A couple of weeks ago, I was asked to check on a Windows-based computer that had recently been infected with a “virus scanner” malware. In this case, the malware (malicious software) would put up a pop up screen that was kind enough to inform you that your computer was loaded with a bunch of virus infections. Further, it offered a link that would allow you to pay for a virus scanner to clean things up, right away. The malware writers made it very difficult for the average user to ignore their malware, as it disabled the buttons that would allow you to close the pop up boxes. Further, it redirected any attempts to run programs such as regedit back to the malware. Cleaning the malware had to be done through Safe-mode.
But, why would I mention this in a posting about Macs and virii? Well, in this case, I was able to track the source of this Windows malware infection back to an email message which contained a series of links to articles that the author thought people would find useful. When the email author, let’s call him Stan, was notified that his email was linked to a malware attack, his response was, quite simply, “That is impossible, because I have a Mac.”
Of course, this is not true. Macs, as good as they are, are not able to scrub malware out of email messages or links on webpages. But, this comment got me thinking, are Macs actually malware free. Dan Moren of Mac World recently released an article entitled “New Mac Trojan horse masquerades as virus scanner“. This articles describes malware written for the Mac that impersonates a virus scanner. Sound familiar?
This is not the first case of the Mac being susceptible to a malware attack. Back in April of 2006, an article from the AP called “Macs no longer immune to viruses, experts say” was released. So, it appears that the Mac has been susceptible to malware for a while.
What Apple has done, it seems, is taken steps to protect the user environment from malware, as shown in this explanation from Apple. Noteworthy steps include using a sand-box environment and screening the content of downloaded files. So, how did the virus scanner attack affect Macs? Apparently, the malware writers were able find a way around the Mac security and/or screening defenses. It is quite possible that it will happen more often in the future, as Macs continue to become a more popular, more widely used platform and the malware writers become more adept.
So, it appears that Apple has done a lot to secure their user environment, but that malware is still getting through…