Depending on how closely you stick to the word of the law, you may or may not be aware of the potentially dangerous trojan called “OSX.Trojan.iServices.A” unleashed on some of the Mac community last week via a pirated copy of iWork ’09. The trojan, discovered by Mac security software company Intego, allows the distributor of the malicious software to access and modify the affected system remotely, performing actions such as adding files. Such a vulnerability is potentially fatal to an operating system.
According to Intego’s numbers, more than 20,000 people have downloaded the affected file, a number which also says something about Apple’s ability (or desire?) to curb piracy of its proprietary software. Instructions on how to rid your computer of the virus in case you are among that unlucky 20,000 can be found here, but they can’t take away your shame.
This week, another round of infections has appeared, this time targeting a different, but similar group of pirates. The victims are users who downloaded a pirated copy of Adobe’s popular photo editing program, Photoshop CS4. Again, the people responsible for finding and broadcasting the existence of the trojan are Intego. This one is aptly dubbed “OSX.Trojan.iServices.B”, and actually comes from the serial generator that packages with the Photoshop installer, and not the installer itself. The CS4 trojan presents the same risks as the iWork ’09 version. Intego reports 5,000 downloads to date.
With two such high-profile virus detections coming so closely on each other’s heels, the question inevitably arises: Is Mac’s status as a highly secure option to Windows in danger? Clearly, Mac users are beginning to present a more attractive target to hackers, because the platform itself is becoming more popular. Not only that, but Mac users may be even more susceptible than others, since they traditionally haven’t had to worry much about malicious attacks.
No doubt the conspiracy theories that security companies cause and cure viruses will also crop up, especially with two such similar detections from the same source in such a short period of time. The reaction might be especially strong, considering how secure most Mac users believe their computers to be.
Really, as it stands, the only people at risk are those trying to pirate software, so it’s not really a case of “Is the OS less secure?”, so much as it is one of “Are Mac users security savvy?”. Pirated software distributed via Torrents has always been a high-risk area, but those running a Mac OS have had the luxury of being less guarded about those types of threats because the malicious code they contained was generally written to attack Windows machines.
The time may have come to star learning more smart surfing practices, but I think the general Mac-using populace can hold off on putting their computers on lock-down. Unless, that is, they plan on pirating like crazy, in which case, shields up.
Trojans aren’t viruses. Can you please not feed /this/ particular fire?
I believe the fault is applications that need installers. Without installers this would not happen, but I see that requiring your administrator password is more common this days.
If they need to install fonts and things like those, let me choose if for all users or the active one. That way, I think, if I selected the active one you should not need my administrator password.
ShadowBottle: viruses prctically no longer exist, not even in Windows world. All are trojans this days.
Franco: Viruses are still extremely common in the Windows world. Heck, many of the worst trojans are actually delivered by a virus (and, indeed, vice versa). I’m cleaning the things off people’s computers constantly.
This risk always existed and I have to agree with ShadowBottle. Trojans are not viruses.
Anytime you give your admin password to an unknown source you’re playing with fire. It may burn you or it may not. It’s still a big gamble.
All a pirate needs to do is to add one line to the crack application supplied with the pirated software that runs “rm” on the root of your main volume. No rocket scientist required. With your admin password the application can do pretty much anything it wants.
A worm is a sub-class of a virus. It replicates and spreads itself. They practically don’t exist in Windows? This story is about a week old:
http://www.nytimes.com/2009/01/23/technology/internet/23worm.html?_r=1
Trojans are another matter altogether because they depend on social engineering to install, rather than vulnerability in the OS.
Regardless of whether a trojan counts itself as a virus or not, Mac malware is still on the rise. The (somewhat) perfect record of the Mac as a secure platform with no known threats in the wild has now been more or less tarnished. Further, as the Mac grows in popularity, we can expect more malware hackers to target the platform. It appears as though the Windows people were partially right. The Mac was more more secure by its relative obscurity. That situation is starting to change.
Allow me to put something in perspective.
Trojans rely on human gullibility to work and you can therefore get them on any platform unless it’s completely locked down (like the iPhone). Trojans, like any good con, can’t really be stopped except through education.
That is a long, long way from a virus or worm. They don’t rely on gullibility but rather insecure operating systems with flaws they can take advantage of. It’s the difference between handing over your money to a Nigerian scamster and having someone hack into the bank account computers to steal the same ammount.
I would expect more trojans on the Mac. I would not expect many viruses and worms.
@Rob Oakes: Disagree. It’s like saying the record of the post office has been tarnished by Nigerian check scams. Nonsensical.
Trojans are like STDs via unprotected sex with strangers. A virus or worm is like being assaulted on a public street. If you lump them all together in the “crimes” file, you’d be booted off the police force.
Bottom line: Can your OS become infected by following a link or mounting a disk? That’s the test.
[...] PT | 0 comments Internet video set-top box maker Vudu lays off another 15 percent. (NewTeeVee) Oh no…Mac viruses are coming. (TheAppleBlog) Get an iLife 09. (TheAppleBlog) VoIP service Grandcentral is down again. Maybe [...]