47 Comments

Summary:

Depending on how closely you stick to the word of the law, you may or may not be aware of the potentially dangerous trojan called “OSX.Trojan.iServices.A” unleashed on some of the Mac community last week via a pirated copy of iWork ’09. The trojan, discovered by […]

Depending on how closely you stick to the word of the law, you may or may not be aware of the potentially dangerous trojan called “OSX.Trojan.iServices.A” unleashed on some of the Mac community last week via a pirated copy of iWork ’09. The trojan, discovered by Mac security software company Intego, allows the distributor of the malicious software to access and modify the affected system remotely, performing actions such as adding files. Such a vulnerability is potentially fatal to an operating system.

According to Intego’s numbers, more than 20,000 people have downloaded the affected file, a number which also says something about Apple’s ability (or desire?) to curb piracy of its proprietary software. Instructions on how to rid your computer of the virus in case you are among that unlucky 20,000 can be found here, but they can’t take away your shame.

This week, another round of infections has appeared, this time targeting a different, but similar group of pirates. The victims are users who downloaded a pirated copy of Adobe’s popular photo editing program, Photoshop CS4. Again, the people responsible for finding and broadcasting the existence of the trojan are Intego. This one is aptly dubbed “OSX.Trojan.iServices.B”, and actually comes from the serial generator that packages with the Photoshop installer, and not the installer itself. The CS4 trojan presents the same risks as the iWork ’09 version. Intego reports 5,000 downloads to date.

With two such high-profile virus detections coming so closely on each other’s heels, the question inevitably arises: Is Mac’s status as a highly secure option to Windows in danger? Clearly, Mac users are beginning to present a more attractive target to hackers, because the platform itself is becoming more popular. Not only that, but Mac users may be even more susceptible than others, since they traditionally haven’t had to worry much about malicious attacks.

No doubt the conspiracy theories that security companies cause and cure viruses will also crop up, especially with two such similar detections from the same source in such a short period of time. The reaction might be especially strong, considering how secure most Mac users believe their computers to be.

Really, as it stands, the only people at risk are those trying to pirate software, so it’s not really a case of “Is the OS less secure?”, so much as it is one of “Are Mac users security savvy?”. Pirated software distributed via Torrents has always been a high-risk area, but those running a Mac OS have had the luxury of being less guarded about those types of threats because the malicious code they contained was generally written to attack Windows machines.

The time may have come to star learning more smart surfing practices, but I think the general Mac-using populace can hold off on putting their computers on lock-down. Unless, that is, they plan on pirating like crazy, in which case, shields up.

You’re subscribed! If you like, you can update your settings

  1. Trojans aren’t viruses. Can you please not feed /this/ particular fire?

  2. I believe the fault is applications that need installers. Without installers this would not happen, but I see that requiring your administrator password is more common this days.

    If they need to install fonts and things like those, let me choose if for all users or the active one. That way, I think, if I selected the active one you should not need my administrator password.

  3. ShadowBottle: viruses prctically no longer exist, not even in Windows world. All are trojans this days.

  4. Franco: Viruses are still extremely common in the Windows world. Heck, many of the worst trojans are actually delivered by a virus (and, indeed, vice versa). I’m cleaning the things off people’s computers constantly.

  5. This risk always existed and I have to agree with ShadowBottle. Trojans are not viruses.

    Anytime you give your admin password to an unknown source you’re playing with fire. It may burn you or it may not. It’s still a big gamble.

    All a pirate needs to do is to add one line to the crack application supplied with the pirated software that runs “rm” on the root of your main volume. No rocket scientist required. With your admin password the application can do pretty much anything it wants.

  6. A worm is a sub-class of a virus. It replicates and spreads itself. They practically don’t exist in Windows? This story is about a week old:

    http://www.nytimes.com/2009/01/23/technology/internet/23worm.html?_r=1

    Trojans are another matter altogether because they depend on social engineering to install, rather than vulnerability in the OS.

  7. Regardless of whether a trojan counts itself as a virus or not, Mac malware is still on the rise. The (somewhat) perfect record of the Mac as a secure platform with no known threats in the wild has now been more or less tarnished. Further, as the Mac grows in popularity, we can expect more malware hackers to target the platform. It appears as though the Windows people were partially right. The Mac was more more secure by its relative obscurity. That situation is starting to change.

