legitimate iWork was infected with a virus that acted more like a typical trojan horse does, but would still then technically be a virus…
And you know what else?
IT DOESN’T MATTER! IT’S ALL MALWARE!
Stop debating semantics. Almost all infections happen because of user interaction installing something dumb or users failing to patch their machines so they are vulnerable. You can debate the semantics of one “type” vs another “type”, but it always comes down to a lack of user education.
It’s also worth mentioning that security consultants (like the one who cracked the aforementioned MacBook) agree that Macs are in some ways *more* vulnerable to malware (including proper viruses and worms) than computers running Vista or Windows 7. They remain secure for the moment simply because there aren’t enough Mac users to merit an attack.
The primary reason for this insecurity is Apple has chosen not to implement a fairly basic safeguard: separating executable memory from data memory. This feature has been available in Linux for years and has been implemented in Windows since Vista (though, it may have been earlier). While it does cause problems for some applications like the Java Virtual Machine and any compiled OCaml apps (F# not included), most well-behaved applications remain completely oblivious to its effects. In a nutshell, this feature ensures that buffer overflows — a common attack vector in C/C++ applications — cannot lead to the execution of arbitrary code. Since arrays would be in the data memory, and data memory cannot be executed, the overflow would never be able to inject any harmful instructions into the executable process.
There’s really nothing preventing Apple from implementing this (and other) basic security measure. BSD, which is the basis for the Darwin kernel, already has support AFAIK, just as Linux does. To be honest though, I think Apple itself is getting a little complacent about security. It seems they’ve been spending too much time watching their own ads.
@the geek: agreed fully to this post. I hate Mac users with the smug look on their faces whenever there is a widespread virus attack on Windows computers. As far as i know, Mac uses an old BSD core which, upon being attacked, will be exploited easily. And as much as I love the Mac’s hardware, i hate the Apple’s philosophy and MacOS. I think i will buy a Mac laptop and install Puppy Linux on it just to piss those arrogant Mac users off.
@Sfmitch:
“The vast majority of Mac users understand that it is theoretically possible to get a virus / worm on a Mac but know that in reality it does not happen.”
I’m sorry, but the last time i checked 9 out of 10 MAC users i know ARE NOT AWARE that MAC can be infected by virus. Common replies are:
“But MAC is so nice”
“I love my MAC”
“Windows has a lot of problem”
I have to add my two cents to this story:
I was once a system manager in an organization where they had an awful mixed network, with Macs nudging shoulders with PCs. You can imagine that everything was fine until there was a virus scare. Trouble was: the viruses would be harbored by and invisible to the Macs, but very contagious to the PCS (on the same network.) This made detection difficult, although we could pretty much figure out where they were coming from!
You can imagine that Microsoft told us to get rid of the Macs and Apple told us that the PCs were no good. Hardly my idea of symbiosis in connective support. But it didn’t surprise me! In a lot of this you are pretty much in your own. And in those days, there was no friendly How-to-Geek to turn to!
:)
But, that it did require user intervention to install the trojan _does_ make all the difference. The fact that the particular torrent carrying the trojan said, repeatedly “WARNING: CONTAINS TROJAN” should have tipped off the users that the package contained a TROJAN.
Any OS should not be pushed as insecure to any degree just because an idiot user downloads an application with a known trojan when Apple had the same download (w/o the trojan), opened the file, and when asked to install the trojan, clicked yes.
Now, advertising that MacOS does not have a seperate memory for data and for programs is an excellent argument against MacOS security. Pointing out that a fully patched MacBook could be cracked in seconds is an excellent arguement against MacOS security. Telling Apple it needs to stop lying about security because you are able to tell MacOS that you really really want to install a trojan is not an excellent argument against MacOS security and probably serves to discredit.
The same applies for Windows. The argument “I hate because it lets me install trash that mucks up my system and causes problems,” holds no water.
Wow! The Apple hate is thick here. Not that Apple hate surprises me at all, just wouldn’t expect it on a site whose tag-line is “Computer help from your friendly how-to Geek.” Oh well.
That said, the relative “openness” of the Windows platform, which by and large has lead to its dominance in the market, is also its Achilles heel which makes it an easier and more seductive target than a Mac.
On the flip side, the relative restrictiveness nature of the Apple platform has relegated it to a smaller market, making it more difficult to infect with malware and a less attractive target than PCs. That market is growing, however changing the attractiveness.
I use both a Mac and a PC. Until about a year ago I was solely dedicated to the PC until a Mac-head convinced my to at least try a Mac. (Until then I had no first hand experience and just parroted what I heard elsewhere and my own preconceived notions.) After trying one, I found the experience was not at all what I expected.
I will almost certainly never switch entirely to a Mac, but I’ve found the Mac to be a powerful yet easy to use platform that has, at a minimum, helped increase my knowledge about computing and given my another tool to accomplish my job. At best, the Mac has reminded me that working with computers and discovering new things with them can be fun.
And that is what got me in into the computer business in the first place.
@Ed
We don’t hate Apple around here. We just wanted to make sure people aren’t manipulated by slick marketing teams into believing something that isn’t true.
Everybody needs to be careful and follow safe downloading practices, even Mac users.
@ The Geek
“We don’t hate Apple around here.”
Frankly, gloating about a trojan, creating a mocking wallpaper, and stating that Apple is “lying” about their security (when it can easily be debateable that they aren’t) doesn’t really scream to me that you’re on their side. Neither does complaining that the Mac ads are “mocking us.” But that’s okay.
“We just wanted to make sure people aren’t manipulated by slick marketing teams into believing something that isn’t true.”
You’re certainly welcome to do so. But with that said, Apple hasn’t exactly been “claiming that Macs never get viruses.” What they have said is that Apples are much less susceptible to viruses than PCs. They also state that macs are “Yes, a Mac is 100 percent safe from viruses designed to attack PCs.” (Well, duh.) Apple has walked a very fine line in not saying they don’t get viruses.
Granted it would be easy to infer from the commercials that the Mac was entirely safe. In fact, I’m sure they are counting on that. Deceptive? Perhaps. But no more so than basing the assumption that one could make that every USB item plugged into a PC it would work right every time and a PC can be fully managed and operated by a cute four year old.
In both cases the computer requires an educated user, which I’m sure all us techie types can agree is the exception and not the rule. (If it were the rule, there would be less need for us, so on some selfish level, I’m thankful that more people aren’t educated.)
However, I think that Apple is justified in saying that Macs are less susceptible to malware than their PC counterparts.
“Everybody needs to be careful and follow safe downloading practices, even Mac users.”
Agreed. Sadly, again, I think that’s the exception rather than the rule regardless of OS or computer type.
Oh, one other thing….after dealing with 200 PCs day in and day, going home to work with my MacBook is a welcome relief if for not other reason than it’s something different.
Ok I may be wrong here, but isn’t the purpose of most ad ware, malware whatever you want to call it, for advertising? Now lets think about it here how many people use pc vs mac, wouldn’t you want to create most programs to works on on pc due to the majority of people using them over mac? The point is if you want to be safe on what your downloading scan it before you open it, its more about common scene than anything.
I might add
Mac OS X was hacked in 2006 under 30 minutes, and hacked within 2 minutes in a contest in 2008. Linux and Vista were not able to be hacked until another day when restrictions were lowered.Maybe all you mac user should re think your security your biggest downfall is going to be that you think your safe.
sorry to stir the pot, but aren’t macs PC’s too. Last time i checked PC stood for personal computer. it does not matter what OS there is: XP, Vista, OS X, Ubuntu. they are all on computers used by your person, are they not? Even in the documentary, Welcome to Macintosh, they call macs PC’s as they are a personal computer. i never understood the logic of calling the 2 different. yes mac may have their own hardware but please, i can get OS x loaded on a comp suited for Windows. and yes Macs are very accessible by virus’ of any sort. i’m just waiting for the day when ‘MACS’ do get attacked. it will not be nice. And in case you were wondering, I do prefer MAC over windows. But we all need to start thinking that we are not as invincible as week think we are!
Glad I use a Linux PC AND safe computing habits. (and yes, I run clamAv in the background. I work with Windows PC’s day in and day out, I know that AV isn’t an option [even on linux PC's or mac PC's])
It is not all that surprising that Mac PC’s have a botnet. I work with (and for) mac users and they are not the most, um, kind to their Mac PC’s. They are also not kind to my Windows PC’s either. Ah another day in the life i guess.
@Eh Hands:
“Frankly, gloating about a trojan, creating a mocking wallpaper, and stating that Apple is “lying” about their security (when it can easily be debateable that they aren’t) doesn’t really scream to me that you’re on their side. Neither does complaining that the Mac ads are “mocking us.” But that’s okay.”
So… care to tell me who starts the flame war about OSes first?
