Blog Post

More Mac Viruses, Similar Sources: Time to Worry?

Stay on Top of Emerging Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

Depending on how closely you stick to the word of the law, you may or may not be aware of the potentially dangerous trojan called “OSX.Trojan.iServices.A” unleashed on some of the Mac community last week via a pirated copy of iWork ’09. The trojan, discovered by Mac security software company Intego, allows the distributor of the malicious software to access and modify the affected system remotely, performing actions such as adding files. Such a vulnerability is potentially fatal to an operating system.

According to Intego’s numbers, more than 20,000 people have downloaded the affected file, a number which also says something about Apple’s (s aapl) ability (or desire?) to curb piracy of its proprietary software. Instructions on how to rid your computer of the virus in case you are among that unlucky 20,000 can be found here, but they can’t take away your shame.

This week, another round of infections has appeared, this time targeting a different, but similar group of pirates. The victims are users who downloaded a pirated copy of Adobe’s (s adbe) popular photo editing program, Photoshop CS4. Again, the people responsible for finding and broadcasting the existence of the trojan are Intego. This one is aptly dubbed “OSX.Trojan.iServices.B”, and actually comes from the serial generator that packages with the Photoshop installer, and not the installer itself. The CS4 trojan presents the same risks as the iWork ’09 version. Intego reports 5,000 downloads to date.

With two such high-profile virus detections coming so closely on each other’s heels, the question inevitably arises: Is Mac’s status as a highly secure option to Windows in danger? Clearly, Mac users are beginning to present a more attractive target to hackers, because the platform itself is becoming more popular. Not only that, but Mac users may be even more susceptible than others, since they traditionally haven’t had to worry much about malicious attacks.

No doubt the conspiracy theories that security companies cause and cure viruses will also crop up, especially with two such similar detections from the same source in such a short period of time. The reaction might be especially strong, considering how secure most Mac users believe their computers to be.

Really, as it stands, the only people at risk are those trying to pirate software, so it’s not really a case of “Is the OS less secure?”, so much as it is one of “Are Mac users security savvy?”. Pirated software distributed via Torrents has always been a high-risk area, but those running a Mac OS have had the luxury of being less guarded about those types of threats because the malicious code they contained was generally written to attack Windows machines.

The time may have come to star learning more smart surfing practices, but I think the general Mac-using populace can hold off on putting their computers on lock-down. Unless, that is, they plan on pirating like crazy, in which case, shields up.

47 Responses to “More Mac Viruses, Similar Sources: Time to Worry?”

  1. The reason where there are so viruses for mac is because it’s hard to write them. The reason for so many Windows viruses is because it’s easy to write them. Microsoft deliberately provide back doors and hooks into Windows so that they can sell tools to enable third-parties to enrich and enhance your Windows experience. This is fine if the third-parties are trustworthy and have no malicious intent. But even with the best of intentions this approach can go wrong (remember Sony’s copy-protected cd scandle?), Apple have rightly left the decision about what software runs on your computer and how it runs up to you. You can compare the default settings of IE8 and Safari if you need proof.

  2. Nobody has placed valid arguments yet. So what if Macs don’t have viruses? Just change the title to “More Mac Trojans, Similar Sources: Time to Worry?” What now? Does anyone disagree?

    Also, Macs are very impractical. Sure, they’re userfriendly. Sure, they look pretty. But most of the more advanced users, who want more than just read E-mails in an expensive way are bound to find that Macs can’t be customized to suit their tastes. There is almost no freedom in running systems that are stuck with presets. The world is simply more open to possibilities with a PC, let alone with Linux.

    Hackers are mostly advanced users, that have a need of computers with more capabilities than Macs. Macs are rather impractical compared to other systems. That’s why hackers choose those other systems. It’s why they get more familliar with other systems. It’s why know more about those other systems and ultimately find it easier to hack other systems than Macs. Have you heard of hackers that operate on Macs?

    Well, the most important point is that I don’t think it’s fair to say that your computer is invulerable if you haven’t really tried hacking it yourself.

  3. Also do Macs have vulnerabilities? Sure. That’s one of the reasons for software updates. Are there _viruses_ for the Mac? No.

    If you care to disagree or know of a Mac OSX virus, please name it. If you can’t then you should be probably just sit still and keep your mouth closed.


  4. @nicnax … Apple issued a fix for the CS4 and iWork trojan shortly after it was discovered. Just run your standard software updates from the apple menu.

    Don’t steal software.

  5. i think i have a trojan on my mac
    how do i get rid of it? i downloaded the cs4 for a friend and deleted from my mac. now i have the virus. can someone help me? PLEASE

  6. Mac/Windows User

    It’s amusing, yet sad to see how many people still live in their shadows of faith that there is any such system that is NOT vulnerable… Wake up, this IS 2009 after all… and Mac’s CAN and DO suffer from viruses just not as many as does windows.. to be so smug and ignorant as to believe that Mac’s are so fail safe, that’s just inviting the hackers to show you otherwise. Do you think they DON’T read these posts? Do you think they are not laughing at you right now ? Come on, we are not in the 1980’s .. wake up and take a whiff of the coffee that’s brewing right under your nose.

  7. Virus, Trojan, Worm….. ALL now fall under the “virus” definition. These “hackers” aren’t out to wipe out your hard drive now. They want the INFORMATION that’s on it!! The “hacker” now isn’t some kid in Mom & Dad’s basement- they’re crime organizations in foreign countries where YOUR personal information is worth a LOT more than just screwing up your hard drive.

    Mac’s make it easy by giving a false sense of security.

  8. The point is can mac be attacked by a malware, be it a Virus, worm or Trojan etc. Mac users (excluding some technically savys) are under the impression that it cannot be done. it hasn’t happened in the past and will not happen in futrue. Wake up people. if it can happen, it will. The more we become popular, the more we become vulnerable. choosing an operating nowadays is a matter of preference and not which one is better or worst.