  8. Allow me to put something in perspective.

    Trojans rely on human gullibility to work and you can therefore get them on any platform unless it’s completely locked down (like the iPhone). Trojans, like any good con, can’t really be stopped except through education.

    That is a long, long way from a virus or worm. They don’t rely on gullibility but rather insecure operating systems with flaws they can take advantage of. It’s the difference between handing over your money to a Nigerian scamster and having someone hack into the bank account computers to steal the same ammount.

    I would expect more trojans on the Mac. I would not expect many viruses and worms.

  9. @Rob Oakes: Disagree. It’s like saying the record of the post office has been tarnished by Nigerian check scams. Nonsensical.

    Trojans are like STDs via unprotected sex with strangers. A virus or worm is like being assaulted on a public street. If you lump them all together in the “crimes” file, you’d be booted off the police force.

    Bottom line: Can your OS become infected by following a link or mounting a disk? That’s the test.

  10. January 26: Picks from the GigaOM Network Monday, January 26, 2009

    [...] PT | 0 comments Internet video set-top box maker Vudu lays off another 15 percent. (NewTeeVee) Oh no…Mac viruses are coming. (TheAppleBlog) Get an iLife 09. (TheAppleBlog) VoIP service Grandcentral is down again. Maybe [...]

  11. Would little snitch give you a accept/deny-dialogue if the trojan wants to communicate with the outside world?

  12. Ordinary folks don’t make any distinction between trojans, worms, viruses, etc. Whatever it is, it’s a ‘virus.”

    The Mac’s reputation for security is likely giving some folks the impression that it is invulnerable. I.e., that pirated software stuffed with trojans can’t harm a Mac, even if the trojans target that platform.And that’s assuming they even know that pirated software is a distribution path for the stuff.

  13. This is the biggest problem. Apple seems to think that obscurity=security.
    OS X is not as secure as BSD, because it forked from BSD a long time ago, and the kernel is not maintained to include these new security updates like BSD.

    The more attention and exposure that Apple gets, the more we’re going to see exploits like this. They have two solutions, drop the childish accusations that OS X is infact secure, or they have to start staying up to date with the BSD kernel updates.

  14. Mac Users No Longer Secure | IT Security Blog Friday, January 30, 2009

    [...] Well, those days are gone as early in this year, someone was able to create malware AND dupe people into downloading it into their Macs. I am sure that you heard or read about this – the news was splashed all over countless web sites. Just how many people have been affected? The Apple Blog has the details: [...]

  15. I use facebook but till I not get any message of this kind and if I will get any message of this kind I will ignore that.

  16. Non mais on nous prend POUR DES CAVES!!!!!!!!!!!! – Page 2 – MONTREALRACING Thursday, March 5, 2009

    [...] chances que le monde commence aussi a trouver dautre maniere de sortir des virus pour MacOs. More Mac Viruses, Similar Sources: Time to Worry? – TheAppleBlog Oui, sa s’en [...]

  17. Virus en Macintosh « Miguel Mansilla Tuesday, March 10, 2009

    [...] y linuxeros era que su sistema operativo era invulnerable a los virus. Últimamente se repiten noticias sobre malware diseñado para Mac que empieza a tener [...]

  18. Macs are NOT secure. Its a misnomer to use that phrase. They are still prone to security issues, its just no one has so far bothered to try because of the low penetration rate. If someone was to target the community via a website that lots of mac users visit, then you wouldnt even know you had been infected, since no one runs a virus checker. Then all it would take would be for that small code to start spamming out of your machine to all your email contacts etc etc…

    yes, and look how easy it is to spread a virus via facebook these days, with all those pointless appz.

    Its analogous to saying im invincible and bullet proof, because no one is pointing a gun at me!

  19. The facts are that no viruses or trojans or any malware has cause ANY significant damage to Macs running OS X in the 8 years the operating system has been out and used by millions. I’ve been hearing for years how, any minute now, the Mac community will be taken down by some terrible malware and those smug Mac fanbois will be so sorry they don’t use anti-virus software.

    But it hasn’t happened yet. No breaches of Mac security have occurred outside of very contrived circumstances. Will it happen next year? In 5 more years? Anyone care to predict when Mac security will crumble? Not just in some hacker contest, but in the real world where millions of Macs are affected.

    Apple claims that there are over 25 million users currently running OS X. And with Macs reputation for being far more expensive than PCs, isn’t it amazing that all those hackers just happen to overlook such an elite group of users. All those Mac users with unprotected operating systems with all that disposable income to spend on Apple products… nope. Can’t see any reason to go after those people. That OS is just too OBSCURE. It’s beneath all those hacker’s time to even bother with it.

