Macs and Malware – do you need to be concerned?

By
In General

The latest headline states 600,000+ Mac users infected by a Trojan called “Flashback” Also, “Mac users need to wake up and start using Anti-virus software” Well should we be concerned? Probably, but it’s important to understand some of the over-hyped statement and inconsistencies first.

This latest attack against the Macintosh system is a trojan based malware that affects users that have a security hole in the Java system of their browser. Java is a language that allows you to run extra programs through browsers such as Safari. It’s not used too much these days, never really was that prevalent in my opinion.  On newer Mac systems Apple does not even have it installed by default (nor do they make Java, it’s by Sun Microsystems) if you want to use it something will pop up if you visit a site needing Java and Apple will provide an easy way to install it.  This however will even be changing down the road to where users will have to manually install it from Sun.

Anyways if you had a version of Java that had a security hole in it then you could get this trojan.  The trojan reportedly can watch your keystrokes or find other ways to get passwords or other personal information. Supposedly over 600,000 Macs are infected. This number is starting to get a little bit of a skeptical eye looking at it as it’s not conclusively Mac users included in this number but from best guesses it’s  mostly Mac users. Even at 600,000 it’s probably less than one half of one percent as the amount of Mac users in May 2010 was estimated at 94 million.

Apple has come out with a security patch in the Java system they provide (for now) so that if you apply this through your normal software updates you will be protected.

Another thing to keep in mind is this shouldn’t be classified as a virus or a trojan virus. There are three separate classifications of malware out there for the most part they are virus, worm, and trojan. Virus and worms can self replicate a trojan does not – it gets people to install it by acting as a legitimate program.  Most of the time you will only get a trojan by visiting a lesser legitimate site in the first place so you will likely not get it from going to Apple, Amazon, etc.

A lot of the latest news sites now say Macs users should wake up as this is proof they can get a virus where once experts said they could not.  This annoys me first of all because it’s not a virus, but more importantly I don’t remember anyone ever saying that.  Maybe some home user zealots could have said something like that but at most what anyone would have said is that Macs could be less susceptible to a virus. This is probably still true but but not guaranteed forever.

Should you install Anti-virus software on your mac? In the past another reason why it was nice to not have to load virus software on your Mac was so that you didn’t have to take a small hit on your performance like PC users have been dealing with for years.  If you are in a company it makes sense to install it to be safe and you don’t want to take any risks in a business setting. As a home user it would still be a good idea if you feel like you might get tricked into one of these trojans and you don’t keep your software and security patches up to date. Two virus programs that are free and seem to not bog down your computer too much are:

http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx

http://www.clamxav.com/

 

I am going to install Anti-Virus on my machine just so that I can stay informed if anything big actually starts hitting, but I have yet to see this trojan affect anyone that has tested their machine so far.

 

Recent Posts