Earlier today, Pob in SophosLabs blogged about the discovery of two new pieces of malware for the Apple Mac OS X operating system.
Although there is only a tiny amount of Mac malware compared to Windows viruses, that’s going to be little consolation if your gorgeous new MacBook gets infected. And sadly we know that many Mac users still believe they are somehow magically immune from attacks.
As we’ve demonstrated before, and as we’ll no doubt explain again, the Mac malware threat is real. Hackers are deliberately planting malicious code on websites, and using social engineering tricks to fool you into installing it onto your computer.
In the following video, which demonstrates one of today’s new pieces of Mac malware, a video promising you hardcore pornographic videos pops up a message demanding that you install an ActiveX component to view more. Of course, if you do agree to install the program (it is quite insistent) you actually end up installing a Trojan horse, which effectively hands your computer over to whatever takes the whim of a remote hacker.
[vimeo=http://vimeo.com/5099385](Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
You see, I’ve got a theory that although many people are undoubtedly buying Apple computers because they’re beautifully designed and well-marketed, there will also be some people who have dumped Windows because they are fed up with all of the spyware, pop-ups and virus attacks.
Indeed, some of the people who may well have suffered a lot from those kind of attacks in the past may be exactly the same kind of folk who visit the grubbier areas of the internet in the wee small hours of the morning. And they may feel that one of the side benefits of switching to a Mac is that they now don’t have to worry about all of those nasty things while they’re err.. watching nasty things.
But if they think they are immune from attacks they’re making a mistake. We’re seeing more attacks against Mac users all the time, with hackers planting bear-traps that work out if you’re visiting their page on a Windows or Mac computer, and deliver the appropriate malicious payload accordingly.
Interestingly, the discover of two new examples of Mac malware on the same day has happened just after Apple has shown off some of the new features of Snow Leopard, the next version of its Mac OS X operating system in San Francisco.
And after the debacle of last year when Apple was seen to be recommending its users run anti-virus software, only to quickly withdraw the advice, Apple has devoted a page to the security features of Snow Leopard.
And what do we find on that page? The following advice:
The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, antivirus software may offer additional protection.
“May offer additional protection?”. Hmm.. Seeing as the attack mentioned above is not taking advantage of any OS vulnerabilities and just exploiting human weakness, I think Apple would be wise to change that “may” to a “will definitely”.