“The stories have started to emerge and now the battle has begun. After years of being off-limits to hackers, the Apple Macintosh is now subject to the same sort of abuse that the PC has endured and survived over the years: malware,” John C. Dvorak writes for PC Magazine.
MacDailyNews Take: This is not the first trojan for Mac, not by a long-shot, nor is it likely to be the last.
“Apple says it will send out some patches this week, but this just marks the beginning of a long battle. It will be ugly, as the platform is largely like the unprotected, the users are clueless, and there is zero resistance within the platform. The few Mac users who survive the barrage will probably be former PC users who are not so easily fooled by fake websites,” Dvorak writes. “That said, a bunch of websites are now injecting code into the Mac to infect it with new Trojans.”
MacDailyNews Take: This being not the first trojan for Mac, Dvorak’s theory that a “long battle is just beginning” has no basis in fact.
Mac users “been trained since birth not to deal with such issues by hand. It’s beneath them,” Dvorak writes. “I use AVG as my anti-virus/anti-Trojan product, and when I encounter a website trying to pull this sort of thing, I get an immediate error message and the site is blocked. Currently, the Mac has no such software that I know of, and the user has to hope that Google, some other search engine, or the browser itself has some protection. Good luck with that.”
MacDailyNews Take: This trojan was identified by Intego, a company specializing in Internet security and privacy for Apple Macintosh since 1997. There are multiple AV software packages available for Mac OS X.
Dvorak writes, “PC users will be laughing out loud as this continues because this is just the beginning… While the PC users have literally endured decades of this sort of game playing, Mac users have rarely seen any of it. They have no idea what they are in for. This also makes you ask yourself exactly how well protected smartphones are against attacks like this? You can be sure that the iPhone and iPad are going to be next on the hit list.”
MacDailyNews Take: The only thing you can be sure of is that laughing at nothing is a clear sign of mental illness.
“That said, many in the PC world have warned Apple that its OS is not any more secure than a Windows OS,” Dvorak writes. “And because there is no security infrastructure with scads of anti-malware systems available, the systems are actually more vulnerable.”
MacDailyNews Take: Again, multiple AV software packages are available for Mac OS X and have been for years.
“So we’ll see how this situation plays out, but one thing is for certain: the happy-go-lucky Mac owners will end up grumbling about it the same way PC users have done over the years,” Dvorak writes. “And this ‘What? Me worry?’ attitude and smug smile will forever disappear. That’s the good news, as far as I’m concerned.”
Full article – Think Before You Click™ – here.
MacDailyNews Take: This is nothing more than a trojan. There has never been a Mac OS X virus. Dvorak’s attempt to use a Mac trojan to equate with hundreds of thousands of actual self-replicating viruses, worms, trojans, and other malware on the Windows PC platform is pathetic and likely due to fear of the fact that Mac has outgrown the PC market as whole for 20 consecutive quarters, or the last five years straight. When you work for an outfit calling itself “PC Magazine,” it’s understandable that the fear of becoming irrelevant would be quite strong. It’s sad that such fear produces garbage articles such as this.
What’s ironic is that Dvorak is calling Mac users ignorant while assuming his PC-using readers are ignorant enough to not understand the difference between a trojan and a virus, or think that Mac trojans are nothing new, or believe that Macs don’t have AV software available, or that a single Mac trojan equals the abject security debacle that is the Windows PC.
In closing, with smug smiles still firmly affixed to our faces, here’s our usual oft-repeated reminder for Mac users and anyone who’s trying to use any other platform: Do not download and authorize the installation of applications (Trojans) from untrusted sources. No OS can protect users from themselves (or we wouldn’t be able to install any software). Those who grant attackers access to their computers, should not be surprised to find their computers are compromised.
[Thanks to MacDailyNews Reader “kevin p.” for the heads up.]
