Datamonitor: ‘Mac OS is just as vulnerable to malware as Windows’

“Apple Computer Inc’s Mac OS X has been targeted by malware writers for the first time, with two pieces of malicious code designed for the operating system appearing in as many days late last week,” Datamonitor reports. “The first, known as Leap, is either a worm or a Trojan, depending on whose definitions you want to believe. It spreads via the iChat instant messaging network, but requires the user to download, extract and execute it before it can do any harm. As such, it is expected to not spread very quickly or very far. Apple users may not be accustomed to receiving malware via iChat, but they’re not generally stupid.”

“The second program, known as Inqtana, spreads via a known vulnerability in Mac OS X 10.4’s implementation of the Bluetooth stack,” Datamonitor reports. “The vulnerability evades security precautions in the software, enabling files to be written outside the designated folder. It was discovered and patched last May.”

MacDailyNews Note: Last May.

Datamation continues, “It has always been accepted wisdom that Mac OS is just as vulnerable to malware as Windows or Unix-based operating systems, and that Mac users have escaped unscathed largely because bad actors choose to ignore them.”

MacDailyNews Take: “It has always been accepted wisdom that Mac OS is just as vulnerable to malware as Windows? Accepted wisdom by whom exactly, the mentally incapacitated and/or the antivirus software companies trying to sell software to the immeasurably gullible?

Datamation continues, “Whether or not the existence of this malware should be taken as evidence that Apple computers are gaining mind or market share in a broader sense is a matter of interpretation, although it certainly is a possibility… [Leap-A] is not a particularly sophisticated social attack, hearkening back to simplistic highly effective engineering used in the I Love You and Kournikova worms that hit Windows users in the late 1990s.”

Full article here.

MacDailyNews Take: “Leap-A” hearkens back to the “I Love You” and “Kournikova” worms? To describe “Leap-A” as “simplistic” works, but to use the words “high effective” is a deceptive joke. The Windows “I Love You” worm caused $10 billion dollars in damage and the “Kournikova” worm infected at least hundreds of thousands of computers worldwide. The only similarity that “Leap-A” shares with the aforementioned Windows worms is that it is socially-engineered malware. Unlike the Windows worms, Mac OS X users would actually have to grant permission to install the malware. And, as Apple has already stated, “Leap-A is not a virus, it is malicious software that requires a user to download the application and execute the resulting file. Apple always advises Macintosh users to only accept files from vendors and Web sites that they know and trust.” Apple provides a guide to safely handling files received from the Internet here.

Note: Do not accept files from vendors and Web sites that you don’t know and trust. Don’t throw your important documents in the Trash and Empty it, either.

Painfully Obvious Sentences: Any operating system is vulnerable to a malicious program installed by the user. Mac OS X does its best to protect foolish actions by the user, by requiring permission to install applications (including malware), but if the user is bound and determined to install malware onto their machine, they’ll install malware onto their machine. That is worlds apart from the “Windows experience” of malware that surreptitiously installs itself without user’s permission and/or knowledge.

Those who try to equate Mac OS X with Windows in the area of security because of a laughable trojan cum worm (Leap) and an old proof-of-concept (Inqtana) that was patched over half a year ago are despicable, desperate, and/or weak-minded.

Advertisements:
MacBook Pro. The first Mac notebook built upon Intel Core Duo with iLife ’06, Front Row and built-in iSight. Starting at $1999. Free shipping.
iMac. Twice as amazing — Intel Core Duo, iLife ’06, Front Row media experience, Apple Remote, built-in iSight. Starting at $1299. Free shipping.
iMac and MacBook Pro owners: Apple USB Modem. Easily connect to the Internet using dial-up service. Only $49.
iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
Connect iPod to your television set with the iPod AV Cable. Just $19.

Related MacDailyNews articles:
Patched in mid-2005 by Apple, Symantec warns ‘Inqtana-A’ worm could be ‘beginning of a trend’ – February 20, 2006
OSX.Leap.A: a near miss for Mac users – February 18, 2006
Apple: ‘Leap-A’ not a virus; only accept files from vendors and Web sites that you know and trust – February 16, 2006
‘Highly critical’ flaw in discovered in Symantec AntiVirus for Mac OS X – December 21, 2005
Why Symantec’s ‘scare tactics’ don’t worry Mac users – September 28, 2005
$500 bounty offered for proof of first Apple Mac OS X virus – September 27, 2005
Symantec details flaws in its antivirus software – March 30, 2005
Motley Fool writer: ‘I’d be surprised if Symantec ever sells a single product to a Mac user again’ – March 24, 2005
Symantec cries wolf with misplaced Mac OS X ‘security’ warning – March 23, 2005
Symantec’s Mac OS X claims dismissed as nonsense, FUD – March 22, 2005
Symantec warns about Mac OS X security threat – March 21, 2005
FBI: Viruses, spyware, other computer-related crimes cost U.S. businesses $67.2 billion per year – February 01, 2006
Windows virus threatens 170-year-old Toldeo newspaper’s perfect record, Apple Macs save the day – January 27, 2006
Symantec: 10,866 new Microsoft Windows virus and worm variants in first half 2005 – September 19, 2005
Hackers already targeting viruses for Microsoft’s Windows Vista – August 04, 2005
97,467 Microsoft Windows viruses vs. zero for Apple Mac’s OS X – April 05, 2005
Cybersecurity advisor Clarke questions why anybody would buy from Microsoft – February 18, 2005

46 Comments

  1. Can’t you see what these people/companies are doing?

    They are sucking us into the “worry about security” cycle windows users go through.

    You want a safe computing experience, get a Mac.

    If Apple can’t protect the operating system and deliver a malware free experience, don’t use computers anymore.

    Most people I’ve talked to don’t do computers anymore because computer makers can’t provide a safe and reliable product.

    Even Apple is sucking us in, wasting our time worrying about other things and brainwashing us into cultists.

    A computer is a machine, if it fails repeatly, you don’t use it anymore.

    Don’t waste your health worrying about these stupid things, life is fun, get out and get some sun, get laid.

  2. Yah, and guess what? My $50,000 Range Rover is just as susceptible to stupid drivers as my brother’s $500 Gran Torino. So what?

    Stupid is as stupid does.

    If there was ever an article, and an author, who deserved to have their garbage writing and [cough] reporting [/cough] challenged with numerous e-mails to their inbox, it’s this one.

    Hey, I’m just sayin’ . . .

  3. It ‘spreads” via iChat. Doen’t he mean you have to knowingly download the file and install it? Doesn’t sound like ‘spread’ to me. When you think of something spreading usually it refers to something that does so without any assistance.

    “They are sucking us into the “worry about security” cycle” -MacDude

    Sorta sounds to me like what our government does on a daily basis. We shouldn’t be falling for that either.

  4. “I don’t know how anyone can argue with the headline. If someone misrepresents an application and you install and run it, what difference does the platform make?”

    Verbose, Mac OS X is NOT as vulnerable to Malware as Windows because:

    a) the points of entry are far fewer since Windows has a far higher number of critical security holes. ActiveX scripting is probably the biggest culprit in the Windows world.

    b) the damage is much more limited. An admin user on Mac OS X would have to authenticate in order to allow the malware to access/install itself/modify/delete certain parts of the system, but even then, there are some parts that it still could not touch. On non-admin accounts, malware would only have access to modify the user’s home folder and drives/network shares that they have write access to, but none of the system directories.

    c) Many Windows worms or viruses don’t require human intervention or social engineering tricks to spread and do harm. So far ALL of the malware that we’ve seen for Mac OS X (all 3 of them) require user intervention.

    So it’s clear that there is a good argument against the headline.

  5. Windows NT has DoD “Orange Book” C2 Security Accreditation and the UK Government equivalent.

    MacOS hasn’t even been accredited at the basic level.

    Security through obscurity is great, but doesn’t convince those whose bread and butter is IT security. If a C2 accredited OS can have the problems that WinNT does, just imagine the potential for MacOS.

    Malware for MacOS is only a matter of time. The script kiddies are just saving up for their first Mac. Don’t be smug.

  6. These simplistic malwares did not penetrate the Mac user base at large, while other “simplistic” worms penetrated Windows and caused $billions in damage.

    You certainly aren’t hearing Mac OS X Server administrators complaining.

    The evidence is clearly written.

  7. Macromancer…. Yes, The file itself does spread without any assistance… It is up to the user to then install it.. It is only dangerous for the average user… I can think of my dad for example… He is 72 years old and very new to the world of computers.. He really does not know what types of files are ok and which ones are bad.. If he was on iChat and a file popped up with say a title of “Grandkids Pics,” he may very well click on it..

    What I’m saying is just because someone accidentaly installs this type of file on their computer does not mean they are an idiot… Not all people are as technically savvy as use MacHeads are…

  8. UNO:
    Leap A CANNOT spread on the Internet. It is a LAN worm. Or virus maybe since it can’t spread by itself. YOU CANNOT get this malware!

    DUO:
    Even on a LAN Leap A CANNOT infect Macs in their default config! You have to change iChat to use Bonjour. Have you EVER met anyone who changed that setting? I sure haven’t.

    But man, watch the FUD fly this week. Some Windows users are really threatened by Apple’s success, methinks!

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.