Mac security in 2011

Mac security in 2011
27 Jan 12

There are different things one can mean when they say "security" in relation to computers of any kind. Security could mean keeping the data stored on them safe from harm and out of the way of corruption. Security could also mean keeping things safe and out of the hands of those who are not privy to certain data available in the system. Or it could mean keeping the darn thing in one piece from the relentless onslaught of the combined efforts of all the "bad guys" in the world.

This article is about the latter of the above descriptions. A topic that was the beginning of me contributing to BagelTech, back in May of 2011.

F-Secure, a well known and respected computer security company, released a report last week, detailing the growth of malware on the Mac OS platform. Sadly they only reveal data from April of 2011 to December, but their findings were quite interesting from a number of perspectives all the same and what I said back in May is very much true today too. Throughout the year there were some spikes when they found more malware, and some dips in activity when there were very few new variants of malware found. For 2011 the two biggest spikes in malware detections were in June and October, with 12 new variants in June and 11 new variants in October respectively. A grand total of 58 new variants of malware were found during the course of the whole year.

The different types of malware in the wild, targeting Mac OS X, that F-Secure found were Backdoors, Trojans, Trojan-Downloaders and Rouge. I will explain the differences between these different types of malware soon, but I would like to point your attention towards that F-Secure never mentions finding any kind of virus for Mac OS X during entire 2011. If there is one type of malware that even the most novice of computer users know of, it's the virus. So far, there have been none for Mac OS X in the wild and I have a feeling that if one were to pop up, we will hear about it either we want to or not!

A backdoor is essentially a way for someone who as managed to compromise any given computer system to more easily slip back in, whenever they please to do so. The backdoor will bypass any layer of security that might exist on the system in question, leading to the very apt name, of being a backdoor that one can take in order to avoid the big lock and chain on the front, so to speak.

Trojans are apps masquerading as something they are not, just like the famous Trojan horse of ancient mythology held a small army inside while posing to be a trophy. If you for instance downloaded a copy of Pixelmator, the famous image editing application, from a file-sharing site, chances are you got something completely different. While the app you downloaded pretended to be Pixelmator, this was not the case at all and instead you installed a trojan on your Mac.

A Trojan-Downloader is essentially a Trojan, but it downloads more malware in the background, without you knowing it, and runs them as well. The old case of going from bad situation to even worse situation since there is nearly no limit to what other apps can get downloaded and installed.

The last kind of malware mentioned in the report is Rouge, which is the perhaps nastiest kind of malware in that it pretends to be anti-virus or anti-malware, while in reality it might not at all have any kind of functionality that such an app should have. While not all of them are completely without function, many are. They serve to lull users into a fake sense of security while they fork over money for something that does nothing of what the user really needs.

The one thing all these different forms of malware have in common is that the user of the computer must in one way or another be active in getting them onto the system. For these types of malware to "just infect" your Mac is not possible, since they are not designed in that way. Again, these are not viruses, they are malware of different classification all together. The user is the way in which the manage to bypass security, either by pretending to be an app that it is not, comes along for the ride with an app or that is pretends to be anti-malware of some kind.

Essentially the malware creators have decided to attack the weakest link in the security chain of most computer systems these days; the user! Many of those now using Macs are converts from many years of using a Windows machine, and probably think in slightly different terms and ways that someone who has been a Mac user for some time. Someone who has used Windows for years is conditioned into doing a lot of things that make sense in the Windows world, such as always having some kind of an anti-virus (sometimes anti-malware) installed and running maintenance apps regularly. While these things are not in themselves bad, they are often misunderstood in what they do and why they should be run or even installed,

As with most things, it's best to pay attention to what is going on, regardless of what operating system you are running and who has built the hardware. At any given time there might be that nearly magical security hole found, which enables the most dastardly of malware to slip into your machine. It might sound far off to some, but I prefer to take security very seriously personally, while I hope the company behind the product does everything in their power to make the device as secure as they can from their end. Assuming that you are sitting in the impenetrable fortress might be fun for a while, but after a while I'm fairly sure you will suffer, one way or the other.

We still don't see many malware variants for Mac OS X, compared to the threat seen for Windows users, but the ones that do exist are very real and should be taken seriously. Better safe than sorry, if you ask me!


Robert Falck

Robert is a freelance tech journalist from Sweden. You can follow his posts here on Bagel Tech and on his site or you can follow him on twitter @streakmachine.


Robert Falck


Leave a comment:

* Required.