The Latest in IT Security

More Malware for Mac

02
Jun
2011

We’ve recently reported about a blackhat SEO campaign that targeted not only Windows users, but Mac users as well. It’s just a few weeks after that, but the role of Mac users as potential victims in the threat landscape has been increasingly established, as more and more threats targeting Mac users are being found.

FAKEAV for Mac

The first case that got the attention of the security industry was a rogue antivirus called Mac Defender, which is detected as OSX_FAKEDEF.M. The said malware reportedly affected a large number of Mac users. Other variants of rogue antivirus software made especially for Mac followed, bearing different names such as Mac Security (detected as OSX_FAKEAV.A) and MacProtector. One variant was even found spreading through Facebook (detected as OSX_DEFMA.B).

 

 

Mac Defender and its variants aren’t the first rogue antivirus seen targeting Mac users. In 2008, scareware applications called MacSweeper and iMunizator were seen, both having the same standard routines as any rogue antivirus.

This time around, however, it seems that the number of variants are increasing exponentially and affecting more and more users. As a course of action, Apple issued an update to their operating systems to prevent Mac Defender from executing.

Solution Strategy

According to Trend Micro Researcher Joey Costoya, the solution provided by Apple is not limited to MacDefender, but also covers Mac malware starting from 2009. However, “scanning technology” implemented by Apple can be easily circumvented, leaving Apple with the hard choice of either continuously updating its pattern file to cover the latest rogue antivirus affecting Mac, or admit the fact that they are now constantly targeted by these rogue antivirus, that Mac is not as secure as before, and their users are now reliant to traditional security vendors for security.

A large number of variants of this rogue antivirus were found in just a short period of time and this trend is predicted to continue. Mac is not malware-proof. Not only from FakeAV but also from backdoors like OSX_MUSMINIM.A. As my colleague Rik Ferguson commented, the Apple user base is largely unprepared, and their systems largely unprotected. This chain of events puts a large task for Apple to take upon, as the “invulnerability” of their system is being put to the test, and the security of their users on the line.

Leave a reply


Categories

MONDAY, JULY 26, 2021
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments