Mac is the new target for Malware. Why you ask? Why not I say? Many Mac users “assume” that they have a computer that wont get viruses or malware. But those days are over. The explosion of the iPhone and iPad have made Mac prime target with rising unit numbers worldwide.
A trojan horse named “Flashback” that surfaced last year is believed to have created a botnet including more than 600,000 infected Macs around the world, with more than half of them in the U.S. alone. The Flashback botnet harvested personal information and Web browsing logs fron infected machines. The trojan, which disguises itself as an Adobe Flash installer, was first discovered last September.
- Trojan-Downloader:OSX/Flashback.K is dropped by malicious Java applets that exploit the known CVE-2012-0507vulnerability. removal tool here: http://www.f-secure.com/weblog/archives/00002346.html
- Then came: Mac OS X trojan encryption routines found in a Linux backdoor-the protocol is using AES and XOR to encrypt all the underlying communications.http://labs.alienvault.com/labs/index.php/2012/mac-os-x-trojan-encryption-routines-found-in-a-linux-backdoor/
- April 16, 2012: A new version of a backdoor trojan for Apple’s OS X operating system takes advantage of an exploit in Microsoft Word to spread.The latest variant of the attack known as “LuckyCat” was discovered and detailed by Costin Raiu, Kasperskky lab expert. He found that a dummy infected machine was taken over by a remote user who started analyzing the machine and even stole some documents from the Mac.The malware is being spread through Word documents that exploit the CVE-2009-0563 vulnerability.
- April 23, 2012: A new variant.
Apple’s tardy patchingThere are quite a few but, in my mind, the most dangerous is Apples intransigence. The company is always tardy on supplying patches for known security problems. Java for Mac is just one example (49 days to patch!) but, if you monitor Apples patch release process, youll find they are constantly late with fixes, especially for open-source components. WebKit and Safari are a constant security nightmare.Then we have the whole veil of secrecy thing. Apple simply ignores all media queries about security problems. Whenever there is a legitimate threat, users get zero communication from Apple. There are no pre-patch advisories with mitigations for users. They dont provide data to security vendors to help keep the ecosystem secure. When theres an outbreak, Mac users have to rely on third-party guidance instead of getting help from Apple. Steve Jobs Quote ” The Mac can not get Malware” = Lie.