SEARCH

How-To Geek

Week in Geek: The Macs Have Viruses Too Edition

We’ve all seen the Mac vs PC ads mocking us, claiming that Macs never get viruses. If that were true, there wouldn’t be a botnet of infected Macs completely controlled by unknown hackers.

Sick Mac Computer

Botnet? Infected Macs? What?

Security researchers at Symantec recently discovered a group of thousands of Mac OS X computers infected with a trojan horse application embedded in pirated copies of iWork 09.

The infected users had installed the software without scanning it for viruses, no doubt in part because of Apple’s commercials implying that Mac users don’t need to worry about security.

Once the hacker managed to get his malware installed on these zombie Mac computers, the entire group was fully under his control – and he began to use them to attack web sites, but they could be used for other, more nefarious purposes: like sending spam!

Wait, a Mac can get a virus?

That’s exactly right: no operating system is immune to viruses, worms, trojans, or even spyware. To be fair, the vast majority of all malware targets Windows users, especially unpatched and horribly insecure Windows XP machines – but that doesn’t mean other platforms can’t or won’t get viruses, especially as Apple gains market share and attracts the notice of the hackers.

My problem with this whole story is that Mac users should be educated – you simply cannot download software from BitTorrent and start using it without doing a virus scan first, and Apple should stop mocking security in their commercials.

But this Hack Required User Intervention, it’s Not Apple’s Fault!

That’s quite true! This problem was caused by users downloading software illegally, entering their admin password, and installing it by choice. Hardly Apple’s fault.

But… this is part of a broader issue: Lying about security features will not keep the hackers away! Apple needs to take security more seriously, or else they will run into the same problem that Microsoft did with Windows XP: massive virus/worm infections across the board, and millions of zombie computers sending us spam.

Case in point: last month, a couple of hackers were able to crack a fully patched MacBook in a few seconds, requiring nothing more than clicking on a link using the built-in Safari web browser. If Mac users are conditioned into thinking that they don’t need to worry about security, these types of attacks could escalate in the future.

Perhaps it’s time to recommend security software to Mac users?

Think Botnet – the Wallpaper!

In honor of the first Mac-powered botnet, I’ve created some wallpaper images for your enjoyment =)

 Think Botnet Think Botnet - Black

Just click on the thumbnails to download the full wallpaper, designed for 1680×1050 resolution. Yes, it’s silly.

Interesting Random Stuff We Found This Week

Here’s a few things that we found this week while wasting our time browsing the web:

The How-To Geek on Lifehacker

In my other home at Lifehacker, I write lots of short articles linking to various interesting software packages. Here’s a few of my favorites from this week.

Latest Reviews at How-To Geek

Our software reviews section continues to grow, thanks to the excellent work by associate editor Mysticgeek. Here are the newest reviews this week:

Malwarebytes Anti-Malware

The Good: Fast and effective at detecting and removing malicious software

The Bad: License required for real-time protection and scheduled scans

Read the Full Review…

Replay Music

The Good: Records high quality audio MP3 or WAV files from any internet source. Very easy to use

The Bad: Recording to other types of music formats would be welcome

Read the Full Review…

Vipre Anti-virus + Anti-spyware

The Good: Runs very light, taking up few resources making it a perfect choice for netbooks and older systems. Liberal licensing policy. Compatible with Windows 7

Read the Full Review…

You can always check out the latest reviews by clicking on the Reviews link on the HTG site menu, or at the bottom of the daily articles.

The Daily Articles

Just in case you missed them, here’s the list of daily articles from the week.

We finally hit 10,000 Email Subscribers!

At some point in the last few hours, the 10,000th daily email subscriber confirmed their subscription. Sweet!

Lowell Heddings, better known online as the How-To Geek, spends all his free time bringing you fresh geekery on a daily basis. You can follow him on if you'd like.

  • Published 04/25/09

Comments (28)

  1. EVGAMartin

    Spot on the money. It’s good you cleared that up. :)

  2. chris

    nice, but seriously, this is a trojan and the people were doing something illegal. Maybe you can celebrate when the first worm comes out for mac or linux, you know, something with no user intervention.

  3. sfmitch

    It’s pretty sad when the person writing an article on a Geek website doesn’t even know what a computer virus is!

    Wikipedia: A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner.

    The botnet (if it really exists, I tend to believe it does) was created via Trojan Horse

    Wikipedia: The Trojan horse describes a class of computer threats (malware) that appears to perform a desirable function but in fact performs undisclosed malicious functions that allow unauthorized access to the host machine

    The vast majority of Mac users understand that it is theoretically possible to get a virus / worm on a Mac but know that in reality it does not happen.

    If a user is stupid enough to download, install AND enter an Administration level password for software from a non-trusted source than they should absolutely be using security software.

    I choose to run without virus software on my Mac because I don’t believe I am at risk (i.e. there has NEVER been a virus in the wild for Mac OS X). If things change, so will I. I am not a zealot, just a realist.

  4. The Geek

    @sfmitch

    Oh give me a break! I know very well the difference between each type of malware.

    The fact is, the lines are blurred between all the different definitions:

    A trojan horse is actually a program BUILT SOLELY for the purposes of tricking the user, as the ancient story goes – they didn’t just find a giant wooden horse sitting around and hide in it. A virus is a program that infects another application, in this case the legitimate iWork was infected with a virus that acted more like a typical trojan horse does, but would still then technically be a virus…

    And you know what else?

    IT DOESN’T MATTER! IT’S ALL MALWARE!

    Stop debating semantics. Almost all infections happen because of user interaction installing something dumb or users failing to patch their machines so they are vulnerable. You can debate the semantics of one “type” vs another “type”, but it always comes down to a lack of user education.

  5. Daniel Spiewak

    It’s also worth mentioning that security consultants (like the one who cracked the aforementioned MacBook) agree that Macs are in some ways *more* vulnerable to malware (including proper viruses and worms) than computers running Vista or Windows 7. They remain secure for the moment simply because there aren’t enough Mac users to merit an attack.

    The primary reason for this insecurity is Apple has chosen not to implement a fairly basic safeguard: separating executable memory from data memory. This feature has been available in Linux for years and has been implemented in Windows since Vista (though, it may have been earlier). While it does cause problems for some applications like the Java Virtual Machine and any compiled OCaml apps (F# not included), most well-behaved applications remain completely oblivious to its effects. In a nutshell, this feature ensures that buffer overflows — a common attack vector in C/C++ applications — cannot lead to the execution of arbitrary code. Since arrays would be in the data memory, and data memory cannot be executed, the overflow would never be able to inject any harmful instructions into the executable process.

    There’s really nothing preventing Apple from implementing this (and other) basic security measure. BSD, which is the basis for the Darwin kernel, already has support AFAIK, just as Linux does. To be honest though, I think Apple itself is getting a little complacent about security. It seems they’ve been spending too much time watching their own ads.

  6. Aoi_sora9x

    @the geek: agreed fully to this post. I hate Mac users with the smug look on their faces whenever there is a widespread virus attack on Windows computers. As far as i know, Mac uses an old BSD core which, upon being attacked, will be exploited easily. And as much as I love the Mac’s hardware, i hate the Apple’s philosophy and MacOS. I think i will buy a Mac laptop and install Puppy Linux on it just to piss those arrogant Mac users off.

    @Sfmitch:
    “The vast majority of Mac users understand that it is theoretically possible to get a virus / worm on a Mac but know that in reality it does not happen.”

    I’m sorry, but the last time i checked 9 out of 10 MAC users i know ARE NOT AWARE that MAC can be infected by virus. Common replies are:

    “But MAC is so nice”
    “I love my MAC”
    “Windows has a lot of problem”

  7. stevetuf

    I have to add my two cents to this story:

    I was once a system manager in an organization where they had an awful mixed network, with Macs nudging shoulders with PCs. You can imagine that everything was fine until there was a virus scare. Trouble was: the viruses would be harbored by and invisible to the Macs, but very contagious to the PCS (on the same network.) This made detection difficult, although we could pretty much figure out where they were coming from!

    You can imagine that Microsoft told us to get rid of the Macs and Apple told us that the PCs were no good. Hardly my idea of symbiosis in connective support. But it didn’t surprise me! In a lot of this you are pretty much in your own. And in those days, there was no friendly How-to-Geek to turn to!

    :)

  8. Abbie

    But, that it did require user intervention to install the trojan _does_ make all the difference. The fact that the particular torrent carrying the trojan said, repeatedly “WARNING: CONTAINS TROJAN” should have tipped off the users that the package contained a TROJAN.

    Any OS should not be pushed as insecure to any degree just because an idiot user downloads an application with a known trojan when Apple had the same download (w/o the trojan), opened the file, and when asked to install the trojan, clicked yes.

    Now, advertising that MacOS does not have a seperate memory for data and for programs is an excellent argument against MacOS security. Pointing out that a fully patched MacBook could be cracked in seconds is an excellent arguement against MacOS security. Telling Apple it needs to stop lying about security because you are able to tell MacOS that you really really want to install a trojan is not an excellent argument against MacOS security and probably serves to discredit.

    The same applies for Windows. The argument “I hate because it lets me install trash that mucks up my system and causes problems,” holds no water.

  9. Ed Hands

    Wow! The Apple hate is thick here. Not that Apple hate surprises me at all, just wouldn’t expect it on a site whose tag-line is “Computer help from your friendly how-to Geek.” Oh well.

    That said, the relative “openness” of the Windows platform, which by and large has lead to its dominance in the market, is also its Achilles heel which makes it an easier and more seductive target than a Mac.

    On the flip side, the relative restrictiveness nature of the Apple platform has relegated it to a smaller market, making it more difficult to infect with malware and a less attractive target than PCs. That market is growing, however changing the attractiveness.

    I use both a Mac and a PC. Until about a year ago I was solely dedicated to the PC until a Mac-head convinced my to at least try a Mac. (Until then I had no first hand experience and just parroted what I heard elsewhere and my own preconceived notions.) After trying one, I found the experience was not at all what I expected.

    I will almost certainly never switch entirely to a Mac, but I’ve found the Mac to be a powerful yet easy to use platform that has, at a minimum, helped increase my knowledge about computing and given my another tool to accomplish my job. At best, the Mac has reminded me that working with computers and discovering new things with them can be fun.

    And that is what got me in into the computer business in the first place.

  10. The Geek

    @Ed

    We don’t hate Apple around here. We just wanted to make sure people aren’t manipulated by slick marketing teams into believing something that isn’t true.

    Everybody needs to be careful and follow safe downloading practices, even Mac users.

  11. Ed Hands

    @ The Geek
    “We don’t hate Apple around here.”

    Frankly, gloating about a trojan, creating a mocking wallpaper, and stating that Apple is “lying” about their security (when it can easily be debateable that they aren’t) doesn’t really scream to me that you’re on their side. Neither does complaining that the Mac ads are “mocking us.” But that’s okay.

    “We just wanted to make sure people aren’t manipulated by slick marketing teams into believing something that isn’t true.”

    You’re certainly welcome to do so. But with that said, Apple hasn’t exactly been “claiming that Macs never get viruses.” What they have said is that Apples are much less susceptible to viruses than PCs. They also state that macs are “Yes, a Mac is 100 percent safe from viruses designed to attack PCs.” (Well, duh.) Apple has walked a very fine line in not saying they don’t get viruses.

    Granted it would be easy to infer from the commercials that the Mac was entirely safe. In fact, I’m sure they are counting on that. Deceptive? Perhaps. But no more so than basing the assumption that one could make that every USB item plugged into a PC it would work right every time and a PC can be fully managed and operated by a cute four year old.

    In both cases the computer requires an educated user, which I’m sure all us techie types can agree is the exception and not the rule. (If it were the rule, there would be less need for us, so on some selfish level, I’m thankful that more people aren’t educated.)

    However, I think that Apple is justified in saying that Macs are less susceptible to malware than their PC counterparts.

    “Everybody needs to be careful and follow safe downloading practices, even Mac users.”

    Agreed. Sadly, again, I think that’s the exception rather than the rule regardless of OS or computer type.

  12. Ed Hands

    Oh, one other thing….after dealing with 200 PCs day in and day, going home to work with my MacBook is a welcome relief if for not other reason than it’s something different.

  13. bobbylight

    Ok I may be wrong here, but isn’t the purpose of most ad ware, malware whatever you want to call it, for advertising? Now lets think about it here how many people use pc vs mac, wouldn’t you want to create most programs to works on on pc due to the majority of people using them over mac? The point is if you want to be safe on what your downloading scan it before you open it, its more about common scene than anything.

    I might add

    Mac OS X was hacked in 2006 under 30 minutes, and hacked within 2 minutes in a contest in 2008. Linux and Vista were not able to be hacked until another day when restrictions were lowered.Maybe all you mac user should re think your security your biggest downfall is going to be that you think your safe.

  14. Ken

    sorry to stir the pot, but aren’t macs PC’s too. Last time i checked PC stood for personal computer. it does not matter what OS there is: XP, Vista, OS X, Ubuntu. they are all on computers used by your person, are they not? Even in the documentary, Welcome to Macintosh, they call macs PC’s as they are a personal computer. i never understood the logic of calling the 2 different. yes mac may have their own hardware but please, i can get OS x loaded on a comp suited for Windows. and yes Macs are very accessible by virus’ of any sort. i’m just waiting for the day when ‘MACS’ do get attacked. it will not be nice. And in case you were wondering, I do prefer MAC over windows. But we all need to start thinking that we are not as invincible as week think we are!

  15. senshikaze

    Glad I use a Linux PC AND safe computing habits. (and yes, I run clamAv in the background. I work with Windows PC’s day in and day out, I know that AV isn’t an option [even on linux PC's or mac PC's])
    It is not all that surprising that Mac PC’s have a botnet. I work with (and for) mac users and they are not the most, um, kind to their Mac PC’s. They are also not kind to my Windows PC’s either. Ah another day in the life i guess.

  16. Aoi_sora9x

    @Eh Hands:
    “Frankly, gloating about a trojan, creating a mocking wallpaper, and stating that Apple is “lying” about their security (when it can easily be debateable that they aren’t) doesn’t really scream to me that you’re on their side. Neither does complaining that the Mac ads are “mocking us.” But that’s okay.”

    So… care to tell me who starts the flame war about OSes first?

    Apple, or Apple, or Apple?

    Who, in their ads, think of PC users as dorky nerds wearing thick glasses and outdated outfit? Who differentiated PC and Macs (though they are both technically the same thing)?

    Food for thought:
    Do you still call a Mac with Linux installed on it a Mac?

  17. Urichhai

    Actually if you look at Mac’s history it really wasnt till the iMac that they really became a PC if i am not wrong. Thats when they started using the same components as our PC’s. but yes in a way you are right its not the pc but the OS and seriously I can see in the very near future a virus written for mac, already a trojan out there. Well the way I see it too is I feel for the music and movie industry when a virus really hits since those seem to be the industries that primarily use macs. Hmmmm1 A virus to start downloading movies before they even hit the screen????

  18. TheAsterisk!

    System security only goes do far. Most trouble is caused by idiots going where they shouldn’t and being reckless. Do Mac ads lull their followers into a stupor? Perhaps, but then they’re still idiots to be so easily influenced as to believe a commercial advertisement without question or reservation.
    Depending on where you live, you might have to check your slippers for scorpions each morning before slipping them on. Similarly, if you roam about the dregs of the Internet, you have to watch for malware. The arguments over which slipper the scorpions find most comfortable or which are the roomiest, etc., means nothing if some fool steps right in without shaking the critter out first.
    I’m amused by this, but that’s merely because I’m amused whenever fanboys get maligned, and Macs seem to have more than their fair share of fanboys.

  19. Drew Palmer

    I’m a Mac fanhead, converting 20 years ago to Apple after the IBM PC and a Wang before that.

    I have installed and managed over 200 Macs at my company, and never has there been a virus problem.

    On the other hand, my 3 Windows computers crash pretty much weekly.

    The difference between a Trojan and a virus isn’t just semantic, it’s critical. People who steal software deserve what they get; buying original software for the Mac has never been the cause of any problems. Just visiting a tainted website can force you to reformat a Windows machine.

  20. bobbylight

    @ drew palmer

    Well no wonder your Macs haven’t crashed as you just stated yourself you buy the original software for your Mac so what’s there to worry about? there isn’t a lot of virus out for Macs, we have already explained this, for your pcs it sounds like you have no idea what you’re doing, The point is Mac is going to catch up to windows with the virus, Trojans etc it’s just going to be time. I just used avira free edition virus program and it does the job. Just scan what you download & you will be fine.

    Old but good article

    http://news.bbc.co.uk/1/hi/technology/4609968.stm

  21. Aoi_sora9x

    “The difference between a Trojan and a virus isn’t just semantic, it’s critical. People who steal software deserve what they get; buying original software for the Mac has never been the cause of any problems. Just visiting a tainted website can force you to reformat a Windows machine. ”

    erm, does it mean that even if i download a pirated software for Mac, my mac will COMPLETELY FIGHT OFF THE VIRUS?

    and i dont get the shit about Mac users’ windows machines hanging all the time O_O do they BREED virus in their HDD?

  22. chris

    @ Aoi_sora9x -

    Obviously if you give a program permissions to install and run, a Mac or Linux won’t fight off any virus because it just thinks it’s a program. This is the type of security that was finally built into Vista, where a program had to ask to be installed. It’s the hijackings and worms that Macs and Linux are protected from.
    I’m Windows admin have always run windows or linux and they don’t jsut blue screen or need to be reformatted every day, but just started using a Mac at home about 2 months ago, Apple is definitely delivering a better out of the box product.

    Don’t get to crazy on the “I’ve used macs all my life” guys, they really don’t know what it’s like to have to worry about crap like conflickr.

  23. joe

    nobody said macs were completely immune to viruses, in fact the very first computer virus was written for mac os……

  24. Misty

    sfmitch, how are you going to use Wikipedia as a resource? I could put under the definition of a hot dog they are all green. Anyone can re-write it. Duh!

  25. Zay

    i dont know why you’re all making such a big deal about this, theres STILL barely any mac viruses out there anyways.

  26. Jonn

    The fact is, is that I’ve had a mac for over 3 years and have never once gotten a virus. I download all the time as well. I had a pc before that and got virus all the time even with AVG, norton, mcaffe. All I know is that ever since i had my mac i download and have never worried about a virus. As well, look who released the leak that there were trojans? An antivirus company? Please tell me everyone else here isn’t that blind?

  27. Jonn

    This article pretty much boils down to windows users anxiously waiting for the internet to be as ramped with mac viruses as much as windows viruses. I will live in bliss until that day comes :) thats why I love my mac

  28. Andrew Pennebaker

    This botnet may infects thousands of Macs, but that’s a drop in the pond compared to the botnets that infect millions of Windows PCs.

    http://en.wikipedia.org/wiki/Botnet

Get Free Articles in Your Inbox!

Join 134,000 newsletter readers

Email:

Go check your email!