    I think we should all stick with Windows because the hackers like it so much better that they write viruses for it. That can only mean that Windows is really, really good!

    1. If OBSCURE = neat, well organized, usable, working, fast…. then yeah, Mac OS X is obscure:-)

      Windows is really really good for hackers for these reasons:
      1) it’s easy to hack
      2) it’s widespread
      3) it’s widespread among people who don’t know anything about computer security or even about computers :-D

    2. Why would you target families when you can target banks and other businesses that have a lot more to loose than those “elite group of users” you are talking about. The market is not even comparable between mac`s and pc`s so you can`t expect hackers to make new programs for macs when they can use their old programs for pcs. So I doubt macs will ever get a ton of viruses because PCs will always be bigger and a bigger target.

  20. @ montex +1

    DOS/Windows users get over it. It is a crappy system that Gates foisted on unsuspecting computer users and got market share good and early. I remember when it happened. I was like WTF? You have a choice and this what you chose? Managers in companies that had graduated to their Peter principles jobs patted themselves on the back and for more than 20 years now, they have been stuck with a system that is making their lives hell but most are too addicted it to make a change. They deserve all the viruses and malware that the hackers can heap on them.

  21. The point is can mac be attacked by a malware, be it a Virus, worm or Trojan etc. Mac users (excluding some technically savys) are under the impression that it cannot be done. it hasn’t happened in the past and will not happen in futrue. Wake up people. if it can happen, it will. The more we become popular, the more we become vulnerable. choosing an operating nowadays is a matter of preference and not which one is better or worst.

  22. 26 reasons why a blackberry is better then a iphone – Page 3 Thursday, August 13, 2009

    [...] famious at all. Macs no longer immune to viruses – Security- msnbc.com Some Malware for the Mac: More Mac Viruses, Similar Sources: Time to Worry? Even the iPhone has a virus: iPhone Virus [...]

  23. Virus, Trojan, Worm….. ALL now fall under the “virus” definition. These “hackers” aren’t out to wipe out your hard drive now. They want the INFORMATION that’s on it!! The “hacker” now isn’t some kid in Mom & Dad’s basement- they’re crime organizations in foreign countries where YOUR personal information is worth a LOT more than just screwing up your hard drive.

    Mac’s make it easy by giving a false sense of security.

  24. Mac/Windows User Friday, August 21, 2009

    It’s amusing, yet sad to see how many people still live in their shadows of faith that there is any such system that is NOT vulnerable… Wake up, this IS 2009 after all… and Mac’s CAN and DO suffer from viruses just not as many as does windows.. to be so smug and ignorant as to believe that Mac’s are so fail safe, that’s just inviting the hackers to show you otherwise. Do you think they DON’T read these posts? Do you think they are not laughing at you right now ? Come on, we are not in the 1980’s .. wake up and take a whiff of the coffee that’s brewing right under your nose.

  25. >>Mac’s CAN and DO suffer from viruses

    Where???

    1. I’m not a fan of either system. So take this article as it is intended, just as information.
      http://www.msnbc.msn.com/id/12537279/

    2. msnbc? That sounds like one of Bush’s terror alerts. Give me some facts, not hyperbole. Can you run a PC without AV, click on any link you like, and be virus free? No. Can you do it on a mac. You betcha!

  26. Apple Users Targeted With Snow Leopard Malware Tuesday, September 1, 2009

    [...] doubt this will give cause to anti-virus companies to raise the red flags once more, and spout on about how the end is nigh for the days of OS X being the secure choice, but as before, smart [...]

  27. WARNING – Stay Away from Reddit Tuesday, September 29, 2009

    [...] Originally Posted by Middleground Or get a Mac. ;-) Your day is coming…more Mac friendly baddies are emerging every day! More Mac Viruses, Similar Sources: Time to Worry? [...]

  28. Anti virus for Windows 7 – Page 5 – Overclock.net – Overclocking.net Friday, October 2, 2009

    [...] Posted by Rino Just use a Mac they don't get viruses. http://theappleblog.com/2009/01/26/m…time-to-worry/ You had best define a virus because there are a number of trojans, malware, and spyware [...]

