[macvoiceover] Re: mal ware

  • From: Gordon Keen <gordonkeen@xxxxxxxxxxxxxx>
  • To: macvoiceover@xxxxxxxxxxxxx
  • Date: Fri, 27 Apr 2012 09:52:11 +0100


Check out the article below:

Big Mac Attack: Apple Security Bruised after OS X Infections

Apple has long enjoyed the reputation of making a computing platform that 
provides security protection that is superior to its peers—in a word, 
Microsoft. The emergence of a group of malicious software (malware) programs in 
recent months—collectively known as Flashback or Flashfake—that specifically 
target Macs and their OS X operating system now has Apple in the unfamiliar 
position of being on the defensive.

Written as a Trojan horse program, Flashback has infected hundreds of thousands 
of Macs to date, allowing cyber criminals to steal information from those 
computers and turn many of them into virtual zombies that can be manipulated to 
attack other computers. This is not the first time Apple has had to contend 
with a malware outbreak, but it is by far the largest and most public scar 
sullying the company's aura of invincibility.

Apple has been able to avoid such security problems in the past for a number of 
reasons. For nearly two decades, Microsoft's success has kept it in the 
crosshairs of cyber criminals by virtue of Windows's popularity and, at least 
early on, the company's inattentiveness to bolstering security as the operating 
system grew more complex. Beginning in 2003 Microsoft became infamous for 
"Patch Tuesday," a monthly release of security patches (sometimes dozens at a 
time) to fix problems in its operating system, along with Internet Explorer and 
other software. Apple was a relatively minor player in the PC market, 
attracting little attention from cyber criminals who could make more money 
exploiting Windows. The same year Microsoft introduced Patch Tuesday, Macs 
represented less than 1.5 percent of desktop computers and less than 3.5 
percent of laptop computers worldwide.

Macs still represent only a small portion of the overall worldwide computer 
market, but their share has risen to roughly 7 percent in recent years and is 
expected to grow steadily. In the U.S., Apple last year owned more than 10 
percent of the PC market, behind only HP and Dell, according to technology 
research firm Gartner. Mac users can expect more incidents like Flashback will 

"In the computer community we've been saying for five, six, seven years that 
Mac is not more immune to computer viruses than Windows PCs or even Linux 
boxes, " says Nicolas Christin, associate director of Carnegie Mellon 
University's Information Networking Institute. "The only reason Macs were not 
massively targeted is that they didn't have enough of a market share to make 
them interesting for a hacker to devote resources to try to compromise those 
machines. Now that they've acquired a fairly sizeable market share, it makes 
sense that the bad guys would focus some attention on the Mac platform."

Popularity contest
Market share certainly plays a role, but in subtle ways, agrees Stefan Savage, 
a professor of computer science and engineering at the University of 
California, San Diego. "Clearly, if a platform is unpopular then there is 
really not much interest in focusing on it," he adds. "In this regard, a 
platform's security depends on its popularity and the level of effort versus 
reward—that is, what is the expected return on effort."

For cyber attackers, the decision to write malware for a particular operating 
system is an investment requiring the development of new skills, the 
acquisition of new software programs, even the learning of new slang, Savage 
says. "It's not something one does lightly," he adds. "Moreover, for malware 
there is an established ecosystem around Windows that really helps reinforce 
that platform's dominance [as a target], including malware-writing tools, 
markets to buy and sell malware, infrastructure to deploy malware and lots of 
open-source information on new exploitation techniques. It takes time to build 
that kind of community. Market share certainly drives such things, but there is 
quite a bit of inertia as well."

Assessments of a computing platform's security can often be subjective, with 
the results often depending on a computer user's preference. There are, 
however, several areas where operating systems can be judged head to head, 
Savage says, adding that OS X has consistently been behind Windows in producing 
what have become standard security mechanisms. "And I'm unaware of Apple 
putting the level of investment into security that Microsoft has."

