Malware for Macs
Thursday, May 19, 2011 2:28:07 PM
Take a look at these videos for example:
As you can see, a fake antivirus is trying to install on the user's computer. As most Mac fans point out, all installation requires the entering of an admin password but the attack is configured in such a way that you would believe that it was a genuine piece of software. For example, the downloading page may claim that it is a "plugin" necessary to watch a particular video. Or they may popup a "fake scan" of the Mac and then showing that it is severely infected and only the downloaded software can fix the problem. Anyways, no matter the method, once the fake AV has gotten on to your computer, it would periodically popup and urge you to buy the "full detection." It will also make your Mac experience untolerable! Therefore, a fake AV is as bad or even worse than a viruses (on a plus side, at least you know that it's there... whereas a rootkit burrows deep into the system).
I believe one of the problem contributing to to the prevelence of viruses on Mac is Apple's and many of Apple fan boys's stance against antiviruses/anti-malwares. On a recent informal survey I carried out on Facebook, on which AV does my friends use, one of the answer said I have a Mac and don't need a virus! What Apple has created is a false sense of security around the Mac. Wake up! Macs are software too and all software are not vulerability proof! Virus CAN be installed on a Mac but consider that a vast majority of computer users out there are using Windows so they are focusing their attacks on those.
Another problem is Apple's views on viruses. Most time Apple has denied that viruses can install on a Mac. This is evident by these recent Mac vs PC advertisement:
Also, Apple or Apple representatives has refused to acknoledge that viruses are a growing problem for Macs. This may explain for the lac of Apple produced antiviruses. On the other hand, Microsoft have acknoledge that viruses are a growing issue and have released FREE antiviruses (Microsoft Security Essentials). There is even a built in one to release of recent Windows OS's (Windows Defender). Also, Microsoft is trying their best to twart viruses (many of Windows feature try to make viruses installation very hard. Some of those feature is address space layout randomization, which loads critical Windows memory threads into random memory locations making it harder to target those threads. Another is the built in smart screen protection of IE9).
On a recent trip to the Stormfront, I asked one of the sales person about viruses and they always stress virus installations are "very rare." When asked about the AppleCare program and its coverage on viruses, they said that it does not cover virus removal. They also said anyways viruses removal instructions are out there and one just have to Google for it ie search for it. Yeah... if your only PC is infected, this would be vary hard. Also, based on my experience with Windows, malware can hijack Google search results and point you to malware laden sites instead of taking you to the sites you want. In addition, AppleCare for Mac, whilst cover almost everything else, does not cover viruses. In a recent post by Sophos's Graham Cluley, it has became evident that Apple themselves has ordered tech support staffs at AppleCare call centers NOT to help wit the removal of viruses (http://nakedsecurity.sophos.com/2011/05/18/malware-on-your-mac-dont-expect-applecare-to-help-you-remove-it/). But nevertheless, many tech center guys have done so nevertheless.