The Real Woes for Apple Security Begin – 1 in 5 Mac Computers Now Carries Malware‏

April 25, 2012

At the start of the month, in what was the largest attack on the Apple OS to date, a beleaguered Apple released two security patches to address flaws in their Java code that had enabled malware to infect over 600,000 computers.  According to Symantec, in just 2 weeks consumers downloading the security patches dropped the number of infected computers from 600,000 to 140,000, where it seems to have stagnated. Symantec urges consumers that suspect their Mac has been infected with OSX.Flashback.K, to install the latest patches, and ensure that your antivirus is up to date.

But the problem doesn’t end there as a new variant has sprung up. Sound familiar? It should. Apple has grown in relevance to now face the same frustrations as the Windows platform – fix a hole and watch hackers find a new angle.

On April 23rd, the New York Times reported that “researchers at Intego, another computer security firm, discovered that a new variant of the malware, called Flashback.S, continued to spread through the same Java vulnerability. Security researchers said the variant was “actively being distributed in the wild” and noted that the malware deletes traces of itself on victims’ machines to avoid detection.

Today (April 24th) the Wall Street Journal reported that security firm Sophos released new research that analyzed “100,000 Mac computers running its free anti-virus software, and discovered that one in five machines was found to be carrying one or more instances of Windows malware.” And that “2.7 percent (one in thirty six) of Macs were found to be carrying Mac OS X malware.”

The Journal article included comments from Graham Cluley, senior technology consultant at Sophos, who said “Some Mac users may be relieved that they are seven times more likely to have Windows viruses, spyware and Trojans on their Macs than Mac OS X-specific malware, but Mac malware is surprisingly commonly encountered. Mac users need a wake-up call about the growing malware problem.”

“The simple fact is that you can scan your Mac for infection from your armchair. The test is painless and free; you just download an anti-virus product and allow it to check your computer and protect it against infections in the future,” explained Cluley.

At the end of the day the question is this, will Mac users be any better than Windows users at securing their devices with anti-malware tools?



Flashback Trojan has Infected Over 600,000 Macs

April 19, 2012

This week Apple patched a flaw in their Java code to prevent Macs from becoming infected with the Flashback Trojan – a malicious program that steals infected users’ user names and passwords, and has continued to evolve to exploit other elements.

Unfortunately, the malware has run rampant the last two months – when the malware was first detected. The Russian antivirus company, Dr. Web, reports that over 600,000 Mac’s are infected – and that 56% of the infected Macs are in the hands of U.S. consumers.

A ZDNet article includes these links for Mac users to get “the new version of Java that patches the security hole in question from Apple here: Java for Mac OS X 10.6 Update 7 and Java for OS X Lion 2012-001. Additionally, F-Secure has instructions on how to remove this malware if you think your Mac may already be infected.”

If you are among the Mac users who have clung to the belief that Macs don’t need strong malware protection, let this be a wakeup call.


It’s Official, Half of Cell Phones in U.S. Are Now Smartphones

April 16, 2012

New data from Nielsen shows that half (49.7%) of U.S. mobile subscribers have converted to smartphones, a 38% increase over February 2011, when only 36% of mobile subscribers used smartphones.

Nielsen’s research also shows that Android remains the leading cell phone platform with 48% of the U.S. smartphone market, followed by 32.1% who use an Apple iPhone, and 11.6% who remain Blackberry owners.

Up until last week, I was among the diehard Blackberry users, but I’ve purchased an iPhone and will never look back.

As a further indication of the imminent demise of Blackberry, their stock has plummeted.

Among consumers who acquired their smartphone within the last three months, 48% surveyed said they chose an Android and 43% bought an iPhone.

Not only was Blackberry absent, so was any mention of Windows phones.

In the now two-horse race, the rising frustration by developers and users of the Android platform indicates their market lead over Apple is far from assured. From a safety perspective, choosing Apple and Apple apps is the best bet.


Feel Hacker Proof on Apple Devices? Think Again. Apple Patch to Fix 54 Security Holes

April 6, 2011

For Apple lovers, the Mac OS and Apple device’s underdog status long served as a hardy defense against criminal exploits. But with 54 new fixes in Apple’s latest security update, those days are officially over.

Though still an underdog, here’s insight into why criminals are taking an interest in Apple. Consider the company’s 2010 Sales data (Fiscal year ended Sept 25th 2010) results, and it is easy to see why criminal interest is perking up.