Related articles:
New MACDefender variant, MacGuard, doesn’t require password prior to standard installation – May 25, 2011
Apple: How to avoid or remove MACDefender malware (permanent fix coming in Mac OS X update) – May 24, 2011
MACDefender trojan protection and removal guide – May 20, 2011
Apple investigating ‘MACDefender’ trojan – May 19, 2011
Apple malware: 6 years of crying wolf – May 6, 2011
Is Mac under a virus attack? No. – May 4, 2011
Intego: MACDefender rogue anti-malware program attacks Macs via SEO poisoning – May 2, 2011
Sophos details new Mac OS X Trojan – February 28, 2011
Warning: Mac users beware of yet another trojan masquerading as video codec – June 11, 2009
CNN blows it; gets all worked up about a Mac Trojan that isn’t the first nor is it the last – April 23, 2009
Mac trojan expands to affect pirated versions of Photoshop CS4 – January 26, 2009
Intego: Mac trojan horse found in pirated Apple iWork ‘09 – January 22, 2009
New Mac OS X Trojan horse identified – June 23, 2008
Mac OS X Scareware trojan ‘MacSweep from Imunizator’ tries to scam Mac users – March 29, 2008
Mac trojan makers churn out slightly modified versions to evade anti-malware detection – November 08, 2007
Mac DNS Changer Trojan [OSX/Puper] relatively simple; works like the Windows version – November 01, 2007
New Mac OS X Trojan warning – February 16, 2006
Apple: ‘Opener’ is not a virus, Trojan horse, or worm – November 02, 2004
– – –
The Microsoft tax: Stuxnet computer worm infects Microsoft’s porous Windows OS; Mac unaffected – September 27, 2010
The Microsoft Tax: New undetectable Windows trojan empties bank accounts worldwide; Mac unaffected – August 11, 2010
The Microsoft Tax: Windows zero-day flaw exposes users to code execution attack; Mac unaffected – August 09, 2010
The Microsoft Tax: Critical flaw lets hackers take remote control of Windows PCs; Mac unaffected – August 07, 2010
The Microsoft Tax: New attack bypasses every Windows XP security product tested; Mac unaffected – May 11, 2010
The Microsoft Tax: McAfee correctly identifies Windows as malware; Macintosh unaffected – April 21, 2010
The Microsoft Tax: DNS Windows PC Trojan poses as iPhone unlock utility; Mac and iPhone unaffected – April 15, 2010
The Microsoft Tax: 1-in-10 Windows PCs still vulnerable to Conficker worm; Macintosh unaffected – April 08, 2010
The Microsoft Tax: 74,000 Windows PCs in 2,500 companies attacked globally; Mac users unaffected – February 18, 2010
The Microsoft Tax: Widespread attacks exploit Internet Explorer flaw; Macintosh unaffected – January 22, 2010
The Microsoft Tax: Windows 7 zero-day flaw enables attackers to cripple PCs; Macintosh unaffected – November 16, 2009
The Microsoft Tax: Windows 7 flaw allows attackers to remotely crash PCs; Macintosh unaffected – November 12, 2009
The Microsoft Tax: Windows virus delivers child porn to PCs, users go to jail; Mac users unaffected – November 09, 2009
The Microsoft Tax: Worms infest Windows PCs worldwide; Mac users unaffected – November 02, 2009
The Microsoft Tax: Banking Trojan horse steals money from Windows sufferers; Mac users unaffected – September 30, 2009
The Microsoft Tax: Serious Windows security flaw lets hackers to take over PCs; Macintosh unaffected – July 07, 2009
The Microsoft Tax: Windows Conficker worm hits hospital devices; Macintosh unaffected – April 29, 2009
The Microsoft Tax: Conficker virus begins to attack Windows PCs; Macintosh unaffected – April 27, 2009
The Microsoft Tax: Conficker’s estimated economic cost: $9.1 billion – April 24, 2009
Millions of Windows PCs taken over by hackers, including UK and US gov’t machines; Macs unaffected – April 22, 2009
Conficker worm hits University of Utah’s Windows PCs; Apple Macs unaffected – April 13, 2009
Windows Conficker kicks into action, able to steal data from infected PCs; Macintosh unaffected – April 10, 2009
Windows Conficker worm awakens, updates via P2P, begins to drop payload; Macintosh unaffected – April 09, 2009