Of course, Microsoft's security woes in the past necessitated that the company 
invest heavily in security improvements. One of the company's more astute moves 
came in 2005 when it began hosting its BlueHat conferences at Microsoft's 
headquarters in Redmond, Wash. At BlueHat Microsoft engineers meet face to face 
with members of the hacker community to discuss vulnerabilities in Windows.
Page 2 of 2
What is the difference?
OS X suffers from the same security flaws as Windows, and can be exploited just 
as maliciously by cyber criminals, says Antti Tikkanen, director of security 
response at F-Secure Corp., a Helsinki-based provider of security research and 
antivirus software. "From the pure operating system viewpoint, I don't think 
there is a big difference between recent versions of Windows—Windows 7, in 
particular—and OS X with regard to security," he says.

Given that the amount of effort required to successfully break into a Windows 
PC or a Mac is roughly the same, it comes down to economics. Cyber attackers 
want to infect as many computers as possible without investing more money to 
buy new types of malware—which can cost hundreds or even thousands of 
dollars—and without having to acquire new skills required to write malware for 
more than one platform, according to Tikkanen. Although malware that targets 
Windows PCs has existed on the black market for years, there is no real market 
for OS X malware or for tools designed to write OS X malware, he says, adding, 
"This is what keeps the scale of attacks against OS X low: the current 
attackers need to build their own tools, and this limits the number of bad guys 
that will go after you."

Java spills
Apple is making Java software patches as well as a Flashback-removal tool 
available on its Web site. Some security vendors have set up Web sites to test 
whether a Mac has been infected. Flashback found its way onto Macs by 
exploiting a flaw in Java, which translates certain Web applications into code 
that can executed by different operating systems, including OS X and Windows. 
Apple's patches, however, will work only for Macs running OS X Lion and Mac OS 
X 10.6 (Snow Leopard). Still, about 17 percent of Mac users—roughly 10 million 
people—are running older versions of OS X not eligible for any security 
updates. Those ineligible for a patch have been advised by a number of security 
experts to disable Java in their Web browsers, at least until they can update 
to Java's latest version.

Apple had known about the Java vulnerability since January, when Oracle Corp. 
(which owns the rights to Java after purchasing Java creator Sun Microsystems 
in 2009) issued a patch to correct the problem. Apple, however, does not use 
Oracle's patches and chose to write its own version, which it did not make 
available until April 12. Flashback did much of its damage during those three 

Java has proved itself a security liability over the years, in part because 
most computer users do not regularly install the security patches required to 
keep the bad guys out of their computers, says Marcus Carey, security 
researcher for Rapid7, a  Boston-based information-technology security services 
firm. The situation is worse for Mac users because they generally do not 
install antivirus software, which serves as another layer of protection, he 

Flashback's greatest legacy will likely be as a security wake-up call for Mac 
users. "The attitude that Mac does not have malware is dated," Tikkanen says. 
"So Mac users should follow the same safety precautions as Windows users. My 
tip for both Mac and PC users would be to switch off Java if you don't need it, 
and remember to update the rest of your software."     



From Bridgerule in glorious Devon, England.
On 26 Apr 2012, at 16:46, Bryan Duarte wrote:

> The best thing for your Mac is to stay up to date with EVERY update they 
> release. If you do this it will greatly help with any risk. 
> On Apr 26, 2012, at 8:43 AM, Don wrote:
>> Hi all,
>> I have been hearing on tv that a Mac can and does get mal ware. They advise 
>> that you run an anti virus and mal ware software. If this is true what do 
>> you suggest. According to Apple they say one is not necessary, so whats the

> Click on the link below to go to our homepage.
> http://www.icanworkthisthing.com
> Manage your subscription by using the web interface on the link below.
> http://www.freelists.org/list/macvoiceover
> Users can subscribe to this list by sending email to
>  macvoiceover-request@xxxxxxxxxxxxx
> with 'subscribe' in the Subject field OR by logging into the Web
> interface at http://www.freelists.org/list/macvoiceover

Other related posts: