Technology news and Jobs 
Our Blogs Fuzzy Logic More malware coming for Macs
Our Blogs Fuzzy Logic More malware coming for Macs | More malware coming for Macs |
|
| by Alex Zaharov-Reutt | |
| Saturday, 03 November 2007 | |
|
Page 1 of 2   
Featured Whitepaper
5 Best Practices for Smartphone Support
The number of Mac owners and users is growing quarter by quarter, and while they won’t outnumber Windows users anytime soon, as there has never been a better time to buy a Mac. Apple’s user base is growing better than ever and it’s like honey to the bee for hackers and malware writers, meaning there’s never been a better time to try to hack the Mac – or just hack their users through ‘social engineering’ tricks. If the end result is the same, i.e. a compromised Mac that has had changes made to its browser, sending users to versions of popular banking or other websites to gain your username, password and other login details, hacking Mac users themselves used to downloading things safely from the Internet and just typing in their password so that it installs, like the OSX.RSPlug.A Trojan does, will become a much more common attack, and likely, very quickly. Why? Because we’re about to head into the Thanksgiving, Christmas, end-of-year holiday shopping season, and there’ll be more online activity and ecommerce than ever. Each year, online activity grows, and this year it’ll be no different. If online criminals can change your browser settings to redirect you to fake websites, they might not infect your computer with a virus, but they could steal your identity, or your username and password for online banking. If the online criminals are successful at doing that, something they are very, very successfully doing to PC and Mac users already through phishing emails purporting to be from one of your country’s banks or one of the big global banks, or sites such as Paypal, eBay and others. These schemes perpetuate because they catch people unawares, who are tricked into voluntarily typing in their details at a fraudulent web site. Once on your Mac, the Trojan changes some network settings to redirect your Web browser to fraudulent sites set up to trick users into surrendering personal information such as credit card or bank account numbers. Technically known as “phishing” scams they turn up even more frequently in scam e-mails designed to look as if they were sent from a legitimate business, such as PayPal or a large bank. Now, let’s get one thing straight. Despite the OSX.RSPlug.A Trojan and the variants that will undoubtedly follow, Mac OS X is still a very secure operating system, receiving regular security updates and fixes from Apple, just as Microsoft patches Windows. The security model that requires you to type in your password to install software or make changes to system preferences areas has always blown Windows away thanks to its simplicity and effectiveness. And there have been no major outbreaks of any viruses or malware on the Mac to date, suggesting that Apple really have been doing a great job in keeping users secure, even despite themselves. There’s one thing you’ll want to do for your security if you’re a Mac user, especially a new one from the PC world, that Apple oddly hasn’t done for you by default, and that is to turn on the firewall in your version of Mac OS X, Leopard or older. To do this, open your System Preferences control panel, then click on Security. Go to the Firewall pane and turn it on. But back to the Mac OS security model. This model, especially where it comes to the part where you need to enter in your password to continue installing whatever it is you are trying to install, always looks the same, whether it’s a Trojan or iWork ’08. David Zeiler, from the Baltimore Sun, in an article entitled “Another overreaction to a Mac malware sighting” explains specifically how the Trojan could infect a Mac user. Zeiler says: “Here’s how it works: When you click on a booby-trapped porn video, a window pops up telling you that you lack a certain video plug-in and then asks if you’d like to download it. If you click OK, your Mac will download a disk image that contains the Trojan. You then need to mount the disk image by double-clicking on it (this step could be done automatically by your browser depending on how you have set your preferences)”. Zeiler continues by saying that: “If you double-click on the installer that appears in the disk image window, the Mac will ask you for your administrator password before proceeding. This is a security measure built in to Mac OS X designed to prevent malware like this Trojan from installing itself in the background. If you ignore this red flag, type in your password and click OK, the software finally will install the Trojan on your Mac”. Now, as I see it, there's one big problem here, and although Zeiler dismisses it later in his article as 'social engineering' which no-one is immune from. There's also the case of Macs that are hacked, but aren't, with dual personalities - please read onto page 2 to continue! |
| < Next story in category | Previous story in the category > |
|---|
