RSA 2009: Apple users at risk as Mac malware mushrooms

I've never had a virus with my PC

Even though I'm running the 'virus ridden' Windows OS, I've never had any kind of malware infection. The worst I've had has been a couple of 'tracking cookies.' That's because I keep it patched, use an updated browser and an updated antivirus. You're all saying 'hah, only pirated mac people get infected, but in Windows you can get a virus just by turning on the PC,' but provided the machine is patched and you don't do anything stupid, you're fine. Exactly what you've all been saying about Mac OS

Posted by JH, 26 May 2009

Fear, Uncertainty, Doubt

Smug factor? Are you for real?

And the worm was javascript, not java - an utterly different thing.

Baseless, sensationalist nonsense + minimal fact-checking + sound bites from those with a vested interest in spreading FUD == FAIL.

Posted by Rory Sinclair, 22 Apr 2009

Unfounded Statements

My personal view, on such comments by your counterparts are irresponsible.
Do not create a conversation based on uncertainties.
State your findings, with justified reasoning.
Else, do not scare off apple users, and new users who experience only stability and efficiency when using apple related hardware.

Posted by Vimalendran Shanmuganathan, 22 Apr 2009

This is utter BS

So the crux of your argument is based on a TROJAN within software that a user must download from a pirate website and install with their admin password? And then some daft twitter vulnerability that has nothing to do with Apple software at all. This article is trash and the author should be ashamed.

Posted by Chris, 22 Apr 2009

The clowns leading the charger are main security companies

Vnunut, thanks for the warning, guess you enjoy the hits with that scaremongering headline, totally sad...

Posted by AdamC, 22 Apr 2009

Pot calls kettle black

"This comment totally discredits the author. It demonstrates a condescending, hateful attitude toward Apple and its customers. The point could easily have been made in a professional way, without the attitude and venom. But this bozo chose to bash instead of inform. His advice is suspect to say the least. Screw him."

Just as Apple is descending to an all time low in its moronic, unprofessional and childish attempts to pour scorn on anything Microsoft, the above comment perfectly crystallizes the bigotry of many in the Apple community. They think it's perfecdtly OK to belittle the MS camp but if anyone dares to critise their "religion" (Apple)........

People in glass houses shouldn't be such pious bigots !

Posted by jimmy, 23 Apr 2009

Meh

Yes, yes, we all know this will be the year for the big mac exploit. Just like last year was supposed to, and the year before that, and the year before that. The 'expert' did himself no favour denigrating and chiding the users with his statement. Implying that someone is stupid isn't an effective way of getting them to listen to you. Where on earth did this guy learn his interaction skills, Karl Rove?

Posted by Mathue, 22 Apr 2009

one million to seven

Let's see, there's over 1,000,000 Windows viruses etc. There are 7 known MacOs X trojans which have to be downloaded & installed with an admin password. I don't consider the risk to be "mushrooming". If ignorant Mac users are downloading fake or illegal software, they need to get their act together and verify their download sites & stop using illegal software.

Posted by Al Kalis, 22 Apr 2009

The Malware Myth?

Suggest you look at http://www.roughlydrafted.com/2009/01/29/the-mac-malware-myth/ from January. I think numbers showing the rising tide versus individual isolated annecdotes. We have been hearing of this for 5 years and the "Cry Wolf" syndrome has set it. This is particularly critical to get the facts with numbers, when the source has a vested interest in promoting their industry and products.

Posted by George Providakes, 22 Apr 2009

Get real

The only people stung by the botnet were those who tried the steal copies of iWorks 2009 via BitTorant. They gave away their passwords to a Trojan Horse. Now that Trojan Horse is using their computers in attacking other websites.

We Mac owners aren't smug, because we were never at risk. We have very few among us who are dishonest. We don't care what happens to them.

Posted by Louis wheeler, 22 Apr 2009

Coming Real Soon Now

Yes, yes. Any day now legions of Mac viruses will descend on us. Except one problem: punters have been predicting that throughout the entire 10 year history of OS X, and it hasn't happened yet.

And even if it really happens tomorrow, why would we leave a platform that was virus free for so long to join a platform that has always been plagued by viruses?

Posted by Mike van Lammeren, 22 Apr 2009

A bit of rational thought, please

This is silly. What you're talking about are Trojans - which can affect any platform and for which there is no real defense (other than consumers not being stupid). The Trojan says "would you like to install this program" and the users says "yes". The computer does exactly what it's supposed to do and installs what it was told to install. That's not a security flaw in the system, it's merely stupid users who are giving the computer bad instructions.

