Macs, Safe No More? FEBRUARY 21, 2006 News Analysis By Arik Hesseldahl Macs, Safe No More? Recent malware outbreaks suggest that Apple's computers are now targets of viruses and trojans. Here's the lowdown For years, owners of Macintosh computers from Apple Computer (AAPL ) have lived in a computing version of the Garden of Eden, free from the worries over viruses, trojan-horse intrusions, and other digital nastiness that crops up every day for users of Microsoft (MSFT ) Windows. Could it be that those days are coming to an end? Two malicious bits of software showed up on Macs in as many days in mid-February. And while neither appears to be all that harmful when compared with the worst threats to hit Windows, they may indicate more worrisome days are in store -- just as the Mac, newly powered by Intel (INTC ) chips, gains added popularity and attention. Here's a rundown of what's known about these threats. Exactly what form is the malware taking? One, called Leap-A, is a trojan disguised as a jpeg image of a coming version of the Mac OS. Once it's inadvertently downloaded and installed, it replicates in wormlike fashion by sending copies of itself to people on a user's iChat buddy list. iChat is an instant-messaging program for Apple users that connects primarily to America Online's (TWX) AOL Instant Messenger Network. It also goes by the name Oompa-A, or Oompa Loompa Trojan. The files check for the presence of an attribute called "oompa," a reference to the diminutive chocolate-factory employees of Charlie and the Chocolate Factory fame. How serious of a threat is it? Not terribly. Beyond replicating itself, it's not considered harmful, says David Cole, director of Symantec's (SYMC ) Security Response. "This is a very garden-variety kind of threat," he says. "Had this appeared on the Windows platform, we wouldn't even be talking about it." It's also not thought to carry any threat to Windows users who may appear in the buddy lists of Mac users. How widespread is it? Symantec (SYMC ) says the program has spread to only a "handful" of users, perhaps numbering in the hundreds. What can I do to protect myself against it? Here's what Apple says: "Only download and install applications from trusted sources, such as well-known application publishers, authorized resellers, or other well-known distributors. It is also advisable to use antivirus software to scan any files before installation." And the other? The second is a worm known as OSX.Inqtana.A. Once introduced to a targeted Mac, probably via a user's download, it tries to replicate itself via the computer's Bluetooth wireless data connection. Most recent Macs have Bluetooth wireless technology built in for working with Bluetooth-friendly headsets, printers, and other devices. Is it a big concern? This worm's ability to spread has been hobbled by several factors. First, in order to spread to a second computer, it has to come within close physical proximity of the first computer's Bluetooth transmitter, which is generally limited to about the size of a large room. Moreover, this worm takes advantage of a security vulnerability in Bluetooth wireless technology that has been documented for more than eight months. What can be done to stop it? An Apple spokesman says the vulnerability was addressed in a software security update issued in June, 2005. Any Mac users who have used Apple's "software update" feature on OS X since then have nothing to worry about. "It's unlikely that most users would even get this," Symantec's Cole says. "And it doesn't appear to be carrying a payload that does any damage." Are the two related? Probably not. They seem to have been developed at roughly the same time, independently. But ultimately, what does this mean for Mac users? Are the days of not worrying about security threats like malicious software over? If nothing else, these two programs show that there are some new efforts underway by those who like to create malicious software to establish new inroads on the Mac. These efforts have so far shown little success, and in truth, created very little trouble for Mac users. And generally speaking, Macs have historically suffered less from viruses, trojans, and other security threats over the decades. Still, the Garden of Eden didn't last forever.
Well Mac users have always acted like they're 100% safe, but seeing as more people are using Macs, there's more of a reason to look for the faults in the Macs, and begin targeting them.
OK, I'm a little late, but I think I've gotta chime in. The most critical thing about a virus for Mac OS X is the fact that it requires you to enter your Admin Password to install anything. Therefore, if they're installing a virus or anything containing a virus, it would theoretically be their own fault due to the fact that they gave the thing consent. At least, that's my take on it. -John
Viruses don't need to be installed to take over a system. I am assuming that it works the same way as a Windows XP limited user account does?
While no operating system is completely invulnerable, the recent reports regarding vulnerabilities and "viruses" for Macs have been GREATLY exagerated. Unlike Windows, Macs were built from the ground up to be more secure. Viruses can not spread on a Mac the way they do on Windows because there is know way to gain root access without being granted administative access - something that the Mac user would consciously have to grant. Can the owner be fooled into granting that? Sure! But then it's not really a virus. Here are a couple of links to articles that explain all of this much better than I can... http://www.wired.com/news/columns/0,70257-0.html http://macdailynews.com/index.php/weblog/comments_opinion/8795/ http://arstechnica.com/news.ars/post/20060220-6221.html Do I use anti-virus software? Yes - but mainly it's for the benefit of my Windows using friends, so that I don't unintentionally forward a virus to them...One which leaves my my system unaffected. Just to put it all in pespective so far, there have been a handful of "Proof of Concept" exploits for Mac OSX, bu NO viruses found "in the wild." I'll take that over the thousands of viruses, exploits and malware for Windows anyday! (Even if it DOES mean I have to wait a little longer for my favorite games to be ported over to the Mac!!!)
