Viruses -- Are Macs being attacked?

Have you read the Google News headlines? I have a specialized section in my Google News feed that presents me with several Mac stories every time I open Safari on my Macintosh. I see the story because I have set as my homepage. But why has it appeared every day for the past week?


Today is February 26. The story is dated February 19! Let’s check the next headline:


Even this story is almost a week old.

So what is going on?

There are several bad file types that can theoretically attack your computer. They are usually describe as:

Virus - a computer program that can replicate itself[1] and spread from one computer to another. The term "virus" is also commonly, but erroneously, used to refer to other types of malware, including but not limited to adware and spyware programs that do not have a reproductive ability.
Malware - short for malicious (or malevolent) software, is software used or created by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software.
Trojan - a non-self-replicating type of malware which appears to perform a desirable function but instead facilitates unauthorized access to the user's computer system. Trojans do not attempt to inject themselves into other files like a computer virus. Trojan horses may steal information, or harm their host computer systems. Trojans may use drive-by downloads or install via online games or internet-driven applications in order to reach target computers.

These definitions came from Wikipedia. The links lead to full articles there.

We’re Mac users. We don’t get bad stuff!

Let’s examine that statement. For a long time, Apple products seemed to be immune to the bad stuff. Some people ascribe it to Apple’s excellent security measures. Others say it was because Apple was so unimportant. There are elements of truth in both of those statements. While I could write many pages on that subject, I would prefer to refer you to an
article that Rich Mogull wrote for TidBITS. Rich is an expert’s expert on Mac security. He is someone that I pay serious attention to.

Back to last week.

The attack on Mac computers was discovered at Apple. It was determined that this was the
same malware attack that had been detected at Twitter and at Facebook. Last Friday Microsoft said that they too had been attacked.

Let’s take a look at Apple’s response to this problem. First, one of the features of Mac OS X Mountain Lion is Gatekeeper. Click
this link to learn more about it. They released a software update Java for OS X 2013-001 for all users of Lion and Mountain Lion. They also released an update for Mac OS X 10.6. These updates turned off Java in the Safari browser.

Unfortunately, at this time is not only foolhardy, it is also just plain dangerous to run web applications that require Java.

Back to antivirus software.

If you read
Rich Mogull’s article you saw that he does not recommend antivirus software except in very rare circumstances. He points out that things such as last week’s malware must be out in the wild for days, even weeks before antivirus software is updated to protect you against them. So, they provide the user with a false sense of security.

They often slow other programs down and may run in the background for hours at a time using Mac resources that could be better deployed elsewhere. Furthermore, the majority of the malware that they do find does not affect your Mac and, in fact, won’t affect Windows users with up-to-date system software. And, most antivirus software finds many files that are almost certainly not malicious malware. One example is Troj/Unsc-A. Google it and you will find that out of the dozens of Windows anti-virus programs
only three determined that Troj/Unsc-A might be bad. And even among those it was given a neutral rating.

So once again, I have determined that it is not time for me to buy and run antivirus software. I am still not recommending it to my Mac using friends and family, but as always, I will keep my Windows antivirus software that I use in Parallels up-to-date and I will still not download files, check email or surf the web on the Windows side when I am using it.

It’s always nice to have my own expert, Bob LeVitus weight in, here is his response:

Bob says, “I couldn’t have said it better myself. I may have to run antivirus software on my Macs someday, but that day is yet to come.”
blog comments powered by Disqus