Skip to content

A Guide to Malware for Mac OSX

Introduction

A general misconception is that the OSX operating system cannot be infected with malware or viruses, in fact this is not true. There have been various large outbreaks of malware on OSX the most recent being Mac-Defender. Mac-Defender was a virus that once installed would require you to pay to remove the “viruses” from your infected Mac. Just like virus progression on Microsoft Windows the viruses affecting OSX will become more and more powerful. By powerful I don’t necessarily mean damaging though, a viruses power might be in it’s subtlety, or in it’s ability to accurately log keystrokes.  Right now there have only been a few cases and the majority of them were easy to contain, however I believe that once advance malware programmers turn there gaze to OSX the damage will be devastating.

Why OSX is Vulnerable to Attack

  • Unix User/File Permissions (Ironic)
  • Applescript
  • User Friendliness
  • Lack of Security Consciousness

All of these reasons can be considered double edged swords. Unix user and file permissions are considered some of the best in computing land, however the implementation that apple uses is interesting/insecure. An obvious example of this is a users ability to add files to Login Items without authentication. Applescript is a great tool for programmers and developers, however it is also a great tool for malicious hackers. Applescript allows easy automation of tasks on your Mac, which makes it faster and more efficient for malware writers to use it to code in then using a programming language such as C++, C#, or Python. I imagine Applescript attacks mimicking early batch viruses/worms. The user friendliness of OSX makes it a great choice for new users, however it also makes it easier for attackers to mask their attacks because there is no where for a user to view the changes the virus/malware is making. Now I come to the most glaringly obvious problem for security on OSX, no security consciousness. One of the highlights of buying  a Mac is that you don’t have to worry about “viruses” like you do on Windows, too bad thats not true and just lulls people into a false sense of security. If your not looking for potential attacks your threat of being attack is much higher. If you have any questions regarding implementation of security techniques or OSX please feel free to email me at ianmarmour@gmail.com or leave a comment below.

Advertisements
One Comment Post a comment
  1. jkenjin #

    Thank you for your post! Keep up the good job and have a great aloha week!! ^_^

    February 22, 2012

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: