IT | Security

Mac Malware On The Rise

By: Absolute Team | 2/9/2009

It was only a matter of time before malware targeted to the Mac OSX became more aggressive. Last month, the first "major" malware threat to the Mac was discovered.

The iWork09 Trojan, which is disguised as pirated software, is the first sophisticated malware threat for the Mac platform. It contains peer to peer-like characteristics and is downloaded as part of a pirated iWork installation. Upon installation, the malware will create malicious files and will modify certain files to enable remote commands to be executed on the computer.

As of January 22nd, more than 20,000 people had downloaded the malware installer bundled into a functional version of iWork. Since the Trojan is not self-replicating (it's not a virus), it may not have infected all of those computers. The program requires users to run the installer, which they may not fall for. This is in contrast to the Conficker worm that infected more than 3 million PCs in less than a week (now believed to be around 9 million).

Definitions

Malware: software designed to infiltrate or damage a computer system without the owner's informed consent. Malware includes computer viruses, worms, trojan horses, most rootkits, spyware, dishonest adware, crimeware and other malicious and unwanted software. - Wikipedia

Virus: a computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the user. - Wikipedia

Trojan: a form of malware that appears to perform a desirable function but in fact performs undisclosed malicious functions that allow unauthorized access to the host machine - Wikipedia

Since the announcement of this sophisticated new Mac Trojan, McAfee reports in increase in reports about new Mac Trojans. Checking around, I found a report of a variant of the iWork Trojan that was being bundled with a pirated version of Adobe Photoshop CS4 this week.

As it has been with PCs for a long time, it's "user beware" when it comes to downloading and installing pirated software. Instructions for removing the malware can be found here.

Some authors, including Daniel Eran Dilger, warn Mac users against jumping out to get anti-virus software, which would not help in this case (the Trojan is not a virus and no successful Mac virus has been created, to date). The article deals with the issue of Mac viruses in depth and is worth a read in order to educate yourself against the pros and cons of anti-virus software for the Mac.

Via Avert Labs, Register, eweek