Millions of infected Windows PCs set to go off on April 1; Macintosh unaffected – March 31, 2009
Millions of infected Microsoft Windows PCs face doomsday on April 1; Macintosh unaffected – March 24, 2009
Windows data-stealing ‘Tigger’ trojan infects stock trading firms; Macintosh users unaffected – March 10, 2009
French navy fighter planes grounded by Windows worm; Mac-based naval systems unaffected – February 25, 2009
Houston courts shut down due to Windows virus; Macs unaffected – February 10, 2009
Windows virus knocks out Vancouver school computers for three weeks and counting; Macs unaffected – January 31, 2009
Massive Windows virus with mystery payload continues to spread rapidly; Macintosh unaffected – January 26, 2009
Massive Windows virus continues rapid spread, also affects Vista, Windows 7; Macintosh unaffected – January 21, 2009
Windows PC worm infection numbers skyrocket; Macintosh unaffected – January 19, 2009
Dangerous new sleeper virus exposes millions of Windows PCs to hijack; Macintosh unaffected – January 16, 2009
Zero-day attack targets all versions of Internet Explorer; Mac users unaffected – December 12, 2008
Windows worm loose on International Space Station; Mac-using astronauts unaffected – August 27, 2008
Microsoft inflicts Internet Explorer 8 Beta; Mac users unaffected – March 05, 2008
Gathering ‘Storm’ superworm poses grave threat to Windows PCs; Apple Macs unaffected – October 19, 2007
Windows virus cripples Florida newspaper; Mac-based publishers unaffected – March 02, 2007
Insidious Windows virus threatens business networks worldwide; Macintosh unaffected – March 01, 2007
Windows ‘Storm Worm’ rages across globe; Apple Macintosh unaffected – January 19, 2007
Sony, Gracenote sound alarm over Microsoft flaw; Macintosh unaffected – September 19, 2006
PowerPoint zero-day attack compromises data in infected Windows PCs; Mac OS X unaffected – July 21, 2006
Windows PC users infected with worm face loss of all Microsoft, Adobe files; Mac users unaffected – January 31, 2006
Microsoft Windows’ Zero-Day WMF flaw threats widespread; Macintosh unaffected – December 29, 2005
Microsoft Windows virus spreads rapidly; Apple Macintosh unaffected – November 28, 2005
Windows users fall victim to huge ID theft ring, 50 banks in danger; Apple Mac users unaffected – August 25, 2005
Quickly spreading Microsoft Windows worm affects CNN, ABC, NY Times; Apple Macintosh unaffected – August 16, 2005
‘Zotob’ worm rapidly infects Microsoft Windows; Macintosh unaffected – August 15, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
Microsoft warns of critical Windows flaws; unaffected Mac users just continue working – June 15, 2005
Michael Jackson suicide spam hides Windows virus; Macintosh unaffected – June 10, 2005
Windows Sober.p poised to attack this Monday; Macintosh unaffected – May 21, 2005
Microsoft Windows Sober.P worm shows ‘epidemic’ spread; Macintosh unaffected – May 03, 2005
Anzae/Inzae worm affects all Windows versions after 3.1; Macintosh unaffected – December 28, 2004
Windows Mydoom worm variant spreading in the wild; Macintosh unaffected – November 09, 2004
Windows XP worm speaks to users as it deletes their files; Macintosh unaffected – September 13, 2004
Millions of Windows PC’s hijacked by hackers, turned into zombies; Macintosh unaffected – September 08, 2004
Windows ‘Zindos’ virus spreads, attacks Microsoft.com; Macintosh unaffected – July 29, 2004
New Windows Bagle virus variants spread; Macintosh unaffected – July 16, 2004
Windows Lovegate worm variant renders computers useless; Macintosh unaffected – July 08, 2004
Windows Scob virus collects passwords, financial data; Macintosh unaffected – July 05, 2004
Windows ‘Scob’ virus designed to steal financial data, passwords; Macintosh unaffected – June 26, 2004
Windows users warned of infectious Web sites that take over computers; Mac users unaffected – June 25, 2004
Windows Korgo virus ‘aggressively stealing’ credit card numbers; Macintosh unaffected – June 04, 2004
