Two weeks ago, the Intego team analyzed a malware sample that was discovered by a university IT admin. The malware was discovered as their network security team noticed some strange traffic on the network originating from a Mac Pro. Upon investigating, the IT admin discovered a hidden file, which ultimately turned out to be responsible for the suspicious traffic. At the time of discovery, the file was not recognized by VirusTotal as malware, but found its way to several anti-virus companies, Intego included. The file turned out to be malware and has since been covered in the media, named OSX.Backdoor.Quimitchin.
Intego analyzed the file, outlined how it functioned and what it was capable of, but without knowing how the Mac was infected, or when it was infected, and because the sample appeared to no longer function, Intego updated its Mac anti-virus malware database but opted not report on it.
To protect against this malware just in case it was out in the wild, detection for the malicious files were added to Intego VirusBarrier, identified as OSX/ClientCapture (executables), Perl/ClientCapture (Perl scripts), and Java/ClientCapture (Java class).
The ClientCapture malware mentioned above may have been on that machine for a few years, surviving several OS X upgrades. It appeared to have been part of a targeted attack, and not a single commercial anti-malware product knew of its existence until recently. If it wasn’t for the university’s network security team, it probably would not have been found at all.
An aggressive network scan originating from the infected machine is the reason it got flagged by the university’s network security team. Thorough work from the IT admin uncovered the hidden file, and further analysis from the security community and anti-virus vendors revealed all there is to know about it. In the span of a few days, a lot of people in different countries with different job titles got involved and dragged this particular piece of malware out of the shadows.
Intego customers are protected against this, but other small scale attacks do exist in which someone who wants to specifically target another person and might be able to get physical access to the device. So how do you protect yourself against such small scale attacks that might go under the radar for some time before they’re discovered?
Multiple layers of protection are the only way to really guard against such targeted attacks. Not everyone has a dedicated network security team and IT admin available, but what if you could have that? Your own network security team sounds expensive, doesn’t it? A team of people that all need to be paid, the hardware required for them to do their jobs, it adds up quick! So what the next best thing? Software network security, of course!
With a variety of threats targeting you nowadays, the best defense is implementing layers of protection, and that’s how you should judge potential security software solutions. Anti-virus can stop malicious files, but it’s not enough to prevent the other worries from filtering through and ruining your stuff.
Below are a few examples of different layers of protection, and each provides a layer of security in their own way. You are not limited to just one or two layers, you can add as many as you like so long as they do not interfere with each other.
Let’s have a look at the layers of protection included with Intego’s Mac Premium Bundle:
What about an IT admin? Surely those don’t come cheap and good ones are hard to find. Luckily, you can get firewall software like NetBarrier that watches your Mac for any malicious activity, and while not an actual skilled IT admin, it can alert you about malware before an IT admin has to get involved.
VirusBarrier is a sophisticated anti-virus software that prevents malicious files from infecting your Mac, but don’t rely on it to stop hackers—that’s a job for NetBarrier—and you should be sure to secure your sensitive data, too.
Hard drive failure means you can lose your data, and ultimately what Mac Washing Machine does is protect your data by relieving common stressors on your hard drive.
If you have multiple hard drives, flash drives, local servers, remote servers or another Mac you want to keep in sync, Personal backup can create a safe copy of your data on it. It’s incredibly flexible, and it can handle almost any backup schedule you want! Together, with Apple’s Time Machine, this one-two punch ensures you don’t lose any important files.
ContentBarrier’s configuration is very flexible and enables you to block specific categories of websites, such as Adult, Gambling, and more. Its anti-predator chat monitoring is a very powerful feature as well, which monitors all standard chat protocols and can recognize certain words, phrases or abbreviations that may indicate objectionable or inappropriate things are discussed that could lead to trouble. Instant notifications mean you can ensure your child’s online safety by instantly blocking online access even when you’re not home.
These are just a few layers you can enable to keep your data, privacy, personal information and children safe. “The best security comes in layers” is not just a phrase we throw around in the security community, it’s true and has been proven effective many times over. With security coverage from multiple angles, it becomes very hard for existing or yet to be discovered malware to infect your Mac.
Layered security can be implemented at any time. During the first setup of your Mac or further down the road, these layers can be implemented quickly and easily. Spending 10 minutes implementing it now can save you hours or days of troubleshooting down the road. Give it a try and let us know which security layers are protecting you!
