Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Are trojans now a mac problem?


  • Please log in to reply
13 replies to this topic

#1 MaryBet82

MaryBet82

  • Members
  • 438 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:22 AM

Posted 06 January 2011 - 12:32 PM

I read the post by Khirae whose av ID'd 4 trojans on her mac. Previously most of what I read said running an antivirus program wasn't necessary on a mac. Have the recs changed - are macs being targeted more now? Should I run periodic malware scans?
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

BC AdBot (Login to Remove)

 


#2 Buddyme2

Buddyme2

  • Members
  • 693 posts
  • ONLINE
  •  
  • Local time:01:22 AM

Posted 07 January 2011 - 12:05 AM

If you exercise caution you have no need to worry about trojans.

What is a Trojan horse?
Trojan horses are impostors—files that claim to be something desirable but, in fact, are malicious. A very important distinction between Trojan horse programs and true viruses is that they do not replicate themselves. Trojan horses contain malicious code that when triggered cause loss, or even theft, of data. For a Trojan horse to spread, you must invite these programs onto your computers; for example, by opening an email attachment or downloading and running a file from the Internet.

There are, as of this time, trojans that can affect Mac OS X, but these must be downloaded and installed by the user, which usually involves entering the user's administrator password. Also, Mac OS X will give you a warning when you first launch an app you downloaded from the web. Trojans can easily be avoided by the user exercising common sense and caution when installing applications. A common source of trojans is pirated software, typically downloaded from bit torrent sites.

The above copy and pasted from here.
http://forums.macrumors.com/showpost.php?p=9400648&postcount=4

#3 MaryBet82

MaryBet82
  • Topic Starter

  • Members
  • 438 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:22 AM

Posted 07 January 2011 - 12:25 PM

Thanks Buddyme2
I don't use bit torrent and I check McAffee or Norton's software site evaluations before downloading/installing software. I'm careful w/ email, tho I'm never sure I'm remembering all the email don'ts. It might be a good idea for me to do a periodic scan for trojans - and viruses since I'm running winxp in a VM and a virus in a shared folder might infect the VM. I put it on my To Do Later list.
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

#4 wfriction

wfriction

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:22 PM

Posted 25 January 2011 - 02:41 AM

Provided you use common sense and don't do downloading stuff from dodgy sites, you shouldn't need to worry about an antivirus on a Mac.

#5 Twin B

Twin B

  • Members
  • 240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:More Than a Mile High
  • Local time:03:22 AM

Posted 27 January 2011 - 12:06 AM

Occasionally I run MacScan (http://macscan.securemac.com). A few months ago it caught a trojan spyware & isolated it. My iMac had been running slowly & when I found this trojan the machine returned to normal.

I've learned blood is not thicker than money. 

 


#6 computerxpds

computerxpds

    Bleepin' Comp


  • Moderator
  • 4,457 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:22 AM

Posted 28 January 2011 - 03:36 PM

Twin B what was the name of the Trojan it found, if you remember by any chance. :) I am looking to get and idea of some of the trojans and see if i cant get a grip on the scope of mac based trojans these days, especially since the intel processor macs came out. Just another reason I still enjoy my iBook and my power mac G4, most malware devs dont put their packages into PPC based code thus rendering it useless on a PPC machine like mine. :) You should be fine as long as you dont go senselessly browsing around the net not even paying attention to what site you are going on.

sigcomp.png 
If I have replied to a topic and you reply and I haven't gotten back to you within 48 hours (2 days) then send me a P.M.
Some important links: BC Forum Rules | Misplaced Malware Logs | BC Tutorials | BC Downloads |
Follow BleepingComputer on: Facebook! | Twitter! | Google+| Come join us on the BleepingComputer Live Chat too! |


#7 TheDudeWithTude

TheDudeWithTude

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hell!
  • Local time:04:22 AM

Posted 28 January 2011 - 07:55 PM

Technically, Mac's are very secure, as is Linux. However, that hasn't stopped people from making viruses. They're just harder to make. Consider the following:

Two puzzles of the same image are made. One is a 100 piece of intermediate difficulty, representing Windows, and the other, representing Mac and Linux, are 1000 piece puzzles of hard difficulty.

Just because a puzzle takes longer to solve, doesn't mean it can't be.

So yes, you should check for malware, even on a Mac. No computer is invincible, but you can take every precaution necessary. Make backups, use an antivirus, scan every file and use a firewall. I'm a PC user, but no matter what your OS, you need to protect your computer. I'd say check out Norton AV for Mac. Or some other legitimate antivirus provider.

As I said, Mac is hard to hack, But if you have nothing, Malware is stuck on your back.

-TDWT

Edited by TheDudeWithTude, 28 January 2011 - 08:03 PM.

If life gets you down, start tunneling, you might find some juicy dirt on others.

When life gives you lemons, squeeze the juice into the other persons eyes!

#8 Twin B

Twin B

  • Members
  • 240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:More Than a Mile High
  • Local time:03:22 AM

Posted 28 January 2011 - 08:07 PM

Computerxpds, actually it was the 'Spector' keylogger program that was found, not a trojan; sorry for the confusion. I looked in the Macscan Isolated Spyware folder to see if it was still there but I must've deleted it. The description says it's a hybrid keylogger and screen recorder program. Still trying to figure out where I got the thing because I don't go to iffy sites nor open emails from strangers.

