Advertisement
Security

Staying Safe Amid the Increasing Threat of Mac Malware

by

Of late, the tech world has been abuzz with alarming news of Mac malware threats, the reports given weight by the emergence of a newer and more sophisticated version of that annoying thorn in Apple’s side, Flashback. Known as Flashback.K, the latest iteration of the trojan horse which has been grabbing headlines since mid-2011 makes use of a known Java security vulnerability to launch malicious code and potentially record users personal data.

As OS X market share continues to rise, security is becoming an area of concern for more users and there's a perception building that Macs have lost their previous status as secure computers, with some analysts even going so far as to say that we're about to enter an era of cat-and-mouse games between Apple and malware makers. So, is the sky falling or is this all a lot of hot air?


Caught Napping

apple
Apple's lag between Java updates facilitated the Flashback.K malware issue

The Java security hole which gave rise to Flashback.K also posed a security risk for other operating systems which use the cross-platform programming language, but as Linux and Microsoft Windows users receive their versions of Java direct from Java’s developers Oracle, the hole was discovered and quickly plugged.

However, because Apple deign to produce and release their own version of the largely open source Java, OS X users are at the mercy of Apple’s update process which in this case lagged over two months behind Oracle and gave malicious hackers the opportunity to infect over 600,000 Mac users before Apple stepped in with a Software Update fix which both plugs the hole and removes any existing Flashback.K infection.

Frankly, the entire Flashback.K episode is not evidence of an inherent security flaw within OS X itself, but was rather facilitated by Apple’s failure to keep on top of security threats and patch known holes, a mistake the company are certain to wish to avoid in the future - indeed, as Ars Technica recently reported, Oracle will soon take over the supply of Java security fixes for Macs, thus firmly consigning such lags to the past.


What's In a Name?

At first glance it may seem pedantic but referring to malware by its proper name is useful
At first glance it may seem pedantic but referring to malware by its proper name is useful

It may be useful to remember that while talk of Mac 'viruses' is common as of late, there is currently not one single credible virus on OS X. To be sure, there exists Mac security threats, but understanding the differences between non-existent viruses and the real threat posed by trojans (both of which fall under the umbrella term ‘malware') will go some way to offering a tangible defence against their ill effects.

A virus is a piece of software which can replicate itself and spread from one computer to another. Often making use of a local network, the Internet or removable media like USB sticks, a virus can remain undetected for years and show no outward signs of malicious intent. Indeed, some viruses don’t seem to do much else than replicating at length on the target computer and slowly using up increasing resources.

A Trojan Horse on the other hand is an altogether different piece of malware. Taking its name from the mythical Trojan War in which Greek soldiers were said to have been smuggled into an enemy city hidden within a large (and seemingly harmless) wooden horse, the modern trojan horse acts in much the same way.

Often masquerading as a desirable application, a well made trojan horse will fool the user into installing it and may even perform the expected function (a popular choice is screensaver), in addition to also performing other less desirable tasks, such as logging each password entered into the computer.

By nature of its focus on exploiting user error, trojans doubtless offer by far the most signifiant malware threat to Mac OS X and for this reason they are the worthy focus of Mac security professionals. There have been several successful Mac trojans, Flashback.K being the most infamous, though the rate of infection is still remarkably small compared to some other platforms.


Lightweight Alternatives to Anti-virus Software

An updated Mac is a Mac which is safe from Flashback.K
An updated Mac is a Mac which is safe from Flashback.K

Let's take a look at some non-invasive and lightweight alternatives to anti-virus software which can help us stay a step ahead of the malware makers:

Use OpenDNS

As highlighted in a company blog post, OpenDNS prevents the Flashback.K malware from installing on Macs and the popular ad-supported (or ad-free at a premium) service will even prevent an already infected Mac from being exploited by Flashback.K (and many other forms of malware) effectively cancelling out attempts of the trojan to ‘call home‘ with its data.

Some further information on OpenDNS can be found here on our sister site, Web.AppStorm.

Use Noscript or disable Javascript and Flash

The Firefox-only extension Noscript will block Flash and Javascript (in addition to other plugins) from running unless a website is designated as ‘safe’ by the user and thus kept on a 'whitelist'. Though compiling such whitelists can take some initial time to set up, once in place it is an effective method of ensuring you surf the web safely. There are similar plugins for Google Chrome named NotScript and ScriptNo, but Safari users are limited to Click-to-Flash and manually disabling Java within Safari’s preferences.

Surf Safely

The single most effective way of preventing infection is also the most eye-rollingly obvious and I'll risk possible derision by discussing it anyway. Ensuring that you visit only trusted websites and download applications from reputable sources will go a long way toward preventing infection. When connecting to a website in which one enters secure details, such as an online bank account, ensure that https:// is present in the URL Bar, as the all important s denotes a secure connection.

In addition, deselecting the option within Safari's preferences to open safe files after downloading is not selected is a prudent measure, as is using only trusted and secure wireless connections.

Stay Updated

Though the usefulness of Software Updates is reliant on Apple offering timely fixes, it is essential to maintain a fully updated Mac system - remember that a fully updated Mac running any version of OS X from Leopard upwards is totally protected from Flashback.K and its known variants.


Conclusion

When discussing Mac security, it's all too easy to fall into the familiar trap of taking up a position on one extreme of the spectrum - the argument usually goes that either Macs are completely immune to all malware, or Macs are a wide open security threat waiting to be hit by a deluge of viruses 'any day now'. Of course, neither position is correct and understanding that there is a middle ground will help ensure that your Mac does not become infected with malware.

The choice as to what steps a user takes in order to safeguard against malware infection will be a personal one and it would be foolish to state that Mac users will never need anti-virus software, but I will stick my neck out and state firmly that the tipping point is yet to be reached.

Really, at this point in time the cure is probably worse than the disease and running potentially resource-hogging anti-virus software is overkill for something which is unlikely to happen if one follows some basic good practices.

Related Posts
  • Computer Skills
    Networking
    How to Keep Your Information Safe on Public Wi-FiCoffee shop
    So there you are, browsing the vast Internet in a coffee shop on your travels abroad. You log in to Facebook, as usual, and continue to peruse the postings of the day. Unbeknownst to you, there might be someone stealing your login info right as you press the return key. After all, it’s an open network at a coffee shop—anyone has access to your information. The same goes for airport WiFi, and the library down the street. Luckily, there’s a way to protect yourself. In this tutorial, I’ll explain how people obtain your sensitive information on an unsecured network and how to prevent them from doing so.Read More…
  • Computer Skills
    OS X
    Understanding Safe ModeSafemode preview retina
    Apple is very careful about making sure that your Mac is rock solid from day one until day one hundred and one. Unfortunately, while their diligence ensures that it’s nearly impossible to crash or upset a new Mac, things may start to get cloudy once you introduce third-party software and peripherals. Sometimes things break. Compatibility issues arise. Software misbehaves. To help you circumvent and resolve these issues, OS X is equipped with a special operating option called Safe Mode. In this tutorial I’ll help you understand this crucial troubleshooting tool.Read More…
  • Computer Skills
    OS X
    Knowing Your Startup Key Combinations for Intel MacsStartupkeys400 1
    Whilst the idea of the computer mouse (essentially an inverted trackball) has been around since the 1960s, many people were still using keyboards as the sole input method some twenty years on. Even after the mouse became a standard computer accessory in the mid-1980s, many programs relied on keyboard shortcuts to perform particular functions. Even with new input devices, in addition to mice and trackpads, there is still a place for keyboard shortcuts. In this tutorial, I will show you the various keyboard key combinations that perform particular tasks when starting up your Mac.Read More…
  • Computer Skills
    OS X
    Preparing for OS X 10.9 MavericksMavericks400
    Apple announced the latest version of it’s OS X operating system, on the 10th June 2013, at the Worldwide Developers Conference (WWDC) in San Francisco. In a departure from the current naming system of big cats, the next iteration of OS X, being 10.9, will start a new naming convention taken from places in California. OS X 10.9 will be known as Mavericks, named after the popular surfing location. In this tutorial, I will examine best what you will need to do to ensure that you Mac is ready for upgrade, from OS X 10.8 Mountain Lion, to OS X 10.9 Mavericks when it is released this autumn.Read More…
  • Computer Skills
    Security
    How to Keep Your Mac Safe From MalwareGatekeeper400
    Malicious Software, or malware for short is something many Mac users don't experience on a regular basis. Apple has always sought to advertise Macs as machines which are extremely hard to penetrate. While it is true that Apple computers are preloaded with many different forms of protection, they are still far from invincible. Let's take a look at how Macs deal with threats as well as ways you can get rid of malware before serious damage occurs.Read More…
  • Computer Skills
    Security
    Lock Up Your Mac with Security SettingsFilevault icon
    It all started when people passed around the rumor of the Mac’s invincibility. Some said a virus for the platform was nowhere to be found. Others knew the truth though: that there really can be malicious code written for OS X. Nothing’s perfect, you know. When an illness does befall Apple’s OS, the company typically issues penicillin in a timely manner. (The timeline actually depends on the problem though and can sometimes be an unnecessary length.) “Flashback”, for instance, was a trojan back door that came about in early 2012 with the aid of, despite the name, a hole in Javascript. Apple repaired the defect nearly two months after its release. There have been other infections in the past year as well — but I’m not here as a security analyst. Instead, I’m an advisor. Today, if you have some time and motivation, I’m going to help you secure your Mac as best as you possibly can.Read More…