{"id":11065,"date":"2013-03-21T12:31:02","date_gmt":"2013-03-21T19:31:02","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=11065"},"modified":"2024-05-21T00:57:28","modified_gmt":"2024-05-21T07:57:28","slug":"5-more-mac-malware-myths-and-misconceptions","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/5-more-mac-malware-myths-and-misconceptions\/","title":{"rendered":"5 More Mac Malware Myths and Misconceptions"},"content":{"rendered":"

\"\"<\/p>\n

There are plenty of myths about malware in general, but Macs especially seem to attract an extra dose of mythos due to a smug sense of invulnerability among the Mac community. We covered 10 malware myths that refuse to die<\/a>\u00a0for USA Today, but there are plenty more than 10 misconceptions being passed around. Of the many reasons to love Macs, immunity to danger is not one of them. For a while now, people have felt a sense of security because they\u2019re on an operating system that doesn\u2019t inspire hundreds of thousands of new malware a day. But the total number of malware crawling around the Internet waiting to infect your computer is less important than this simple fact: it only takes one to ruin your day. By going out on the Internet with a false sense of safety, you can leave yourself more open to that malware bullet with your name on it.<\/p>\n

So what are some of the biggest Mac malware misconceptions that need to be cleared up? Here are five of the most prevalent ones:<\/p>\n

1. Macs Don\u2019t Get Viruses<\/h3>\n

\"\"<\/p>\n

If you mean Windows-specific file viruses do not harm Macs, you\u2019re totally right. If you mean self-replicating code doesn\u2019t happen on Macs, there is really no period of time in which this statement has ever been true. Elk Cloner, the very first virus to be discovered in the wild, was written specifically for Apple DOS 3.3. Since then, every Mac OS has had some manner of virus or worm. There have been macro viruses capable of spreading on Macs as long as people have been using MS Office on Macs. The first OS X specific worm was discovered in 2006, so they do indeed exist.<\/p>\n

There are not a lot of viruses running around in Mac-land today, because there are not a lot of viruses<\/em> running around, period. They\u2019ve fallen out of favor with the malware-writing crowds, even on Windows. They\u2019re a heck of a lot of work to make, they tend to cause system instability, and they\u2019re no more difficult to find and remove than other non-replicating forms of malware. Bang-for-buck-wise, viruses are just not worth the effort.<\/p>\n

But that\u2019s not to say there aren\u2019t other types of malicious code causing problems for Mac users. Malware doesn\u2019t have to replicate to be a pain in your machine. There are a lot of different types of threats to Macs, but the most common one these days is spyware \u2013 it gets into your system and steals your data, whether it\u2019s in text laying around your file-system or it requires eavesdropping on your chat sessions.<\/p>\n

2. Mac Malware Requires You to Input Your Password<\/h3>\n

\"\"<\/p>\n

You generally need to input your password to install things on a Mac, so this is true with malware too, right? Not even a little. There was a very brief period of time in which this might have been partially true \u2013 the first OS X malware was what we call \u201cProof of Concept,\u201d meaning its intent was to prove a point rather than to actually cause damage or steal anything. It didn\u2019t mean to be harmful, so it didn\u2019t have to be particularly stealthy because people who were running the file knew exactly what it was meant to do (prove a point about malicious code). But again, we run into that whole macro virus thing, and those did not require separate installation or entering of passwords.<\/p>\n

Now, malware is meant to bring in cash, so malware writers are motivated to make their creations stealthier. It can be tricky to get people to install some random piece of software as folks get more wary of threats. So most malware now employs some kind of exploit in order to install the malicious code without you even knowing. Drive-by downloads on compromised websites or in malicious advertisements<\/a> is now the order of the day. It doesn\u2019t matter what browser you use, they\u2019re all vulnerable to some extent. Removing commonly attacked browser plugins can certainly help, but Java and Flash are not the only culprits (they\u2019re the most popular because most people use them, regardless of operating system).<\/p>\n

3. OS X\u2019s Built-In Protection Will Save the Day<\/h3>\n

\"\"<\/p>\n

OS X has a handful of ways to improve your security<\/a>, some that are built in to the operating system itself, and some that are separate components. The three most important components are the Application Firewall, Gatekeeper, and XProtect (also known as File Quarantine). These are all fantastic and we heartily recommend people use them.<\/p>\n

However, they\u2019re all limited by design. The Application Firewall will block incoming communications, but not outgoing. Gatekeeper is still vulnerable to malware that uses exploits. And XProtect will protect you only against certain specific, prevalent malware, and usually quite a while after the malware picks up steam.<\/p>\n

OSX\/Flashback hit over 600,000 Mac users before it was incorporated into XProtect. When Apple\u2019s own developers were hit with OSX\/Pintsized<\/a>, none of those protections saved them.<\/p>\n

4. There are No Mac Malware Affecting Real People<\/h3>\n

\"\"<\/p>\n

Let me throw a few names at you: Flashback. Pintsized. DNSChanger. MacDefender. Three of these malware hit large numbers of Mac users in the last few years; one of them also hit Apple\u2019s own developers<\/a>. Malware is real, and it hurts. Two of these malware left infected users\u2019 machines open to attackers, to do what they pleased with them. One stole credit card information and \u201cnominal fees,\u201d and the last redirected users\u2019 attempts to surf the web so the attackers could increase ad revenue. The underlying theme is profit motive \u2013 where there is a buck to be gained, there is a way. Choice of operating system or other software is not a sufficient deterrent.<\/p>\n

5. OS X is Inherently a Safer Operating System<\/h3>\n

\"\"<\/p>\n

As we discussed in point three, there are a few baked-in parts of the OS X operating system and add-on components that help prevent malware. And to some extent, OS X has enjoyed \u201csecurity through obscurity\u201d as it has less market share and was considered less interesting to malware authors. But that\u2019s all changed now, as OS X steadily increases in popularity<\/a>. But when it comes right down to it, the differences between the major OSes in terms of security are pretty negligible. None of them present sufficient hurdles for malware writers who are looking to get onto your machine.<\/p>\n

None of these things means you\u2019re helpless against the malware onslaught. There are plenty of ways to improve your level of protection. For instance, make sure all the software on your machine is updated regularly<\/a>, remove (or limit) browser plugins that you don\u2019t frequently use, encrypt your data<\/a>, and have up-to-date Mac antivirus software and a two-way firewall<\/a>. It\u2019s better to be properly prepared than to wander blindly and be rudely awakened after things go wrong.<\/p>\n

Mac user photo credit: iklash\/\uf8ff<\/a> (CC BY-NC 2.0<\/a>)<\/em><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

There are plenty of myths about malware in general, but Macs especially seem to attract an extra dose of mythos due to a smug sense of invulnerability among the Mac community. We covered 10 malware myths that refuse to die\u00a0for USA Today, but there are plenty more than 10 misconceptions being passed around. Of the […]<\/p>\n","protected":false},"author":6,"featured_media":10605,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[190,151],"tags":[86,4739],"yoast_head":"\n\n\n\n\n\n\n\n\n\n\n\n\n\t\n\t\n\n\n\t\n\t\n\t\n