First Windows 64-bit virus appears; Macintosh unaffected – May 27, 2004
Windows Wallon virus wipes out Microsoft Media Player on infected PCs; Macintosh unaffected – May 12, 2004
Windows Sasser worm mutates, knocks out banks, EC; Macintosh unaffected – May 04, 2004
Windows Sasser worm severely disrupts UK coastguard; Mac users remain unaffected – May 04, 2004
Windows Sasser net worm spreading rapidly; Macintosh unaffected – May 03, 2004
Sen. Edward Kennedy’s Apple Mac-based office totally unaffected by viruses – March 22, 2004
Five new Windows Bagle virus variants break nasty new ground; Macintosh unaffected – March 19, 2004
Windows worm, virus outbreaks intensify; Macintosh unaffected – March 03, 2004
Destructive MyDoom.F virus deletes Windows users’ files; Macintosh unaffected – March 01, 2004
Netsky-D Windows worm spreading; Macintosh unaffected – March 01, 2004
Windows users suffer five new Bagle worm variants; Macintosh unaffected – March 01, 2004
New MyDoom Windows worm deletes random files; Macintosh unaffected – February 25, 2004
Windows NetSky e-mail worm spreading; Macintosh unaffected – February 18, 2004
Windows virus ‘Bagle.B’ spreading; Macintosh unaffected – February 17, 2004
‘Doomjuice’ worm emerges, targets Microsoft; Macintosh unaffected – February 10, 2004
New version of Mydoom Windows virus appears, attacks Microsoft; Macintosh unaffected – January 28, 2004
Latest Windows virus ‘MyDoom’ sets new infection records worldwide; Macintosh unaffected – January 27, 2004
‘MyDoom’ Windows virus spreads rapidly; Macintosh unaffected – January 26, 2004
New Windows worm spreading ‘hard and fast’ worldwide; Macintosh unaffected – January 19, 2004
Florida students patch 360 PCs in marathon session due to Blaster virus; their Macs unaffected – October 01, 2003
Pennsylvania school district’s PCs infected with virus; their Macs unaffected – October 01, 2003
New ‘Swen worm’ masquerades as Windows Security Update; Macintosh unaffected – September 19, 2003
University of Illinois still patching all Windows machines; Macintosh unaffected – September 05, 2003
Montana school district’s Windows computers offline due to worm; Macintosh computers unaffected – September 03, 2003
A tale of two school systems: Windows schools crippled while Mac schools unaffected – August 21, 2003
SoBig virus variant rapidly inflecting Windows machines; Macintosh unaffected – August 19, 2003
Windows Blaster worm to attack Microsoft on Saturday; Macintosh unaffected – August 13, 2003
MBlast Worm spreads through flaw in Windows; Macintosh unaffected – August 11, 2003
Hackers hijack Windows PCs for porn serving; Macintosh unaffected – July 11, 2003
Palyh Worm strikes Windows users worldwide; Macintosh unaffected – May 19, 2003
Microsoft bug exposes millions to attack; Macintosh unaffected – November 20, 2002
Just his first paragraph shows Dvorak is the one who is clueless:
“same sort of abuse that the PC has endured and survived over the years”
Has he not heard that we are in the post-PC era? The PC did not survive.
No replies to the actual article…. just by looking at the title the first thought that came to my mind is that PC users are just f*#king sad!!!! Just because mac smashed that crappy “market” that is PC’s, casually now people are trying to create viruses for the mac OS which apparently is thought by people BETTER!!! So my final remark is, that PC people are just fuc*#*g sad…. so are these idiots that are trying to “ruin” the best OS!!! (mac :D)
Preamble and question:
I am using pretty old technology at the moment, G4 eMac. I have never had a problem with malware or viruses until recently.
A month or so ago I installed Bing and my troubles have begun. Is it possible that Bing, itself, is a trojan horse?
My question is how do I get Bing off my machine; I can’t seem to find any files to delete.
i still surf naked. Not literally, but the computer does not have any anti virus software running…No need. Just be smart about how you surf and what you download.
