Site icon The Mac Security Blog

5 More Mac Malware Myths and Misconceptions

There are plenty of myths about malware in general, but Macs especially seem to attract an extra dose of mythos due to a smug sense of invulnerability among the Mac community. We covered 10 malware myths that refuse to die for USA Today, but there are plenty more than 10 misconceptions being passed around. Of the many reasons to love Macs, immunity to danger is not one of them. For a while now, people have felt a sense of security because they’re on an operating system that doesn’t inspire hundreds of thousands of new malware a day. But the total number of malware crawling around the Internet waiting to infect your computer is less important than this simple fact: it only takes one to ruin your day. By going out on the Internet with a false sense of safety, you can leave yourself more open to that malware bullet with your name on it.

So what are some of the biggest Mac malware misconceptions that need to be cleared up? Here are five of the most prevalent ones:

1. Macs Don’t Get Viruses

If you mean Windows-specific file viruses do not harm Macs, you’re totally right. If you mean self-replicating code doesn’t happen on Macs, there is really no period of time in which this statement has ever been true. Elk Cloner, the very first virus to be discovered in the wild, was written specifically for Apple DOS 3.3. Since then, every Mac OS has had some manner of virus or worm. There have been macro viruses capable of spreading on Macs as long as people have been using MS Office on Macs. The first OS X specific worm was discovered in 2006, so they do indeed exist.

There are not a lot of viruses running around in Mac-land today, because there are not a lot of viruses running around, period. They’ve fallen out of favor with the malware-writing crowds, even on Windows. They’re a heck of a lot of work to make, they tend to cause system instability, and they’re no more difficult to find and remove than other non-replicating forms of malware. Bang-for-buck-wise, viruses are just not worth the effort.

But that’s not to say there aren’t other types of malicious code causing problems for Mac users. Malware doesn’t have to replicate to be a pain in your machine. There are a lot of different types of threats to Macs, but the most common one these days is spyware – it gets into your system and steals your data, whether it’s in text laying around your file-system or it requires eavesdropping on your chat sessions.

2. Mac Malware Requires You to Input Your Password

You generally need to input your password to install things on a Mac, so this is true with malware too, right? Not even a little. There was a very brief period of time in which this might have been partially true – the first OS X malware was what we call “Proof of Concept,” meaning its intent was to prove a point rather than to actually cause damage or steal anything. It didn’t mean to be harmful, so it didn’t have to be particularly stealthy because people who were running the file knew exactly what it was meant to do (prove a point about malicious code). But again, we run into that whole macro virus thing, and those did not require separate installation or entering of passwords.

Now, malware is meant to bring in cash, so malware writers are motivated to make their creations stealthier. It can be tricky to get people to install some random piece of software as folks get more wary of threats. So most malware now employs some kind of exploit in order to install the malicious code without you even knowing. Drive-by downloads on compromised websites or in malicious advertisements is now the order of the day. It doesn’t matter what browser you use, they’re all vulnerable to some extent. Removing commonly attacked browser plugins can certainly help, but Java and Flash are not the only culprits (they’re the most popular because most people use them, regardless of operating system).

3. OS X’s Built-In Protection Will Save the Day

OS X has a handful of ways to improve your security, some that are built in to the operating system itself, and some that are separate components. The three most important components are the Application Firewall, Gatekeeper, and XProtect (also known as File Quarantine). These are all fantastic and we heartily recommend people use them.

However, they’re all limited by design. The Application Firewall will block incoming communications, but not outgoing. Gatekeeper is still vulnerable to malware that uses exploits. And XProtect will protect you only against certain specific, prevalent malware, and usually quite a while after the malware picks up steam.

OSX/Flashback hit over 600,000 Mac users before it was incorporated into XProtect. When Apple’s own developers were hit with OSX/Pintsized, none of those protections saved them.

4. There are No Mac Malware Affecting Real People

Let me throw a few names at you: Flashback. Pintsized. DNSChanger. MacDefender. Three of these malware hit large numbers of Mac users in the last few years; one of them also hit Apple’s own developers. Malware is real, and it hurts. Two of these malware left infected users’ machines open to attackers, to do what they pleased with them. One stole credit card information and “nominal fees,” and the last redirected users’ attempts to surf the web so the attackers could increase ad revenue. The underlying theme is profit motive – where there is a buck to be gained, there is a way. Choice of operating system or other software is not a sufficient deterrent.

5. OS X is Inherently a Safer Operating System

As we discussed in point three, there are a few baked-in parts of the OS X operating system and add-on components that help prevent malware. And to some extent, OS X has enjoyed “security through obscurity” as it has less market share and was considered less interesting to malware authors. But that’s all changed now, as OS X steadily increases in popularity. But when it comes right down to it, the differences between the major OSes in terms of security are pretty negligible. None of them present sufficient hurdles for malware writers who are looking to get onto your machine.

None of these things means you’re helpless against the malware onslaught. There are plenty of ways to improve your level of protection. For instance, make sure all the software on your machine is updated regularly, remove (or limit) browser plugins that you don’t frequently use, encrypt your data, and have up-to-date Mac antivirus software and a two-way firewall. It’s better to be properly prepared than to wander blindly and be rudely awakened after things go wrong.

Mac user photo credit: iklash/ (CC BY-NC 2.0)

Share this: