Are trojans now a mac problem?

I read the post by Khirae whose av ID'd 4 trojans on her mac. Previously most of what I read said running an antivirus program wasn't necessary on a mac. Have the recs changed - are macs being targeted more now? Should I run periodic malware scans?

If you exercise caution you have no need to worry about trojans.

What is a Trojan horse?
Trojan horses are impostors—files that claim to be something desirable but, in fact, are malicious. A very important distinction between Trojan horse programs and true viruses is that they do not replicate themselves. Trojan horses contain malicious code that when triggered cause loss, or even theft, of data. For a Trojan horse to spread, you must invite these programs onto your computers; for example, by opening an email attachment or downloading and running a file from the Internet.

There are, as of this time, trojans that can affect Mac OS X, but these must be downloaded and installed by the user, which usually involves entering the user's administrator password. Also, Mac OS X will give you a warning when you first launch an app you downloaded from the web. Trojans can easily be avoided by the user exercising common sense and caution when installing applications. A common source of trojans is pirated software, typically downloaded from bit torrent sites.

The above copy and pasted from here.
http://forums.macrumors.com/showpost.php?p=9400648&postcount=4

Thanks Buddyme2
I don't use bit torrent and I check McAffee or Norton's software site evaluations before downloading/installing software. I'm careful w/ email, tho I'm never sure I'm remembering all the email don'ts. It might be a good idea for me to do a periodic scan for trojans - and viruses since I'm running winxp in a VM and a virus in a shared folder might infect the VM. I put it on my To Do Later list.

Provided you use common sense and don't do downloading stuff from dodgy sites, you shouldn't need to worry about an antivirus on a Mac.

Occasionally I run MacScan (http://macscan.securemac.com). A few months ago it caught a trojan spyware & isolated it. My iMac had been running slowly & when I found this trojan the machine returned to normal.

Twin B what was the name of the Trojan it found, if you remember by any chance. I am looking to get and idea of some of the trojans and see if i cant get a grip on the scope of mac based trojans these days, especially since the intel processor macs came out. Just another reason I still enjoy my iBook and my power mac G4, most malware devs dont put their packages into PPC based code thus rendering it useless on a PPC machine like mine. You should be fine as long as you dont go senselessly browsing around the net not even paying attention to what site you are going on.

Technically, Mac's are very secure, as is Linux. However, that hasn't stopped people from making viruses. They're just harder to make. Consider the following:

Two puzzles of the same image are made. One is a 100 piece of intermediate difficulty, representing Windows, and the other, representing Mac and Linux, are 1000 piece puzzles of hard difficulty.

Just because a puzzle takes longer to solve, doesn't mean it can't be.

So yes, you should check for malware, even on a Mac. No computer is invincible, but you can take every precaution necessary. Make backups, use an antivirus, scan every file and use a firewall. I'm a PC user, but no matter what your OS, you need to protect your computer. I'd say check out Norton AV for Mac. Or some other legitimate antivirus provider.

As I said, Mac is hard to hack, But if you have nothing, Malware is stuck on your back.

-TDWT

Edited by TheDudeWithTude, 28 January 2011 - 08:03 PM.

Computerxpds, actually it was the 'Spector' keylogger program that was found, not a trojan; sorry for the confusion. I looked in the Macscan Isolated Spyware folder to see if it was still there but I must've deleted it. The description says it's a hybrid keylogger and screen recorder program. Still trying to figure out where I got the thing because I don't go to iffy sites nor open emails from strangers.

Edited by Twin B, 28 January 2011 - 08:08 PM.

Hmm that is odd that you managed to pick up a keylogger, that is something you don't see very much on a mac.

Thanks to everyone for their input. Thanks Twin B for the link to macscan.

I found more options googling for security programs for macs than I did when I originally looked. Per an about.com review [link to security programs review], macscan scans for keyloggers, backdoors, remote access trojans and spyware - things to which a mac is vulnerable. I don't know how vulnerable my mac is to any of these - how much of what threats are where. If most mac owners don't scan, spyware may be more common than realized.

PC Tools offers a free iAntivirus that is also limited to scanning for mac only malware. I think I'll try that one just to see if a scan detects anything. PC Tools features real-time scans - I just want on-demand scans. If I decide I need to do periodic checks I'll probably opt for macscan, which stated one could do on demand scans.

Sophos offers a free to home uses "business-grade" antivirus program for macs that also scans for windows threats. That would scan my shared folders and protect my winxp vm from infection. I don't know if I'd have the option to just do on demand scanning or if the program is designed for real time scanning. One thing I like about my mac is not having to run real time scanning.

One thing reading the info on macscan reminded me was to install a flash cookie remover add-on to firefox. I forgot to do that. I have noscript and WOT add-ons but forgot BetterPrivacy. I have firefox configured to delete regular cookies when I close the browser. So hopefully I don't need the blacklist cookie feature of macscan.

Mary, I read some reviews of that Sophos program & it does sit in the background doing realtime scanning, so I opted not to install it; I feel like that would be overkill, considering what we know about the scope of the Mac attacks, & also I don't want to slow down my machine. Thanks for this interesting thread, good to be updated once in awhile by the folks here who are in the know. Joe.

When security breaches for Macs become common or even less than common, you will hear about it.
The current trojans require a level of foolishness that is rare, today, with computer users.
Despite the dire predictions of those companies that stand to make money from such things...
http://www.google.com/search?q=mac+virus+malware

Paranoia can be useful, but I would reserve it for your concern about your backups. At least on Macs.
Do you backup your Boot OS Drive? Your User folder? Your archived files? If not. why not?

thanks to all

As a longtime windows user new to macs it is hard to let go the paranoia [my winp machine has real time av and two on demand malware scanner programs per usual recommendations], but I do feel comfortable enough w/ mac safety not to install a realtime scanner on my mac. One of the two major reasons I switched to mac were all the security issues that come with a windows machine.

I have backed up w/ superduper to an ext hdd and if my winxp vm does get infected I understand I can just delete it [the vdi file that is the virtual hdd] and copy over my backup vdi file.

One concern w/ pcs was silent malware - like rootkits - that can take control of your machine w/ access to your personal files and any personal info in those files. The scans necessary to id such malware on a pc took more expertise than I or the majority of pc users had. I could never figure out what the real risk to a home pc user was of being targeted by such a rootkit or whether the botnets in the news were rare or the tip of an iceberg. News & security vendors dramatize and computer vendors minimize the risk. I don't know if anyone was/is doing the necessary monitoring/studies to determine the actual risk to the average user.

If I remember correctly, trojans can be used to deliver such programs and software backdoors also present a risk. I know rootkits can be installed on mac os x and there are rootkit scanners for mac. I don't know all the ways a rootkit could be installed and whether the new intel/mac os based on linux macs will make it easier. Since my mac warns me when I'm installing a program I downloaded from the net [wake up and pay attention!] I think I'm protected that way. There was some program whose name I forget downloadable from the net that made it easier to hack into pcs thru routers and firewalls and deliver a rootkit. Since most home users don't monitor their incoming/outgoing packets I've wondered if our computers are more accessible than we realize.