Skip to content

Posts tagged ‘Sophos’

29
May

The State of Mac Malware

There’s been a lot of buzz recently about the sudden increase in Mac-specific malware cropping up so far this year. First people raved about the fairly tame and unthreatening BlackHole RAT trojan, then Mac users had to watch out for a slightly more crafty but avoidable MACDefender trojan, and now there’s news of a more advanced malware kit (Weyland-Yutani Bot) that has the ability to steal data entered into Firefox (Safari and Chrome currently unaffected, but expected to follow soon). AppleCare has reportedly been receiving a significant number of calls about the MACDefender trojan, and has issued a support document on how to deal with it.

Clearly some change is in the air, but exactly how does it affect normal Mac users? I for one actively look for Mac-based malware (eg. MACDefender), and have never stumbled across it by accident. Maybe I need to surf on the ‘dark side’ of the web more often. I just wanted to give my take on recent events and the state of Mac malware, and why I don’t think there’s any reason to be too worried just yet.

Read moreRead more

27
Feb

New Mac OS X Backdoor Trojan (BlackHole RAT) in Development [Updated]

A ‘trojan’ targeting Mac OS X users, dubbed BlackHole RAT, appears to be in development. It’s a variant of a well-known series of malware called Remote Access Tools (RAT) that primarily targeted Windows. It should be noted that on its own, the trojan does not exploit OSX, instead relying on the user to unknowingly ‘install’ it. This is often done under the guise of pirated software, video plugins on porn sites, or from other non-reputable software sources. Although the details are not entirely clear, it appears like your computer needs to be directly accessible from the internet.

This ‘trojan’ (note the intended air quotes) has been blown out of proportion and does not pose a significant level of risk. Macs are not ‘less secure’ because of this tool, as it’s something that could be coded by any 14-year old with a relatively basic knowledge of programming. It’s essentially a normal application whose purpose is to accept connections from its owner, and allow them to perform actions on your computer, etc.

Hit the jump for the full details, a video and download link. Read moreRead more

3
Nov

Sophos Offers Free Mac Anti-virus

Sophos have released a free home edition of their anti-virus for Mac OS X users. This brings automatic on-access detection, and disinfection capabilities that cover Windows viruses/worms/trojans, as well as the few pieces of malware that currently exist for Mac OS X. Sophos claim that their antivirus does not use many resources, and thus does not slow the machine down like some A/Vs do.

They make the following statement which describes the current Mac malware situation fairly well:

Although malware is more common on Windows than it is on Macs, there is a growing concern that, as Mac OS X market-share continues to grow, the operating system will become a more attractive target for cybercriminals.

Even though I would rate the current malware threat to Macs as fairly low, we will undoubtedly start seeing more and more of it as Macs gain market share in the home. Attackers know that companies are getting better and better at protecting against malware, however home users are notoriously bad at protecting their systems and keeping them patched. Surely if you’re a regular visitor of Security Generation, you’re not one of those people ;)

I haven’t tested this yet, and Sophos aren’t the first to arrive on the Mac AV scene. ClamXav is a good free open source alternative, however one benefit of Sophos’ solution is the experience of their research team, and vast database of malware (don’t expect this to remain free forever). Although I personally wouldn’t pay for Mac AV just yet, there are also some good solutions from Kaspersky and Intego’s VirusBarrier.

css.php