Paradise Lost: Malware Targets Macs
— -- With researchers reporting the first Macintosh-specific malware to be found "in the wild" on the Internet, Mac users want to know what to do. My advice: Nothing. But, this is a good news/bad news story.
The good news for Mac users is that you do not need to buy anti-virus software. The bad news is that one word must now be appended to that sentence, "Yet."
For years, we've been in a period of what cancer doctors call, "watchful waiting." In this case, we know its possible for the cancer of malware to infect our beloved Macs, but so far, all the cells we have found are pretty much benign.
So it is with iBotNet, a Mac-specific Trojan Horse program that is acquired only by downloading a pirated copy of iWork, the Apple productivity suite. It does not spread from computer-to-computer on its own.
Once infected, the Mac can be controlled remotely by the creator of the malware, but iBotNet is not especially threatening, in the way the recent Conficker worm continues to threaten the Internet.
Experts say iBotNet infects only a few thousand computers at most and is not a danger to the average Mac user. It may not even be the first malware to target the Mac, though others did so along with infecting Windows machines.
The upside of having a tiny market share has been that it kept Macs out of the sights of malware creators. The Mac is not especially vulnerable to malware, but it is not immune either.
There was also some feeling that malware authors targets Windows not just because it was the predominant platform but because of some anti-Microsoft bias.
As malware has grown from hackler trick to global criminal enterprise, Macintosh has grown, too. With an increasing market share, currently in the 8 to 10 percent range, and an affluent customer base, it is only a matter of time before Mac becomes a full-fledged target.
That has not happened as yet. While I have expected it for sometime, this is still not the moment for most people to purchase anti-virus software for their Macs. However, there is a warning attached to this advice.
When a virulent piece of Mac malware finally does emerge, it will be able to move quickly because Mac users will be slow to react. Unlike Windows, were people have antivirus software (or should) and it is frequently updated to counter new threats, the vast majority of Mac users have no protection at all.
You can think of this as a person who lacks an immune system and is defenseless against disease. Macs aren't completely defenseless, thanks to ongoing improvements to the operating system, but they certainly aren't protected.
That creates a potentially nasty scenario for Mac users. A very conservative approach would be to go ahead and protect yourself. Antivirus vendors will happily take your money.
What I am doing is what I have always done: Nothing, but I will now be on heightened alert and hope the malware malignancy will remain at bay for a while longer.
David Coursey does not download pirated software. You shouldn't either. Follow him on Twitter or visit www.coursey.com/contact to send him an e-mail.
