Big Mac Attack: Is the Apple Macintosh Virus-Proof?

The age-old battle of supremacy between PC and Mac users dates back to the introduction of the first Mac back in 1984. I jumped on the Apple bandwagon back then with a purchase of the original Mac 128k machine. I loved it and the MS DOS machines I was using at work couldn’t hold a candle to my smiling Mac at home. But peer pressure from colleagues at work and the sky-high cost of outfitting my Mac with peripherals and software drove me back into the PC camp where I’ve remained ever since.Over the years I’ve taken an occasional envious glance back over at the Mac. The hardware is definitely attractive and the claim that the Apple Mac is virus-proof certainly has appeal for any PC user bedeviled by the constant attacks against their platform of choice. But is this bullet-proof claim about the Mac true and is all the smugness on the part of proud and fiercely loyal Mac users justified or is it a serious case of complacency propagated by Apple itself?First off, we need to sync up some terminology. There seems to be a lot of confusion about the words used to describe malicious software with some of them used interchangeably such as malware and virus. Malware is an umbrella term that encompasses all forms of malicious code. A virus on the other hand is a type of malware that infects other programs and is designed to replicate and spread much like a biological virus. With semantics out of the way, the claim that the Apple Mac (current OS X generations) is immune to viruses appears to be accurate. Only three reported viruses targeting the Mac have been developed in the lab and none have ever been reported in the wild. Does this mean that the Mac is immune to all forms of malware?Before we answer that question, it’s useful to examine the architecture of the Mac and the ecosystem around it for publishing and distributing apps. Just as importantly, we need to follow the money and examine the financial risks and benefits for cybercriminals to target the Mac with malware.To be fair and accurate, the number of malware attacks on Windows systems eclipses that of the Mac. There are several reasons for this, most notably the larger number of Windows systems out there compared to Apple Mac systems. Microsoft also has a long history of releasing OSes with vulnerabilities and being slow to patch them, though this has noticeably improved in recent years especially with the release of Windows 10. Windows platforms are also more open than Mac making it a much more appealing value proposition for cybercriminals.The OS X operating system has some nifty built-in security features that reduce its attack surface. Root access is not enabled by default and the OS by default does not allow installing unsigned apps. Apple is also prompt in pushing out patches when exploits are discovered. Finally, the Mac App Store (MAS) has a rigorous approval process for admitting apps and all apps must be signed. Of course, as with most things to do with IT security, the weakest link in the chain is the fleshy, stubborn one known as the human element. All of the built-in security measures put into place by Apple are for naught if they are disabled or otherwise circumvented by users. A case in point is downloading apps from third-party sources outside of the MAS.This brings us back to the question of is there malware targeting the Mac. The answer is a resounding yes. Just recently, the Mokes backdoor was unleashed on the Mac World. Originally created to target Windows and Linux users, a new strain entitled Backdoor.OISX.Mokes was created just for Mac OS X. It does several nasty things among which are key logging to steal passwords, snooping through Office files, using the webcam or mic to capture video or audio, and it can even take screenshots and execute commands on infected machines.Malware for the Mac doesn’t just get unwittingly installed via infected third-party apps. Traditional phishing scams and compromised websites are another delivery vehicle – sometimes not even installing malware but tricking users into giving up personal info. Such exploits are OS agnostic. Mac users can also be tricked into downloading and installing infected OS X apps by malicious websites displaying popups warning that one’s Mac is infected and the only way to disinfect it is to install the proffered app which is itself malicious. A popular version of this type of malware is Mac Defender.Ransomware for the Mac is also out there. A recent example is KeRanger, which has exploited the Transmission BitTorrent client for the Mac. Victimized Mac users are typically extorted for up to $400 for the privilege of getting their files unencrypted. Mac users have been advised to immediately upgrade to version 2.92 of the Transmission client.The final question that begs to be answered is it necessary for Mac users to run AV software? Depressingly, a large contingent of Mac users proclaim that it’s not necessary due to the robust nature of the OS X system. And besides, AV software only serves to slow down your system. That’s all well and good if you’re 100% on your toes at all times and keep your system patched on a regular basis. But what happens when the bad guys are faster than both you and Apple? The good news is that there are many free versions of AV software available for the Mac with many that boast 100% effectiveness. The Apple Mac may not wear as large a target on its back as Windows, but it’s in the bad guys sights. Don’t let complacency and smugness compromise the security of your Mac.