Apple, or Apple, or Apple?
Who, in their ads, think of PC users as dorky nerds wearing thick glasses and outdated outfit? Who differentiated PC and Macs (though they are both technically the same thing)?
Food for thought:
Do you still call a Mac with Linux installed on it a Mac?
Actually if you look at Mac’s history it really wasnt till the iMac that they really became a PC if i am not wrong. Thats when they started using the same components as our PC’s. but yes in a way you are right its not the pc but the OS and seriously I can see in the very near future a virus written for mac, already a trojan out there. Well the way I see it too is I feel for the music and movie industry when a virus really hits since those seem to be the industries that primarily use macs. Hmmmm1 A virus to start downloading movies before they even hit the screen????
System security only goes do far. Most trouble is caused by idiots going where they shouldn’t and being reckless. Do Mac ads lull their followers into a stupor? Perhaps, but then they’re still idiots to be so easily influenced as to believe a commercial advertisement without question or reservation.
Depending on where you live, you might have to check your slippers for scorpions each morning before slipping them on. Similarly, if you roam about the dregs of the Internet, you have to watch for malware. The arguments over which slipper the scorpions find most comfortable or which are the roomiest, etc., means nothing if some fool steps right in without shaking the critter out first.
I’m amused by this, but that’s merely because I’m amused whenever fanboys get maligned, and Macs seem to have more than their fair share of fanboys.
I’m a Mac fanhead, converting 20 years ago to Apple after the IBM PC and a Wang before that.
I have installed and managed over 200 Macs at my company, and never has there been a virus problem.
On the other hand, my 3 Windows computers crash pretty much weekly.
The difference between a Trojan and a virus isn’t just semantic, it’s critical. People who steal software deserve what they get; buying original software for the Mac has never been the cause of any problems. Just visiting a tainted website can force you to reformat a Windows machine.
@ drew palmer
Well no wonder your Macs haven’t crashed as you just stated yourself you buy the original software for your Mac so what’s there to worry about? there isn’t a lot of virus out for Macs, we have already explained this, for your pcs it sounds like you have no idea what you’re doing, The point is Mac is going to catch up to windows with the virus, Trojans etc it’s just going to be time. I just used avira free edition virus program and it does the job. Just scan what you download & you will be fine.
Old but good article
http://news.bbc.co.uk/1/hi/technology/4609968.stm
“The difference between a Trojan and a virus isn’t just semantic, it’s critical. People who steal software deserve what they get; buying original software for the Mac has never been the cause of any problems. Just visiting a tainted website can force you to reformat a Windows machine. ”
erm, does it mean that even if i download a pirated software for Mac, my mac will COMPLETELY FIGHT OFF THE VIRUS?
and i dont get the shit about Mac users’ windows machines hanging all the time O_O do they BREED virus in their HDD?
@ Aoi_sora9x -
Obviously if you give a program permissions to install and run, a Mac or Linux won’t fight off any virus because it just thinks it’s a program. This is the type of security that was finally built into Vista, where a program had to ask to be installed. It’s the hijackings and worms that Macs and Linux are protected from.
I’m Windows admin have always run windows or linux and they don’t jsut blue screen or need to be reformatted every day, but just started using a Mac at home about 2 months ago, Apple is definitely delivering a better out of the box product.
Don’t get to crazy on the “I’ve used macs all my life” guys, they really don’t know what it’s like to have to worry about crap like conflickr.
nobody said macs were completely immune to viruses, in fact the very first computer virus was written for mac os……
sfmitch, how are you going to use Wikipedia as a resource? I could put under the definition of a hot dog they are all green. Anyone can re-write it. Duh!
i dont know why you’re all making such a big deal about this, theres STILL barely any mac viruses out there anyways.
The fact is, is that I’ve had a mac for over 3 years and have never once gotten a virus. I download all the time as well. I had a pc before that and got virus all the time even with AVG, norton, mcaffe. All I know is that ever since i had my mac i download and have never worried about a virus. As well, look who released the leak that there were trojans? An antivirus company? Please tell me everyone else here isn’t that blind?
This article pretty much boils down to windows users anxiously waiting for the internet to be as ramped with mac viruses as much as windows viruses. I will live in bliss until that day comes :) thats why I love my mac
This botnet may infects thousands of Macs, but that’s a drop in the pond compared to the botnets that infect millions of Windows PCs.
http://en.wikipedia.org/wiki/Botnet