Edited by Twin B, 28 January 2011 - 08:08 PM.

I've learned blood is not thicker than money. 

 


#9 computerxpds

computerxpds

    Bleepin' Comp


  • Moderator
  • 4,457 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:22 AM

Posted 29 January 2011 - 09:48 AM

Hmm that is odd that you managed to pick up a keylogger, that is something you don't see very much on a mac.

sigcomp.png 
If I have replied to a topic and you reply and I haven't gotten back to you within 48 hours (2 days) then send me a P.M.
Some important links: BC Forum Rules | Misplaced Malware Logs | BC Tutorials | BC Downloads |
Follow BleepingComputer on: Facebook! | Twitter! | Google+| Come join us on the BleepingComputer Live Chat too! |


#10 MaryBet82

MaryBet82
  • Topic Starter

  • Members
  • 438 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:22 AM

Posted 31 January 2011 - 05:54 PM

Thanks to everyone for their input. Thanks Twin B for the link to macscan.

I found more options googling for security programs for macs than I did when I originally looked. Per an about.com review [link to security programs review], macscan scans for keyloggers, backdoors, remote access trojans and spyware - things to which a mac is vulnerable. I don't know how vulnerable my mac is to any of these - how much of what threats are where. If most mac owners don't scan, spyware may be more common than realized.

PC Tools offers a free iAntivirus that is also limited to scanning for mac only malware. I think I'll try that one just to see if a scan detects anything. PC Tools features real-time scans - I just want on-demand scans. If I decide I need to do periodic checks I'll probably opt for macscan, which stated one could do on demand scans.

Sophos offers a free to home uses "business-grade" antivirus program for macs that also scans for windows threats. That would scan my shared folders and protect my winxp vm from infection. I don't know if I'd have the option to just do on demand scanning or if the program is designed for real time scanning. One thing I like about my mac is not having to run real time scanning.

One thing reading the info on macscan reminded me was to install a flash cookie remover add-on to firefox. I forgot to do that. I have noscript and WOT add-ons but forgot BetterPrivacy. I have firefox configured to delete regular cookies when I close the browser. So hopefully I don't need the blacklist cookie feature of macscan.
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

#11 Twin B

Twin B

  • Members
  • 240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:More Than a Mile High
  • Local time:03:22 AM

Posted 31 January 2011 - 09:35 PM

Mary, I read some reviews of that Sophos program & it does sit in the background doing realtime scanning, so I opted not to install it; I feel like that would be overkill, considering what we know about the scope of the Mac attacks, & also I don't want to slow down my machine. Thanks for this interesting thread, good to be updated once in awhile by the folks here who are in the know. Joe.

I've learned blood is not thicker than money. 

 


#12 davidanders

davidanders

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:02:22 AM

Posted 01 February 2011 - 02:52 AM

When security breaches for Macs become common or even less than common, you will hear about it.
The current trojans require a level of foolishness that is rare, today, with computer users.
Despite the dire predictions of those companies that stand to make money from such things...
http://www.google.com/search?q=mac+virus+malware
David Anders
The Computer Guy, Seattle
My Allexperts Stats

#13 davidanders

davidanders

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:02:22 AM

Posted 01 February 2011 - 02:58 AM

Paranoia can be useful, but I would reserve it for your concern about your backups. At least on Macs.
Do you backup your Boot OS Drive? Your User folder? Your archived files? If not. why not?
David Anders
The Computer Guy, Seattle
My Allexperts Stats

#14 MaryBet82

MaryBet82
  • Topic Starter

  • Members
  • 438 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:22 AM

Posted 01 February 2011 - 01:12 PM

thanks to all

As a longtime windows user new to macs it is hard to let go the paranoia [my winp machine has real time av and two on demand malware scanner programs per usual recommendations], but I do feel comfortable enough w/ mac safety not to install a realtime scanner on my mac. One of the two major reasons I switched to mac were all the security issues that come with a windows machine.

I have backed up w/ superduper to an ext hdd and if my winxp vm does get infected I understand I can just delete it [the vdi file that is the virtual hdd] and copy over my backup vdi file.

One concern w/ pcs was silent malware - like rootkits - that can take control of your machine w/ access to your personal files and any personal info in those files. The scans necessary to id such malware on a pc took more expertise than I or the majority of pc users had. I could never figure out what the real risk to a home pc user was of being targeted by such a rootkit or whether the botnets in the news were rare or the tip of an iceberg. News & security vendors dramatize and computer vendors minimize the risk. I don't know if anyone was/is doing the necessary monitoring/studies to determine the actual risk to the average user.

If I remember correctly, trojans can be used to deliver such programs and software backdoors also present a risk. I know rootkits can be installed on mac os x and there are rootkit scanners for mac. I don't know all the ways a rootkit could be installed and whether the new intel/mac os based on linux macs will make it easier. Since my mac warns me when I'm installing a program I downloaded from the net [wake up and pay attention!] I think I'm protected that way. There was some program whose name I forget downloadable from the net that made it easier to hack into pcs thru routers and firewalls and deliver a rootkit. Since most home users don't monitor their incoming/outgoing packets I've wondered if our computers are more accessible than we realize.
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users