Sophos Offers Free Mac Anti-virus
Sophos have released a free home edition of their anti-virus for Mac OS X users. This brings automatic on-access detection, and disinfection capabilities that cover Windows viruses/worms/trojans, as well as the few pieces of malware that currently exist for Mac OS X. Sophos claim that their antivirus does not use many resources, and thus does not slow the machine down like some A/Vs do.
They make the following statement which describes the current Mac malware situation fairly well:
Although malware is more common on Windows than it is on Macs, there is a growing concern that, as Mac OS X market-share continues to grow, the operating system will become a more attractive target for cybercriminals.
Even though I would rate the current malware threat to Macs as fairly low, we will undoubtedly start seeing more and more of it as Macs gain market share in the home. Attackers know that companies are getting better and better at protecting against malware, however home users are notoriously bad at protecting their systems and keeping them patched. Surely if you’re a regular visitor of Security Generation, you’re not one of those people ;)
I haven’t tested this yet, and Sophos aren’t the first to arrive on the Mac AV scene. ClamXav is a good free open source alternative, however one benefit of Sophos’ solution is the experience of their research team, and vast database of malware (don’t expect this to remain free forever). Although I personally wouldn’t pay for Mac AV just yet, there are also some good solutions from Kaspersky and Intego’s VirusBarrier.
USB ‘Dead-drops’ in New York City
Alright, so this guy has been going around New York embedding USB devices, known as ‘dead drops’, into walls and other objects in public spaces. The idea behind it is to provide an offline place for people to exchange files. While in principle I find this to be an awesome idea, unfortunately we live in the digital age, and in real terms this is about as safe as trading needles with other addicts in the alleyway.
Initially people will use these legitimately and trade some interesting files, pictures and videos; then it’ll be warez and pr0n, and then the things will become malware-infested USB ‘needles’ sticking out of walls. The malware may or may not be intentional – many people don’t have an antivirus, or don’t update it – but I’m sure some kids will be happy to teach a lesson to those naive enough to plug themselves in.
Apart from malware-infected files that will inevitably end up on there, people will soon start joining in and create their own USB dead drops. Some of these could be USB switchblades, USBsploit, or custom devices intended to perform USB driver exploitation [pdf] (Hi Rafa).
As art installations like these become more technologically interactive, people will have to think twice about the risks that may be involved.
Mac OS X Java Trojan Horse: OSX/Koobface.A
Antivirus companies have discovered a new Java trojan horse, labeled OSX/Koobface.A (aka. Boonana), which spreads via social networks including Facebook, MySpace and Twitter. The Java applet masquerades as a video or photo gallery plugin, and requests access to the user’s computer.
If Allow is clicked, then the applet will attempt to obtain additional files from remote servers and join the computer to the Koobface botnet. Koobface is also known to try and steal credit card, and other personal information, from the user’s system.
I’d like to stress that this is a fairly non-event, and this kind of malware poses a low level of risk (hence the peaceful-looking blue triangle). It’s pretty clear that you shouldn’t allow websites, plugins and applets that you don’t trust, to access your computer. Just click Deny and that’s the end of it in this case. Snow Leopard does have some built-in anti-malware functionality, although I don’t know if or when it may be updated to detect Koobface. Either way, I wouldn’t run out to buy antivirus software just yet.
Note this trojan is not Mac OS X-specific, and also affects Windows and Linux systems.
Intego have a Security Memo with some additional details.
Inform your Friends about their Hacked Accounts
Every so often I receive an email from someone I know; it talks about something completely random, and almost always includes a link at the end. The same thing sometimes happens on MSN and I get a message like this:
(12:02:36 PM) Friend: Hey! My cat had a spastic fit, and then coughed up a hairball! Check it out!
Now, whether or not that link goes to a malware site, or just someplace for you to buy viagra is not the point. You don’t click on suspicious-looking links… do you?
In some cases they may have simply fallen for a phishing attack, and typed in their credentials where they shouldn’t have. They may even have been hacked due to weak secret questions. More often than not however – and you see this a lot with Hotmail/MSN users – what’s happened is that they logged into their email or MSN on an infected computer, which recorded their credentials. In either of these scenarios the info back to its HQ, where it starts being used to send out spam/viruses/porn/more porn/younameit.
The best solution is to simply change the password (and secret questions) for the account in question. Be a friend, and tell them that they’ve been 0wned.
[Updated 19/01/2011]
Loading ...
