Does your Apple Mac need antivirus software, or any other kind of security software? This question has been asked repeatedly over the years and I think the "correct' answer has changed over time. So what better time to revisit the question than MacWorld 2013? In fact, I will be at MacWorld in San Francisco this week, along with a number of my colleagues from ESET, so if you want to discuss the question in person, please stop by Booth #423.
In conjunction with our annual visit to MacWorld, ESET has put together something called "Straight facts about Mac malware" which is available as a printed brochure, an interactive website, and a.PDF file that you can download.
Frankly, I don't think you have to spend much time looking at "Straight facts about Mac malware" before you realize the time is right to add some anti-malware software to your Mac.
Yet I continue to meet Mac users who are convinced that malware is nothing to worry about. Why is that? As I mentioned in my previous post about securing your Mac, many people have repeated the statement that Macs can't catch viruses. There may be a qualified sense in which that is true, but it obscures the wider reality that Macs can, and do, get hit with other forms of malicious software.
A slightly different phrase, "Macs can't catch PC viruses" is most certainly true, but even that statement obscures the fact that Macs can spread PC viruses, a fact of considerable concern to the many organizations that use a mix of Macs and PCs (including those who run Windows on Macs). But what if you are an all Mac shop, do you still need to worry about Mac malware? You do, because there is malware out there written to target and infect Macs, and that's what you will find documented in "Straight facts about Mac malware."
Now, when I say "target Macs" that doesn't necessarily mean the bad guys are interested in your Mac because it is a Mac. A compromised computer, one on which criminal hackers have installed their software without your permission, has plenty of value that is "platform agnostic." In other words, the bad guys can profit from taking over an Internet connected computing device regardless of whether it is Mac or PC.
If my goal is to put together a botnet, an army of compromised machines (bots or zombies), in order to harvest banking credentials or conduct a Distributed Denial of Service attack (DDoS), I don't care if the bots are Macs or PCs, or Android phones for that matter. I also don't care if the malicious code I am unleashing is classified as a virus or a worm or a Trojan, as long as it gets the job done. (And yes, this terminology is sometimes confusing, for example, the way to keep malware of all kinds off your Mac is to use an anti-virus product, even though it will spend most of its time being anti-worm and anti-Trojan, in other words, anti-malware).
An example of a Mac antivirus program blocking access to a website infected with Mac malware
However, there are times when bad guys do take an interest in the fact that you have a Mac. For example, if I am trying to spy on a group of people who typically use Macs, then I might target OS X with my malware. You can see evidence of that inOS X Lamadai and the Dockster OS X malware which attempt to spy on people interested in Tibetan issues and the Dalai Lama.
A number of the pieces of Mac malware documented in the interactive "Straight facts about Mac malware" page are also described in detail here on the blog. In case you missed those posts, I decided to list some of the more recent ones below. This helps underline the fact that, while there is nothing like as much OS X specific malware as Windows malware, there is a significant amount, and definitely enough to be of concern to anyone who is serious about protecting the contents of their Mac from exposure, abuse, or destruction:
- Spying on Tibetan sympathisers and activists: Double Dockster*, December, 2012
- Flashback Wrap Up, September, 2012
- Mac OSX/iOS hacks at Blackhat – are scammers setting their sights?, August, 2012
- OS X Lamadai: Flashback isn’t the only Mac malware threat, April, 2012
- Fighting the OSX/Flashback Hydra, April, 2012
- Mac Flashback Trojan: If you use Java the time to patch your Mac is now, April, 2012
- OSX/Lamadai.A: The Mac Payload, March, 2012
- OSX/Imuler updated: still a threat on Mac OS X, March, 2011
- Updates on OSX/Tsunami.A, a Mac OS X Trojan, October, 2011
- Linux Tsunami hits OS X, October, 2011
- PDF Trojan Appears on Mac OS X, September, 2011
- MacDefender undergoes a name change, MacShield, June, 2011
- Social engineers don’t care about your OS: and nor should you, May, 2011
- MacDefender (now MacGuard) Can Install Without Credentials, May, 2011
- Boonana threat analysis, November, 2010
I can understand that news of Mac malware is sometimes drowned out by the waves of reports of mass infections on Windows machines, but the fact remains that Macs can be hit with malware attacks. Defending your Mac against incoming code that could be malicious just seems to me like the sensible thing to do.
BTW, if you're wondering "what does this guy know about Macs?" let me assure you that I don't know everything, but I did buy my first Mac in the 1980s, and my first writings about Mac security were published in the 1990 McGraw-Hill book, "The Stephen Cobb User's Guide to FileMaker," which I co-authored with my wife, Chey. Once again, I invite you to stop by booth #423 at MacWorld and we can carry on the conversation. If you can't be there, then I highly recommend you check out Straight facts about Mac malware.