You make it sound like OS X has security problems like Windows - where a virus can spread with no customer effort at all. THAT is why Windows security costs industry tens of billions of dollars per year. Why aren't you writing about that?

Posted by Joe Anonymous, 22 Apr 2009

More Fud on malware

Comments, observations, and alerts from manufactures of security soft ware are worthless because of the obvious conflict of interest involved. Their track record speaks for its self, and all of the retards in the cheap seats that can't or won't think for themselves continue to pad the pockets of these dollar hungry wastes of skin. If they really want to stop the writers of malware, make writing it a capital offense.

Posted by Thomas Carley, 22 Apr 2009

Inane

What an amazingly inane article this was. Claiming that Mac malware was "mushrooming" because of just ONE piece of malware? That's hardly a "mushroom," especially when compared to the hundreds of thousands of pieces of malware infecting Windows-based computers. Should Mac users be cautious? Of course! Everyone should be cautious. But this article was nothing more than an attempt to spread FUD. Congratulations to Mr. Thomson who now joins the ranks of terrorists who spread threats with no follow-up. Vnunet should be embarrassed they even published this.

Posted by Don, 22 Apr 2009

Risk Mushrooms? Fungus or Nuclear clouds?

This article has been recycled for the last 20 years... now breathlessly, everyone is all excited, it's the Chinese!

The iPhone is regularly hacked. Their are 400,000 jail broken iPhones in China as we speak. Seems good for business for Apple.

Who have been spewing these warnings all these years? Companies that profit from Malware, of course. Yes, it's in their best interests to get a panic going, so they can make a sale of their supposed protection software. We call this a "protection racket". Don't buy into this folks.

Security has absolutely NOTHING to do with market share. Security has everything to do with- SECURITY.

Malware writers have to have CAUSE, then a RETURN ON THEIR INVESTMENT. Yes, all computers can be hacked, but why will they hack YOU? If you're that important with super secret information, it's easier to steal your machine. Viruses, botnets, worms, etc., on the other hand, all have either terrorism or money as their aim. With either, why create code, that can only infect one user at a time and can't be automatically spread? Yes, ALL downloaded executables in MACOSX require a user password to execute. Even then, it doesn't have access to the core OS. So, they first have to steal YOUR password, or trick you into inputting it... IF they get that far, how will they then spread it? The simple truth is, they can't. That's why this is a dead horse. Just like last year when this article was passed out, and the years before, risk does not increase because of market share. In fact, OSX is continually hardened, so I would argue that risk is actually decreasing.

Posted by Adam, 22 Apr 2009

FUD

Caution: FUD-meisters at work.

Posted by Kayners, 22 Apr 2009

facts please ... just the facts

what are you referring to?

please write somrthing with some substance.

Posted by Juan, 22 Apr 2009

Context please! or I'm a Mac and I'm as smug as bug in a rug!

I'm a Mac and I'm as smug as bug in a rug!

If Mac malware was a "mushroom" then it is a single cell yeast
whereas PC malware would be the "humungous fungus", Armillaria ostoyae which covers 2200 acres in Oregon. (Ok these are fungi but I am not the only one using loose meanings here!)

Which has "mushroomed" Please at least state the relative state of affairs.

Oh I forgot Microsoft sponsors your site! And your "sources" are
security software vendors! Ummm why would they like to report "mushrooming" Mac malware?

Of course I am just a smug Mac business user who has not had to EVER run any anti virus software EVER and have NEVER been infected with a single piece of malware since 1994.

This is a FACT. I know that a fact is very unusual to see in an article about Macs in your publication, but it had to happen someday!

Smug or just sensible enough not to want to waste any of my life living the PC "dream".

I am watching all reported Mac "malware" so far it is all socially engineered and /or application related. As I don't install pirated software and visit porn sites I might just be OK!

SMUG - Swindon Mac User Group (Fictitious but funny)

Posted by Hans Beier, 22 Apr 2009

Hyperbole

Well, in the Mac malware world, I guess going to none from one is "mushrooming", even though it's a trojan not likely to be bought by any experienced user. Thanks, but I'll still stick with Apple.

