Posts Tagged ‘OS X’

New Mac Malware Resource

Thursday, June 10th, 2010

Well, actually, it’s an old one. It’s at the Mac Virus site I kicked back into life a few months ago, primarily as a blog site.

However, I’ve been under some pressure to restore some of the features of the old Mac Virus site. While I’ll be restoring some (more) of the pre-OSX stuff for its historical interest, I don’t see that as a big priority right now. But as I’ve been talking quite a lot about Mac threats in the past month or two (see http://macviruscom.wordpress.com/2010/05/13/apple-security-snapshots-from-1997-and-2010/ for example), there’s been curiosity about what we’ve been seeing in the way of OS X malware.

Enter (stage left, with a fanfare of trumpets) the Mac Virus “Apple Malware Descriptions” Page at http://macviruscom.wordpress.com/apple-malware-descriptions/. Right now it consists of two descriptions of Mac scareware from 2008, so it’s at a very early stage of development. (It just happens to be those two descriptions because someone asked me about them yesterday.)

Isn’t this stuff available elsewhere, I hear you ask? Of course it is. The point about these descriptions is that unlike most vendor descriptions, they point to various other sources of (reasonably dependable) information, as well as including a little personal commentary. It’s a first cut at attempting to answer the question “if there’s so much Mac malware around, where is it?”

More later…

David Harley CITP FBCS CISSP
AVIEN Chief Operations Officer
Mac Virus Administrator
ESET Research Fellow and Director of Malware Intelligence

Also blogging at:
http://www.eset.com/blog
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com
http://macvirus.com
http://amtso.wordpress.com/

Tags: , , , , ,
Posted in Apple, David Harley, Mac Virus blog | No Comments »

Mac Whacks Back

Sunday, December 13th, 2009

It sometimes seems like I’ve spent the last twenty years trying to persuade Mac users that using a system named after a fruit doesn’t mean that there are no snakes in Eden or that angels will protect you from all harm.

Not, perhaps, completely in vain, but apparently many of the old Mac evangelist mindsets continue to prevail, irrespective of the true nature of the threatscape. (Macs don’t get viruses, Trojans don’t matter, there are no Mac vulnerabilities and if there were they’d be fixed immediately, social engineering is irrelevant, Microsoft Bad/Apple Good, blah….) There is a polite but nonetheless naive article that more than hints at this mindset here:

http://www.makemineamac.info/2009/10/dont-bug-me-why-macs-are-still-virus.html

Thanks, however, to Kurt Wismer for reassuring me that Mac security is not just my own personal crusade:

http://anti-virus-rants.blogspot.com/2009/12/why-mac-fanatics-still-believe-theyre.html

I have a feeling I’m not done with this issue. And just to be clear: for most of those 20 years I was working for customers, not for vendors…

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://dharley.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/

Tags: , , , , , , , ,
Posted in Apple, David Harley, Mac, OS X | No Comments »

NOD32 beta test versions

Friday, December 4th, 2009

As we all know, there is, never has been, and never could be any Mac or Linux malware. If it did, no Mac or Linux user would fall for it, and if they did it would be their own fault. Microsoft-loving antivirus companies are simply looking for excuses to line their pockets.

(Guys, this is called irony! )

There you go. Now I’ve said it for you, there’s no need to clutter this page and my mailbox with fanboi comments and hatemail.

However, in case you’re gullible enough to believe that ESET, like other security companies, really believes that Mac and Linux users sometimes need anti-malware protection, we have now public beta test versions of our scanner available for OS X and for Linux desktop.

http://beta.eset.com/linux
http://beta.eset.com/macosx 

Declaration of interest: yes, I do currently work for ESET. And I am that gullible.

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://dharley.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/

 

Tags: , , , , , , ,
Posted in David Harley, Linux, OS X | No Comments »