Antivirus for Mac

Antivirus Software for Mac – Need or Not?

ytKr6L3ZTP4Pf2acEpzpMM-320-80-300x169 Antivirus for Mac

The longstanding No. 1 reason many computer experts give for placing Apple computers over PCs is that they are immune to computer viruses. However, although Macs are much better at preventing malware attacks by themselves, it’s certainly not true. Even as early as 2002, Apple posted the following warning to its OS users:

“Although virus infections are rare, they do exist and can cause problems with (and sometimes damage) your files or application programs.”

Let’s not forget that the first-ever virus that was distributed “in the wild” (meaning it was not done in an academic setting or through an intranet) was targeted specifically at Apple II computers. Granted, the Elk Cloner virus spread only via floppy disks to the originators friends’ computers and not via the Internet, but it was still a big deal to the industry, especially in the early 1980s. It may even be the reason why Apple took the threat of viruses seriously when it created its operating system for its current incarnation of Mac computers, especially after the Internet grew in popularity.

In this day and age of cybercrime being at an all-time high, it’s important to be aware of why relying solely on Apple’s strong operating system software is not such a good idea.


Results of Pwn2Own

Operating system software producers know the best way to see how well their products can stand up to hackers is to try to have their programs hacked. The Pwn2Own competition has taken place annually since 2007 at the CanSecWest security conference. Contestants are given the challenge of hacking into a set combination of software (Web browser and operating system) and platform (Mac and PC), with the winner receiving prizes.

This controlled event helps the industry when the event’s sponsor, Tipping Point, reports the data of the hack to the appropriate vendors, and the information isn’t released to the public until patches have been created.

Mac users may be interested to know that in the 2011 version of the competition, Snow Leopard (the Mac OS version 10.6) was hacked via Safari five seconds into the competition by French security firm VUPEN.


Mac-specific viruses

In the past few years, there have been several Mac-specific viruses that have been spotted in the wild. This is definitely out of the ordinary, but should have Mac users attention.

In June 2008, viral strains of AppleScript.THT, a Trojan horse reported by SecureMac, were attacking Macs running the OS X 10.4 and 10.5 versions. Attacking a vulnerability in the Apple Remote Desktop Agent, AppleScript.THT could enable file sharing, take pictures with the Apple iSight Camera, log keystrokes, and take screen shots. It avoided detection by turning off system logging and opening ports in the firewall.

Another attack on Macs in 2007 targeted a much smaller audience, but it still be noted as a successful attack on Macs in the wild. The Trojan horse implored Mac users visiting porn sites, inviting them to download a codec that would allow the user to view any porn video they find online. Instead, the download would install malware that would redirect the user to phishing sites and adware.

In April 2012, first detected by a computer security firm F-Secure, a modified version of the “BackDoor.Flashback.39” variant of the Flashback Trojan has infected over 600,000 Mac computers. This was announced by Dr. Web, and confirmed by Kaspersky. This Trojan targets a Java vulnerability on Mac OS X. As of January 9, 2014, about 22,000 Macs are still infected with the Flashback trojan (info link).

ytKr6L3ZTP4Pf2acEpzpMM-320-80-300x169 Antivirus for Mac

“Platform-agnostic” attacks

There has been an obvious paradigm shift in malware attacks, and the numbers prove this point. Cybercriminals are leaving virus-type attacks by the wayside in favor of application-based attacks. The reason is simple: Virus attacks must be written for a specific platform or operating systems. Attacks that can be launched through an application can cross platforms.

The numbers bare this out: In 2008, Microsoft reported only 6 percent of vulnerability attacks targeted operating system software, while 90 percent of vulnerability attacks targeted applications.

These “platform-agnostic” attacks are dangerous, especially since these types of are brought into the computer by a user willingly instead of a cybercriminal seeking to drop malware physically onto a target computer. These usually fall under the Trojan horse banner, with users think they’re downloading a beneficial program, and instead downloading various forms of malware.


Safety in (less) numbers?

One of the reasons cybercriminals historically avoided Macs is because of the small market share relative to Windows. Basically, the effort needed to put in to attack a Mac with a virus doesn’t produce enough profit to be viable. For example, looking back to the VUPEN team, although their program only took 5 second to successfully attack its target, it took the team two weeks to find the exploit in Safari, and then had even more trouble finding a “reliable” program that would break through to the OS.

However, because of platform-agnostic attacks, this is less of an issue.


Macs as carriers

Mac users may also be carriers of viruses. Just as with medical viruses, Mac computers could actually harbor a virus but not become infected. However, it may distribute the virus on to PCs that may become infected.


Apple recommends antivirus software

Apple has recommended that its users back up their computers’ already strong protections with antivirus software (read more in Apple Recommends Antivirus for Mac). Programs such as Norton Security work with Mac and can help block traditional virus attacks and help clean any malware that may have gotten through by non-traditional means.

ytKr6L3ZTP4Pf2acEpzpMM-320-80-300x169 Antivirus for Mac

Computer Viruses and Their Spread Prevention

computer-virus-spread-800x800-300x225 Computer Viruses and Their Spread Prevention

The term “computer virus” is used to describe a computer program that can replicate itself and infect a computer. Much like its namesake, the biological virus, a computer virus must rely on the user of one computer to be spread it to another computer.

Although the terms have grown to become somewhat interchangeable, especially by computer novices, not all malware (or, malicious software) are viruses, but a virus is a form of malware. (It’s like saying Kleenex is a tissue, but not all tissues are Kleenex.) Some malware can be distributed to millions computers by its creators, replicating itself when computer users unwittingly passes on the program, usually through infected e-mails.


Computer Virus Malware Virus and non-Virus Malware

Two examples of the difference between viruses and other types of malware are spyware and adware. Typically, these two types of malware are used to learn the usage patterns of individual computer users and report back to its creators so they can profit on the findings (although they can have other more nefarious uses). They’re usually not meant to purposely attack a computer, even though it can be a side affect, nor are they meant to be passed onto other computes by the user.

Viruses, on the other hand, are intended to cause interruptions to normal processes in as many computers as possible with an executable program. Viruses can be as simple as a few lines of text written as a practical joke, or as dangerous as a program that can completely delete the contents of a hard drive.


The Evolution of Computer Viruses

Academically, the first theories of viral computer attacks were recognized as early as the late 1940s. Then, in the 1970s, the first viruses that were actually put into practice – usually as experiments – were in contained environments, such as within the ARPANET, a large-scale intranet that connected academic labs and commercial enterprises. These early “attacks,” such as the Creeper virus, which only infected ARPANET computers with a joking line of text, were important, as they also helped programmers learn how to combat viruses. Also, it proved the theories correct, that it was possible for one person to invade a string of computers.

As the popularity of home computers rose in the 1980s, so did the popularity of creating viruses. Before widespread use of the Internet, viruses were most commonly distributed on floppy disks, piggy-backing on disk-based operating systems, popular software titles, and store-bought writable floppy disks. This was an easy method because all software on floppy discs (even those direct from the publisher) were easy to alter, and, therefore, easy to copy and share with friends. This specific method of spreading a virus has all but gone by the wayside since operating systems have grown in size that they will no longer fit on one disk, plus the fact that all software titles are now on CDs or DVDs, which can be made in a read-only format.

However, when the Internet took off in the mid-1980s, and then grew in popularity toward the end of the 1990s, passing viruses through e-mails and through network vulnerabilities became the standard. First, there were viruses that were attached to software titles that were downloaded via bulletin board networks, Internet Relay Chat, or software sharing sites. Viruses disguised as executable code written into popular Microsoft documents (such as Word or Excel) were also easily distributed by unsuspecting people forwarding on a document with a heart-felt poem or pretty pictures.


Computer Viruses Today

Along with e-mail and network viruses, today’s viruses can also be spread via portable USB drives. Although this is an easy way to share files, especially in a business setting, it can also pick up viruses from unprotected computers, and spread them to every computer that the owner uses with that drive.

Some people think that computer viruses are harmless, a so-called victimless crime, like graffiti. However, just like graffiti, it can cost time, effort, and tons of money to remove viruses from a computer, or a whole network. It can also affect the flow of commerce, whether it’s freezing the computers that run an online boutique, to a large company having to pull resources from one area of its business to concentrate on cleaning or replacing damaged computers. When this happens, oftentimes a company will have to pass on the cost of the damages onto its consumers.


Computer Virus Prevention and Protection

There’s no way to stop viruses from being created. There will always be a young programmer wanting to prove that they can “play with the big boys,” or a hacker who wants to just see chaos and damage. And, just like real-world vandalism, someone who creates viruses can start their “career” with a harmless prank but grow into causing millions of dollars of damage by deleting massive files from multiple corporations.

The best way to protect home computers against viruses is to have updated antivirus software, keep computers and software updated with the latest patches, and monitor the behavior of all users of a computer, including learning what types of files can be harboring viruses (such as Microsoft word documents in a massively forwarded e-mail). There will always be viruses, but staying vigilant will help keep a computer from becoming infected.