Hackers and viruses pose more of a threat than ever for the Mac platform due to the Unix underpinnings of Mac OS X, according to Robert Franklin, Symantec’s senior product specialist.
is the company behind such products as Norton Anti-Virus and Norton Utilities.
Hackers are computer users who try to gain unauthorized access to other computers on the Internet. They pose threats with their abilities to view, copy or destroy personal files; view and copy information like names, addresses, important numbers and financial information; and plant computer viruses and/or Trojan Horse viruses.
“Hackers are challenged by the prospect of a new operating system, and Mac OS X is more vulnerable to attacks because of Unix,” Franklin said. “Unix is more susceptible because it’s a networking operating system. Also, UNIX has been around for a long time, longer than Windows, so people are very familiar with it.”
Computer viruses are, of course, a common security threat that affects both Mac and Windows users — though the majority of viruses attack Wintel systems. Viruses are programs that are designed to spread themselves. They’re usually passed along through file sharing and e-mail file attachments and have the potential to wreak lots of havoc by destroying files, disrupting hardware functions, re-formatting hard drives, and implementing mass e-mail action to all address book entries.
“Mac users have, to some extent, been lulled into thinking they don’t need to be protected,” Franklin said. “It’s not really a case of one operating system being more susceptible than another by the very nature of the OS. Rather, it’s the fact that there have been, by volume, more viruses written to affect Windows machines than Macs.”
The motivation here is that virus writers want their viruses to spread to as many users as possible. Since the Windows platform has the greatest worldwide reach, for both home and office computer users, more viruses are written for that platform, Franklin explained.
“This doesn’t mean that Macs are free from virus concerns, or if a Mac gets a virus that the payload will be less significant,” he explained. “There are a number of Mac specific viruses out there, and they can cause varying degrees of problems for Mac users.”
The top four Macintosh specific viruses are:
an AppleScript worm that targets the Macintosh platform. It may open Microsoft Outlook Express or Entourage, and send a copy of itself with the original message to everyone in your address book. The name of the script is “Simpsons Episodes.”
There are six variants of this virus, including four polymorphic, encrypted ones. What they have in common is that they all infect applications by modifying MDEF and MENU resources, and they can create a System Extension (with an invisible character at the beginning of the name so it loads early) or add an INIT resource to the System file.
This virus spreads from application to application. When an infected application is launched, it searches for another application to infect and copies itself into that application. The contents of the original file are copied to an invisible file in the same folder whose name is composed of arbitrary upper case letters. The infected application also attempts to delete anti-virus software it finds in the default volume’s root folder, or in the System, Control Panels or Extensions folders.
a virus that first appeared in 1992. The MBDF A strain originated from a Trojan Horse virus named Tetracycle. Additionally, MBDF A was found to be distributed in versions of Obnoxious Tetris and Ten Tile Puzzle.
The Simpsons virus can affect Mac OS X — so can SevenDust, CODE 0911 and MBDF, but only in the Classic environment.
Then there are macro viruses. A macro virus is a macro (list of instructions) that masquerades as legitimate document. When a document infected with a Macro virus is launched, the virus contained in the file is released
“Most macro viruses aren’t dangerous to Macs, but some are,” Franklin said. “And even with the ones that aren’t, Mac users can pass these onto PC users via e-mail attachments.”
People often don’t know that they are even spreading a virus, he added. Most are spread through e-mail attachments, and often come in the form of a picture, or animation or the file name is something inviting like “Check this out.”
While all of us want faster Internet connections, Franklin said that high-speed connections (such as DSL and cable) actually increase the danger of getting a virus or getting hacked, especially with the combination of high speed and “on-all-the-time” connections. When connections are on all the time, hackers have a great opportunity to locate users online and cause harm.
Some Cable and DSL connections use a “Static IP Address” which means that hackers know where to return to access the same system, Franklin said. Even if Mac users have a Cable of DSL connection using a “Dynamic IP Address”, where users are assigned new IP addresses every time a machine is restarted, users are still open to random hacking attacks, simply by virtue of being online at all.
There are two ways to protect your Mac from hackers and viruses: personal firewall software and anti-virus software. The cable modem industry recommends personal firewall software as it offers more steps you can take to protect your computer and privacy while on the Internet.
“The easiest is installing personal firewall software … a firewall is like a security system that detects and prevents intruders from entering your property,” according to Cable-modem.net, a Web site devoted to the latest info about high-speed Internet access. “Personal firewall software monitors your computer for suspicious activity while you’re online. Inbound intruders are stopped before they can get into your computer, and a record of the repelled attacker, including his IP address, is stored … Personal firewall software is inexpensive … and easy to install … we think it’s an ideal investment if you have a cable modem or DSL connection, or if you’re a heavy dial-up modem user.”
Of course, the best and easiest way to keep a Mac virus free is to use anti-virus software — which lets you scan and repair infected files — and keep it up-to-date. Most anti-virus software is updateable via the Internet, so virus definitions are always current.
With Mac OS X gaining in popularity, viruses and hackers pose threats to the new operating system. Both are threats in different ways, Franklin said.
“Virus threats can come in bunches and are often unexpected,” he explained. “Hackers are more of a constant threat that are always out there.”
Mac users should continue to use both anti-virus and personal firewall products under Mac OS X in order to assure maximum protection for their systems. Also, they should make sure that the products they’re using are Mac OS X compatible.
You can learn more about viruses at the
Symantec Anti-Virus Research Center. Simply do a search for all viruses related to Macs by typing “Macintosh” into the search field in the