Posted by Don Pomeroy, 22 Apr 2009

Proof on Concept vs. Wild malware

The proof of concept is there for Mac malware, but it's not there in the wild. And so much of the malware relies on dumb user actions and behaviors. That is true in Windows and Mac environments. Guess we need scare tactics and then to spend lots of money for protection to protect ourselves from ourselves.

Posted by Perry Lund, 22 Apr 2009

Graham Cluley needs to get a clue

What a knob. "Expert" my ass.

Posted by monoclast, 22 Apr 2009

Utter lack of professionalism

"And let's not forget the smug factor. So many [Apple users] believe they are protected by magic rays and that the spirit of Steve Jobs protects them wherever they go.?

This comment totally discredits the author. It demonstrates a condescending, hateful attitude toward Apple and its customers. The point could easily have been made in a professional way, without the attitude and venom. But this bozo chose to bash instead of inform. His advice is suspect to say the least. Screw him.

Posted by Lawrence, 22 Apr 2009

When you wish upon a star

You pc folks have been wishing for this to happen for years.
Like a famous politician said, "We'll cross that bridge when we come to it". Until then you can just keep on wishing.

Posted by Bill, 22 Apr 2009

Fact-free pablum with the occasional bigoted lie

"So many [Apple users] believe they are protected by magic rays and that the spirit of Steve Jobs protects them wherever they go."

These bedtime stories don't appeal to intellectually curious and open security types, but rather serve to justify the worst type of platform bigotry. We must presume that playing to such was the intent of the statement, because there is no other likely reason, and security consultants don't let idiots in their firms damage their reputation.

And for that matter, is publication of just one damning quote meant to be a service to the public? Was there ANY meat in the report? Sure can't tell from this recap

Posted by Walt French, 22 Apr 2009

Impenetrable, Mac

The point of these kind of silly articles, that is (see my title^)

(fingers in ears) I'm not listening! I'm not listening!

Bot
Mac Fanbot and apparently easy prey to linkbait!!!

Posted by ex2bot, 22 Apr 2009

Mac Malware Mushrooms

It mushroomed alright. It went from one trojan in the wild to 3 trojans in the wild. No self replicating viruses yet though. That is a tripling of the known Mac malware in the wild. Three trojans that require the users' password before they can instal on a Mac.

Still no need for anti-virus software.

Posted by Al, 22 Apr 2009

Where's the mushroom?

Several different security software firms have noted a single instance, each, of malicious software, the most serious of which is a trojan loaded into some pirated software. This is a trojan you need to be dumb enough to download and authorize an install.

Yes, smugness is a bad idea. But 3 items make a very small mushroom.

Posted by Daniel Kinoy, 23 Apr 2009

Kasperty is SELLING VIRUS SOFTWARE

Of course he is going to overstate the case. It's his job to make this out to be a big deal.

Mac OS X will not allow viruses to be installed without your providing an admin password. On windows, you can be infected just by conecting to the network, or even by hovering your cursor over a link.

There is no comparison.

Posted by Ex PeeCee user, won't go back to that garbage, 23 Apr 2009

Mushrooming? I don't think you're a Fun-Guy!

Barking daft story. "Mushrooming" where is this explosion!? Ok, it may happen but the security experts have been saying this FOR YEARS and it still hasn't happened. It certainly hasn't mushroomed. Are you a Toad? Or a Stool? You're certainly no Fun-Guy.

Posted by Ynda, 23 Apr 2009

Thanks for the useless article

I saw the title and thought hmmm what's this? I better read and find about this threat to my Macs and what do I get... the ramblings of some guy who's just been itching apparently to say nah nah nah nah nah to the Mac users when there is finally some kind of threat. Why? because of the decades of hardships he's endured with his Windows based machines without having the balls to explore a more stable OS. Hey Lain, they're machines! none of them perfect but I've had my full of crappy Windows systems ( over 20 years) and I don't miss them one bit. Sucks to be you : ) P.S. next time you decide to write an article how about some actual useful info.

Posted by Smirky, 25 Apr 2009

Facts

1) A recent story that contained details to what this author made veiled references to claimed that pirated Mac software was being bundled with malware. (That would seem to be a pretty slim window of opportunity for infection, IMO.)

2) As Mac market share grows, so will the focus of malware authors on weaknesses in the platform.

3) Smugness and overconfidence are weaknesses when assessing risk. (see "Titanic".)

4) This "article" was pretty lame.

Posted by EJ, 27 Apr 2009