I think Dvorak’s trying to get into Molly Wood’s
pants. Molly from ‘Molly Rants’ on CNET and
Dvorak are of like minds in this matter. 🙂
The irony is in this particular case the smugness of Mac Users will protect them from loading the trojan to begin with.
a) what world is Dvorak living in where Mac users walk around bragging about this sh*t
b)Could JD sound any more bitter, sad and petty with this? What a poor baby.. he’s so wretchedly angry that Apple is successful… God… Buy some stock already and shut the F up.
Dvorak is obviously a douche!
“You can be sure that the iPhone and iPad are going to be next on the hit list.”
No, because they are closed, thus no trojan can get on your iPhone/iPad.
Enjoy your openness, Droidtards!
John Dvorak sure seems like an immature man to me. The only way I’ve found to deal with brats (adult or otherwise) is to not let them piss me off, and to ignore them.
It’s funny, Windows has so many Virii/Trojans/Spyware that for them to laugh at Apple is like someone in a Woodhouse that is lousy and eaten by Termites, dry rot and other nasty wood diseases, laughing a the homeowner who just got their first Woodpecker making small holes in their new shiny wooden building.
Until Windows has 0 malware, they shouldn’t be laughing. They should be screaming at Microsoft to close up all of the holes that pwn Windows every day of the week no matter what Windows version is running.
Testing new app.
MDN iPod app worked.
Dvorak is an idiot and always will be!
Regardless. John Dvorak, kiss my ass.
First, ALL antivirus software only detects stuff that was….previously detected, basically making it next to useless. Application whitelisting and sandboxing is the only real way to secure a system. Second, I own (and love) my new Mac, but I’ve used Windows for years without running antivirus and have caught nothing. Not once. @kingmel…OS X is HORRIBLY INSECURE. They ship it that way, and Apple is directly responsible for part of the problem. I’m not saying Windows isn’t also shipped that way, because it is. Hell, in OS X you can reset the admin/root with what…3 terminal commands? Seriously? WTF?
Since that’s the case, if you want to keep a platform from being profitable for the bad guys, don’t have any real market share to speak of. Don’t forget that Safari/Mac is traditionally the first to get cracked at Pwn2Own. Not so good. Apple needs to get their head out of the clouds and implement some basic security precautions Windows users have had for years BEFORE something happens…not after, like they are now. The problem with reactionary security is that the threat has already hit….and passed. A great place to start would be forcing people to use a user account from the start, rather then an Admin account. Let the users who know what they are doing (and need it) activate the admin account themselves later.
“ALL antivirus software only detects stuff that was….previously detected, basically making it next to useless.”
NO.
1) Most anti-malware (the correct term) includes heuristic analysis tools that detect potentially dangerous behavior inside your computer system. This stops many common malware behaviors.
2) The best anti-malware also include a reverse firewall that stops dead any malware bot behavior, be the bot new or old.
3) The vast majority of infections on Windows occur AFTER signatures for them have been installed into anti-malware apps. Therefore, anti-malware prevent personal infection as well as passing along infection to others.
“OS X is HORRIBLY INSECURE” is a LIE, making you a LIAR.
This is also a LIE: “I’ve used Windows for years without running antivirus and have caught nothing. Not once.”
… Because you never run your Windows box on the Internet. Right? Text book trolling. Nice try.
A deceitful comment: “Don’t forget that Safari/Mac is traditionally the first to get cracked at Pwn2Own.”
This is meaningless phrase demonstrates total ignorance of how the Pwn2Own even is held.
1) Cracks are researched for MONTHS in advance and brought by hackers to the event.
2) Macs are never cracked the first day because no LUSER Factor is allowed at the computer itself.
3) Macs are cracked on the second day because someone is allowed to point the target Mac’s web browser to a malware infected website.
4) The infections occur due to non-OS software. These include the mess we call ‘JavaScript’, Adobe PDFs, Adobe Flash, and Java. Not one of these cracks directly attacks Mac OS X. All of them depend upon security holes in non-Apple software.
I note that you really are severely TechTarded as well as an ANONYMOUS COWARD. I note you are not a member here at MDN and that you are using a BS name. You just another FUD mongering little troll.
