Macintosh Trojan Attacks!
Mac fans will tell me that Mac OS X is impervious to viruses, and I have to laugh in their faces. It’s undeniable that Macs are more resistant to several forms of malware; it’s highly unlikely that we’ll ever see a fast-spreading worm like Blaster or Downandup. Those worms took advantage of flaws in the Windows architecture that simply do not exist in UNIX-derived systems like Mac OS X.
That said, Macs are just as vulnerable to Trojans as Windows users, simply because Trojans involve tricking the user into installing the malware, rather than exploiting flaws in the operating system. And despite their protestations of intellectual and cultural superiority, Mac users can be fooled just like anyone else. Anyone can be tricked in you know the right levers to pull. The fact that there are fewer Mac Trojans instead of Windows Trojans are simply because there are substantially fewer Macs than Windows machines.
This just reinforces the importance of all users, Windows and Mac alike, taking care when a program asks for permission to install itself.
-JM
2 Responses to “Macintosh Trojan Attacks!”
Comment from Jonathan Moeller
Time January 30, 2009 at 1:09 pm
Alex:
Oh yeah. I changed a lot of SSH keys that week.
Now that’s an interesting thought for an attack vector. I don’t know if Apple’s in-house stuff would be more resistant, since it tends to behave badly on the PC side and it wouldn’t surprise me if there were a bunch of exploitable flaws in iTunes or Safari. And if someone did pull off a successful worm on the Mac, I’d bet the results would be devastating; Windows users have been dealing with this sort of thing for over ten years, and have both the software and the psychological tools to deal with worms. Macs don’t.
Comment from Alex J. Avriette
Time January 30, 2009 at 12:56 pm
I don’t know if you know about the time OpenSSH was affected by a buffer overflow, causing Theo the Rat to change his “secure by default” moniker, slightly. The OpenBSD install base is so much smaller than the Mac’s that I have a hard time seeing a worm develop that specifically targeted OpenBSD. However, the possibility of malware is very real when an OS uses third-party applications (*especially* open source applications). Since the Mac install base is huge, there’s a very real incentive to build a worm that propagates on the Mac, targeting software Apple didn’t design in-house (like, oh, apache, openssh, cups…).