EN RU CN DE EN ES FR IT JP UA

Threats to OS X

Mac

OS X users are confident that no malicious programs exist for this operating system. But they are wrong.

The first ones

  • 1982 – the first Trojan for Mac appeared
  • 2006 – the first Trojan for OS X (Mac.Leap) was discovered
  • 2009 – the first Mac botnet (the Trojan Mac.Iservice) was exposed
  • June 2009 – Doctor Web released its anti-virus for OS X

Malware programs for Macs do exist, but compared with Windows, their number is relatively small.

The number of malware samples for OS X acquired by Doctor Web's virus laboratory in 2014

The number of malware samples for OS X acquired by Doctor Web's virus laboratory in 2014

The growing number of malware samples received by the Doctor Web anti-virus laboratory in 2014

The growing number of malware samples received by the Doctor Web anti-virus laboratory in 2014

So malware for Macs does exist. But how does it sneak onto computers?

Means of transport #1: Applications incorporating malicious code

The Apple Corporation claims that OS X is the operating system most resistant to malware infections.

Since—as Apple claims—no code can be executed on a Mac without the user's knowledge, the risk of infection should be rather low. Alas, this is not true.

Unfortunately, AppStore is not the only source from which Mac users download applications. Dubious download portals, on which no one checks whether an application is malicious, often offer video and software for OS X. And virus makers use this to their advantage.

Users can download malicious content themselves. As a rule, a movie is accompanied by malware in the guise of a flash player update or it can be incorporated in a compromised copy of expensive software for which the user doesn’t want to pay the developer.

In such a case, the user activates the malicious program after carelessly clicking on a button and initiating the Trojan’s installation!

In such a case, the user activates the malicious program after carelessly clicking on a button and initiating the Trojan’s installation!

So it turns out that no security measure can protect a Mac from user carelessness. No matter how hard a manufacturer tries to make an operating system secure, users download programs containing malicious code and use administrator permissions to install them!

If a Mac is operated by an inexperienced user, the risk of infection increases dramatically.

Without fail, Dr.Web SpIDer Guard will issue a warning whenever it detects a Trojan

Dr.Web SpIDer Guard обязательно сообщит об обнаруженном на Mac троянце

Only an anti-virus that has been installed on your Mac and is equipped with a resident file monitor that detects malware on the fly can show you that you've downloaded a Trojan along with a legitimate application.

Means of transport #2: Vulnerabilities

To spread malware for OS X, intruders also exploit vulnerabilities. Vulnerabilities are program code flaws that enable malware to infiltrate a Mac without user knowledge or consent.

Just like any other piece of software, OS X also has vulnerabilities.

It was namely vulnerabilities that played a major role in the first-ever outbreak of the malicious program BackDoor.Flashback.39.for OS X.

  • In February 2012 criminals started using Java vulnerabilities to spread BackDoor.Flashback.39, and after March 16 they began using yet another exploit.
  • March 2012 – Oracle released an update for the Java Virtual Machine, closing the vulnerabilities exploited by BackDoor.Flashback.39.
  • As late as April 2012, Apple released an update for its own Java implementation to close the vulnerabilities exploited by BackDoor.Flashback.39.

Outbreak! 650,000 Macs

were infected with BackDoor.Flashback worldwide

Outbreak! 650,000 Macs were infected with BackDoor.Flashback worldwide

More than 4 million websites
involved in spreading BackDoor.Flashback

Malicious websites were used to spread BackDoor.Flashback.39. At the end of March, Google search results contained links to over four million infected web pages distributing the backdoor.

How can OS X users protect their machines from infection?

Security tips from Doctor Web:

  • Only download software from the developer’s site or from the App Store.
  • To maintain real-time security, use an anti-virus that incorporates a resident monitor (e.g., in Dr.Web Anti-virus for OS X, this component is called SpIDer Guard).
  • Use the HTTP monitor Dr.Web SpIDer Gate to protect your Mac from malware on websites. It will scan all the HTTP traffic and control access to Internet sites according to various thematic categories such as drugs, terrorism, violence, etc.

Try Dr.Web Anti-virus for OS X by putting it into action

Dr.Web for OS X is available with two products

Dr.Web Anti-virus

26.00 €

1 PC/Mac 1 year

Buy

Dr.Web Security Space

28.00 €

1 PC/Mac 1 year

Buy

All the licenses include the right to use Dr.Web Mobile Security to protect handhelds running Android, BlackBerry free of charge.

Thank you for taking the time to familiarise yourself with these materials.