Is MacDefender malware a sign of the Macpocalypse?

The Mac facade of security by obscurity has been shattered, but users need to understand that there is a new malware era

There is a new world order. MacDefender, and subsequently MacGuard, demonstrate that the inherent security by obscurity of the Mac is fading, and that attackers are looking at the bigger picture.

The security mantra of Mac users revolves around the fact that it's not Windows. Look at the comment thread of almost any post online about a new vulnerability, or new malware attack impacting Windows, and inevitably you will find a Mac user gloating about how they don't have to deal with those issues.

While that is true, it is misguided to believe that the reason stems from Mac OS X just being too secure for attackers to breach. Not being the preferred target is nowhere near the same as being impervious. Just because Cadillac Escalades or Chevy Silverado pickups are stolen more than the Ferrari 458 Italia doesn't mean the Ferrari 458 Italia can't be stolen. It means that there are way more Cadillac Escalades and Chevy Silverados in the world.

Should Mac users feel violated? Well, yes and no. It is sort of like someone who walks around all day oblivious of the fact that his zipper is down. He may feel embarrassed when someone finally points it out, but it doesn't change the fact that it was already like that all day. Nothing really changed. That is Mac OS X security in a nutshell, and MacDefender just let Mac users know their zipper is down.

But, that doesn't mean the Macpocalypse has arrived and that malware will run rampant on the Mac. It won't. There are essentially two lessons to learn here about the new world order and the future of malware.

First, Mac OS X is on the radar. It has gained enough traction, and enough market share to catch the attention of attackers. The fact that many Mac users are more naive and gullible by virtue of the perception of Mac security also makes them that much easier prey for certain attacks -- which bring us to lesson two..

The second lesson is not Mac specific. Yes, MacDefender and MacGuard illustrate that the Mac is not impervious, and that attackers are aware that the platform exists. But, the evolution of malware threats isn't about moving on from Windows to Mac, its about moving on from OS or application specific exploits to attacks that prey on the user directly through social engineering. Craig Schmugar, a security threat researcher with McAfee Labs, notes in a blog post, "Mac users should understand that millions of Windows threats exploit the user, rather than the operating system. Attackers target the curiosity of the person at the helm of the mouse, who's just a couple clicks away from watching that video, seeing a photo, or obtaining the system protection they've been "promised."

Rodrigo Branco, Director of Vulnerability & Malware Research at Qualys, explains that the security model on Mac OS X is much better than on Windows, but that there Apple still has to allow ways for third-party software to interact with core Mac OS X functionality, and those ways can also be exploited by malware to damage the system.

Dan Clark, VP at ESET, offered up this wisdom. "On the internet, the first line of defense is education, as an informed user can easily spot social engineering, and for them, technology is a safety net. An uninformed user, on the other hand, relies solely on technology, so they are simply more vulnerable."

There are differences in the core functionality and security controls of the different operating systems that make it more difficult to execute some attacks on one platform vs. another. But, a user is a user is a user, and if you can lure the user into clicking on links, opening file attachments, and surrendering sensitive information on spoofed Web sites, it really doesn't matter which OS they started from.

The sky is not falling. The Macpocalypse has not arrived. But, profit motive is platform agnostic and users need to be aware, and exercise caution regardless of which operating system they choose.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags spamantispamvirusessecuritytrojan horsessoftwareoperating systemsphishingmalwareAppleMac OS

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tony Bradley

PC World (US online)
Show Comments

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?