I’ve been studying Mac security since 2005 and have been writing about it since 2007. Please pay a visit to my blog for factual information as well as laughter at anti-Apple security FUD:
Mac-Security Blog
Please note I’m not Mac bashing, but thinking windows is insecure without any actual knowledge of the technology behind operating systems (TashaG, looking at you). Here is a whitepaper about the actual problems associated with Mac OS X…and how we, the community who love Apple products, can fix them. http://www.macforensicslab.com/ProductsAndServices/index.php?main_page=document_general_info&products_id=174
Oh, you again, little troll.
The title of the POS article you link to gives away the show:
“Malware On Mac OS X – Viruses, Trojans, and Worms”
There are NO viruses or worms for Mac OS X. The paper is from 2008, making it out of date. The paper does not effectively discuss Mac malware. Instead if focuses on WINDOWS malware, including types, infection vectors and the malware rats who write the crap.
The article amounts to nothing more than yet-another piece of FUD as part of the FUD Fest against Apple security that has been going on since the fall of 2004. And darn, no “FLOOD” of Mac OS X malware has happened in all that time.
You’ll really enjoy reading my recent article:
Anti-Apple Security FUD
for the last SEVEN and a half years!
Here is the first paragraph:
“So what does computer security FUD actually signify? Insecurity on the part of those who perpetrate it.”
There’s a reason why there are ONLY Trojan horse malware for Mac OS X.
There’s a reason why Windows has over 150x MORE malware than Mac OS X on a per user basis.
WHACK! WHACK! WHACK!
Consider me slapping Dvorak in an attempt to wake him out of his TechTard coma.
Never mind. Hopeless case. 😆
You call me a troll, yet you fail to mention one thing….the very fact that you need to have this page “http://mac-security.blogspot.com/2011/05/rules-of-computing-keeping-your-mac.html” negates your point that Macs are secure….Macs CAN be secure if set up properly. And, stupid question, but how many people actually read your blog (no offense, but it’s a security blog, not a blog on whatever it is the kids read these days, manga or whatever). In fact, I’ve always respected you up till now for attempting to tell people that Macs aren’t secure out of the box, then you turn around and pull this. Granted, I hated Macs up until about….10 weeks ago or something, so it’s obvious I’ve still got a lot to learn. But you can hang out on your high horse and call everyone that disagrees with you a troll, that’s fine. And if I was, in fact, spreading FUD, then I sincerely and truly apologize.
Background: After xen0blade posted the above, he made friends and retracted his FUD remarks via a comment at my Mac-Security blog.
“… negates your point that Macs are secure….Macs CAN be secure if set up properly.”
Never have I ever said ‘Macs are secure’. I have no doubt that even a ‘hardened’ Mac OS X can be compromised if only by the LUSER Factor. All current Mac OS X malware rely upon some form of LUSER Factor, not upon flaws in the OS itself.
“how many people actually read your blog”
I don’t count the number of readers at I don’t care. But I can tell you that I have 5 RSS subscribers. I know of three specific readers, those being folks at Intego, SecureMac (aka MacScan) and ClamXav. All three have written to me and involved me in ongoing malware information. At the moment I am involved with a group of six of us who are keeping track of details regarding the MAC Defender Trojan horse series as well as the specifics of Apple’s update to their XProtect anti-malware built into Mac OS X. I will be posting an article about XProtect in the near future.
I do occasionally get feedback about the blog from random folks who found it while searching for related information.
IOW: My Mac-Security blog is there, in hopefully intermediate user level language, for anyone who may find it useful. But unexpectedly, I’ve ended up getting attention from professionals in the field, pointing out that the subject continues to be geek level and not generally of concern to average users.
“you can hang out on your high horse and call everyone that disagrees with you a troll, that’s fine…”
The only high horse I ever resort it is factual information and rational thought. Trolls deeply resent such things and of course disagree with them. I take great pleasure in turning the tables on trolls. I enjoy watching their misery mongering turned against them. If I have a flaw it might be this joyful practice. Nonetheless, I am very careful who I brand a troll and consistently back up my claims. It is one approach, not the only approach, to dealing with deceitful people, while providing everyone with useful information. 😎
Google+ continues to be therefore brand-new that will some individuals are wondering whether or not it’s well worth this to place hard work in to maintaining a profile on the social network. The solution is : definitely !seo