  9. @ montex +1

    DOS/Windows users get over it. It is a crappy system that Gates foisted on unsuspecting computer users and got market share good and early. I remember when it happened. I was like WTF? You have a choice and this what you chose? Managers in companies that had graduated to their Peter principles jobs patted themselves on the back and for more than 20 years now, they have been stuck with a system that is making their lives hell but most are too addicted it to make a change. They deserve all the viruses and malware that the hackers can heap on them.

  10. The facts are that no viruses or trojans or any malware has cause ANY significant damage to Macs running OS X in the 8 years the operating system has been out and used by millions. I’ve been hearing for years how, any minute now, the Mac community will be taken down by some terrible malware and those smug Mac fanbois will be so sorry they don’t use anti-virus software.

    But it hasn’t happened yet. No breaches of Mac security have occurred outside of very contrived circumstances. Will it happen next year? In 5 more years? Anyone care to predict when Mac security will crumble? Not just in some hacker contest, but in the real world where millions of Macs are affected.

    Apple claims that there are over 25 million users currently running OS X. And with Macs reputation for being far more expensive than PCs, isn’t it amazing that all those hackers just happen to overlook such an elite group of users. All those Mac users with unprotected operating systems with all that disposable income to spend on Apple products… nope. Can’t see any reason to go after those people. That OS is just too OBSCURE. It’s beneath all those hacker’s time to even bother with it.

    I think we should all stick with Windows because the hackers like it so much better that they write viruses for it. That can only mean that Windows is really, really good!

    • ritorujon

      If OBSCURE = neat, well organized, usable, working, fast…. then yeah, Mac OS X is obscure:-)

      Windows is really really good for hackers for these reasons:
      1) it’s easy to hack
      2) it’s widespread
      3) it’s widespread among people who don’t know anything about computer security or even about computers :-D

    • Why would you target families when you can target banks and other businesses that have a lot more to loose than those “elite group of users” you are talking about. The market is not even comparable between mac`s and pc`s so you can`t expect hackers to make new programs for macs when they can use their old programs for pcs. So I doubt macs will ever get a ton of viruses because PCs will always be bigger and a bigger target.

  11. Macs are NOT secure. Its a misnomer to use that phrase. They are still prone to security issues, its just no one has so far bothered to try because of the low penetration rate. If someone was to target the community via a website that lots of mac users visit, then you wouldnt even know you had been infected, since no one runs a virus checker. Then all it would take would be for that small code to start spamming out of your machine to all your email contacts etc etc…

    yes, and look how easy it is to spread a virus via facebook these days, with all those pointless appz.

    Its analogous to saying im invincible and bullet proof, because no one is pointing a gun at me!

  12. This is the biggest problem. Apple seems to think that obscurity=security.
    OS X is not as secure as BSD, because it forked from BSD a long time ago, and the kernel is not maintained to include these new security updates like BSD.

    The more attention and exposure that Apple gets, the more we’re going to see exploits like this. They have two solutions, drop the childish accusations that OS X is infact secure, or they have to start staying up to date with the BSD kernel updates.

  13. justcorbly

    Ordinary folks don’t make any distinction between trojans, worms, viruses, etc. Whatever it is, it’s a ‘virus.”

    The Mac’s reputation for security is likely giving some folks the impression that it is invulnerable. I.e., that pirated software stuffed with trojans can’t harm a Mac, even if the trojans target that platform.And that’s assuming they even know that pirated software is a distribution path for the stuff.

  14. @Rob Oakes: Disagree. It’s like saying the record of the post office has been tarnished by Nigerian check scams. Nonsensical.

    Trojans are like STDs via unprotected sex with strangers. A virus or worm is like being assaulted on a public street. If you lump them all together in the “crimes” file, you’d be booted off the police force.

    Bottom line: Can your OS become infected by following a link or mounting a disk? That’s the test.

  15. Joel Fagin

    Allow me to put something in perspective.

    Trojans rely on human gullibility to work and you can therefore get them on any platform unless it’s completely locked down (like the iPhone). Trojans, like any good con, can’t really be stopped except through education.

    That is a long, long way from a virus or worm. They don’t rely on gullibility but rather insecure operating systems with flaws they can take advantage of. It’s the difference between handing over your money to a Nigerian scamster and having someone hack into the bank account computers to steal the same ammount.

    I would expect more trojans on the Mac. I would not expect many viruses and worms.

  16. Regardless of whether a trojan counts itself as a virus or not, Mac malware is still on the rise. The (somewhat) perfect record of the Mac as a secure platform with no known threats in the wild has now been more or less tarnished. Further, as the Mac grows in popularity, we can expect more malware hackers to target the platform. It appears as though the Windows people were partially right. The Mac was more more secure by its relative obscurity. That situation is starting to change.

  17. HobbesDoo

    This risk always existed and I have to agree with ShadowBottle. Trojans are not viruses.

    Anytime you give your admin password to an unknown source you’re playing with fire. It may burn you or it may not. It’s still a big gamble.

    All a pirate needs to do is to add one line to the crack application supplied with the pirated software that runs “rm” on the root of your main volume. No rocket scientist required. With your admin password the application can do pretty much anything it wants.

  18. Joel Fagin

    Franco: Viruses are still extremely common in the Windows world. Heck, many of the worst trojans are actually delivered by a virus (and, indeed, vice versa). I’m cleaning the things off people’s computers constantly.

  19. I believe the fault is applications that need installers. Without installers this would not happen, but I see that requiring your administrator password is more common this days.

    If they need to install fonts and things like those, let me choose if for all users or the active one. That way, I think, if I selected the active one you should not need my administrator password.