  29. My desktop is a boat anchor now. – Page 3 – Real Police: Law Enforcement,Police Officer,Criminal Justice,Background Checks website… Friday, October 30, 2009

    [...] it attacks only Mac Servers. I'm gonna have to go and disagree with that. According to this: More Mac Viruses, Similar Sources: Time to Worry? Granted those viruses only affect people trying to pirate softer, but that article lists 2 viruses [...]

  30. i think i have a trojan on my mac
    how do i get rid of it? i downloaded the cs4 for a friend and deleted from my mac. now i have the virus. can someone help me? PLEASE

  31. @nicnax … Apple issued a fix for the CS4 and iWork trojan shortly after it was discovered. Just run your standard software updates from the apple menu.

    Don’t steal software.

  32. Also do Macs have vulnerabilities? Sure. That’s one of the reasons for software updates. Are there _viruses_ for the Mac? No.

    If you care to disagree or know of a Mac OSX virus, please name it. If you can’t then you should be probably just sit still and keep your mouth closed.

    Cheers.

  33. Top 10 Reasons Why Mac Sucks – CollegeTimes™ Saturday, December 12, 2009

    [...] the issue has been improving, according to some). What hasn’t been improving though is the  increasing amount of viruses being found on Macs. Sure, we could play the word game and clarify the difference between trojans [...]

  34. Facebook safe? – AllDeaf.com Sunday, January 17, 2010

    [...] worry? More Mac Viruses, Similar Sources: Time to Worry? Good luck, everything is in binary means zeros and ones, it is all it needs to get it working. [...]

  35. Top 10 Reasons Why Mac Sucks | BestOf.com : The Best of the Best Websites Tuesday, January 19, 2010

    [...] the issue has been improving, according to some). What hasn’t been improving though is the  increasing amount of viruses being found on Macs. Sure, we could play the word game and clarify the difference between trojans [...]

  36. Nobody has placed valid arguments yet. So what if Macs don’t have viruses? Just change the title to “More Mac Trojans, Similar Sources: Time to Worry?” What now? Does anyone disagree?

    Also, Macs are very impractical. Sure, they’re userfriendly. Sure, they look pretty. But most of the more advanced users, who want more than just read E-mails in an expensive way are bound to find that Macs can’t be customized to suit their tastes. There is almost no freedom in running systems that are stuck with presets. The world is simply more open to possibilities with a PC, let alone with Linux.

    Hackers are mostly advanced users, that have a need of computers with more capabilities than Macs. Macs are rather impractical compared to other systems. That’s why hackers choose those other systems. It’s why they get more familliar with other systems. It’s why know more about those other systems and ultimately find it easier to hack other systems than Macs. Have you heard of hackers that operate on Macs?

    Well, the most important point is that I don’t think it’s fair to say that your computer is invulerable if you haven’t really tried hacking it yourself.

    1. @AIGu: Amen brother!

  37. Antivirus Software On Your Mac: Yes or No? Thursday, February 4, 2010

    [...] over a year ago, Mac users began to feel a bit more Windows-like after a major Mac trojan horse was discovered in the wild. Of course, you’d get it only if you obtained copies of pirated [...]

  38. Antivirus Software On Your Mac: Yes or No? « Tech News Thursday, February 4, 2010

    [...] over a year ago, Mac users began to feel a bit more Windows-like after a major Mac trojan horse was discovered in the wild. Of course, you’d get it only if you obtained copies of pirated [...]

  39. Antivirus Software On Your Mac: Yes or No? « Apple News Daily Thursday, February 4, 2010

    [...] over a year ago, Mac users began to feel a bit more Windows-like after a major Mac trojan horse was discovered in the wild. Of course, you’d get it only if you obtained copies of pirated [...]

  40. The reason where there are so viruses for mac is because it’s hard to write them. The reason for so many Windows viruses is because it’s easy to write them. Microsoft deliberately provide back doors and hooks into Windows so that they can sell tools to enable third-parties to enrich and enhance your Windows experience. This is fine if the third-parties are trustworthy and have no malicious intent. But even with the best of intentions this approach can go wrong (remember Sony’s copy-protected cd scandle?), Apple have rightly left the decision about what software runs on your computer and how it runs up to you. You can compare the default settings of IE8 and Safari if you need proof.

  41. Apple Crapintosh. « iimSouperman's Blog Sunday, May 2, 2010

    [...] the issue has been improving, according to some). What hasn’t been improving though is the  increasing amount of viruses being found on Macs. Sure, we could play the word game and clarify the difference between trojans [...]

Comments have been disabled for this post