In just the past three years, Apple has sold 33.7 million computers, 72.5 million iPhones, and iPad sales are soaring.  Add to that the over 350 thousand applications in the Apple App store and the potential for exploitation becomes even more interesting. (To learn more about threats to the iPhone see Researcher warns of risks from rogue iPhone apps).

To address the risking exploit risks, Apple changed their practices with regard to unreleased software[v] earlier this month. They are now sharing advanced copies of their next OS (called Lion) with security researchers, not just with developers.

ZDNet reported today that  Apple has shipped another Mac OS X mega-update with fixes for 54 security vulnerabilities, including one that was used to hijack an iPhone 4 device at this year’s CanSecWest Pwn2Own hacker challenge. (See my blog Hacker Conference Focused on Web Browsers and Mobile Devices: Who Was Hacked and Who Withstood, and does it Matter? for more information.)

The ZDNet goes on to say that the new Mac OS X v10.6.7 should be treated as a high-priority update, noting that it also fixes numerous issues that could allow remote code execution attacks via rigged image or font files.

Complacency kills computers. Make sure your devices are updated and fully protected today.


Part 4: McAfee Threat Predictions for 2011 – Apple: No longer flying under the radar

January 16, 2011

This is the fourth installment of my series covering McAfee’s Threat Predictions for 2011. To make the predictions for 2011 more digestible, I’ve broken each area out to show McAfee’s drilldown on the risk, and what the risk means to you. Click here to read the first, second, and third segments.

From McAfee Threat Report – Apple: No longer flying under the radar

Historically, the Mac OS platform has remained relatively unscathed by malicious attackers, but McAfee Labs warns that Mac-targeted malware will continue to increase in sophistication in 2011. The popularity of iPads and iPhones in business environments, combined with the lack of user understanding of proper security for these devices, will increase the risk for data and identity exposure, and will make Apple botnets and Trojans a common occurrence.

What this means to you

For Apple lovers, the Mac OS and Apple device’s underdog status against PC’s and the Windows OS long served as a hardy defense against criminal exploits – criminals target the largest possible segment for the largest possible return.

But with the Mac OS making stronger inroads, and the advent and mass adoption of  iPhones, and iPads, Apple is facing new threats – much like the general mobile market is now facing. (See Part 3: McAfee Threat Predictions for 2011 – Mobile: Usage is rising in the workplace, and so will attacks).  So it now appears that assuming you’re safe from malware on Apple devices is not longer a safe bet.

To gain some insight into why criminals are taking an interest in Apple, consider the company’s 2010 Sales data (Fiscal year ended Sept 25th 2010) results, it is easy to see why criminal interests are now focusing on these products. In just the past three years, Apple has sold 33.7 million computers, 72.5 million iPhones, and iPad sales are soaring.  Add to that the over 300 thousand applications in the Apple App store and the potential for exploitation becomes even more interesting. (To learn more about threats to the iPhone see Researcher warns of risks from rogue iPhone apps).

The future for Apple users is likely to adopt the same advice that PC users have been given for years. Protect your devices, only download apps from trusted and tested sites, and leverage Safari’s antiphishing, antivirus, and Malware Protection to avoid and block malware.


Part 3: McAfee Threat Predictions for 2011 – Mobile: Usage is rising in the workplace, and so will attacks

January 12, 2011

This is the third installment of my series covering McAfee’s Threat Predictions for 2011. To make the predictions for 2011 more digestible, I’ve broken each area out to show McAfee’s drilldown on the risk, and what the risk means to you. Click here to read the first and second segments.

From McAfee Threat Report – Mobile: Usage is rising in the workplace, and so will attacks

Threats on mobile devices have so far been few and far between, as “jailbreaking” on the iPhone and the arrival of Zeus were the primary mobile threats in 2010. With the widespread adoption of mobile devices in business environments, combined with historically fragile cellular infrastructure and slow strides toward encryption, McAfee Labs predicts that 2011 will bring a rapid escalation of attacks and threats to mobile devices, putting user and corporate data at very high risk.

What this means to you

It’s hard to recall that most people have owned a mobile phone for less than 15 years. How did we survive without them? You may remember the early Motorola phones of the mid-nineties, then the first 0.3 megapixel camera phones and the carrier networks that couldn’t send those lousy images to other provider’s networks. Then we got SMS (text messaging) – and the all-powerful MMS communications, and ringtones. Remember the challenges of getting email onto phones, the time when we all carried a pager, a PDA and a cell phone?

We’ve watched this rapid sprint from barely mobile “bricks” to today’s sleek phones with incredible capabilities. We’ve seen mobile phone adoption rates go from nearly zero to over 90%.

Yet for all the difficulties and lack of functionality in those old phones, they held one advantage. They were too primitive, too customized per handset, and had too few users to be interesting targets for criminal exploits. The bad news is that era has passed.

Mobile technologies are now less fractured, standardized around key platforms, services and applications. The phones themselves come with amazing computing capabilities. And, the number of mobile phone users was projected to exceed 5 Billion worldwide by the end of 2010 according to The International Telecommunication Union (October 2010).

As with so many technical advancements, criminals can spot an opportunity 10 miles off, and they’ve bided their time until this confluence of factors came together.  Prepping for this moment, over the past few years we’ve seen how criminals and hackers have probed for network weaknesses, devices weaknesses, and perhaps most importantly, consumer weaknesses.

Malware attacking phones will come via many methods, including text and multi-media messages, spam, downloadable content, and applications, and through access points like public Wi-Fi, or Bluetooth connections.

Defending Your Phone

Security companies have scrambled to provide mobile security software solutions, and if you have a smart phone, it’s time to purchase a mobile security suite.

TopTenReviews has created an excellent mobile security software comparison chart for consumers that I recommend.

Key features in these programs include antivirus protection, a firewall preventing unauthorized electronic access, antispam, and quarantine protection in real time.

Based on your phone usage patterns, the type of content you store on your phone,  or if you’re helping protect a minor’s phone, some additional features may be of interest:

  • Remote block and remote wipe to protect your information if your phone is lost or stolen.
  • Protection of internal memory and contents stored on memory cards
  • Ability to place phone numbers on either a black or white list – the ability to block people from calling is of keen interest to teens, and a key tool in blocking cyberbullies.
  • Parental control monitoring
  • SIM Card notice so that if your phone is stolen and the thief puts in a new SIM card, the phone will send you a notice of the new phone number to help track down the thief.

There are still far too few consumers that adequately protect their computers – only 37% of home computers are fully protected according to an Oct. 2010 report by Symantec – and this is a real safety, security and privacy issue.

Now, add your cell phone to the must protect list, or you’ll find that if it isn’t protected…. it will be infected.  Get security software and install it today.

For more information about other mobile phone risks and tips, see my blog Using Mobile Phones Safely.


Part 2: McAfee Threat Predictions for 2011 – Exploiting Social Media: Geolocation services

January 10, 2011

This is the second installment of my series covering McAfee’s Threat Predictions for 2011. To make the predictions for 2011 more digestible, I’ve broken each area out to show McAfee’s drilldown on the risk, and what the risk means to you. Click here to read the first segment.

From McAfee Threat Report – Exploiting Social Media: Geolocation services:

Locative services such as foursquare, Gowalla and Facebook Places can easily search, track and plot the whereabouts of friends and strangers. In just a few clicks, cybercriminals can see in real time who is tweeting, where they are located, what they are saying, what their interests are, and what operating systems and applications they are using. This wealth of personal information on individuals enables cybercriminals to craft a targeted attack. McAfee Labs predicts that cybercriminals will increasingly use these tactics across the most popular social networking sites in 2011.

What this means to you

There are two categories of geolocation tracking threats; the first covers the spectrum of malicious or criminal abuse of information as described above. The second category covers the non-criminal tracking and use of your location information for commercial purposes without your knowledge or express consent. A few examples of this type of use/abuse seen in 2010 include Google’s collection of personal data via WiFi networks (See my blog Google’s WiFi Data Collection Larger than Previously Known) and the explosion of consumer behavior and location tracking both online and offline by stores and advertisers (See my blogs The One-Way-Mirror Society – Privacy Implications of Surveillance Monitoring Networks, Managing Behavioral Advertising, and FTC’s Do-Not-Track Proposal for more information on these location/privacy controversies).

To a large extent, the actions needed take to protect yourself from one of these threat categories will also protect you against the other so I’ll address these together.

First, understand that your information, even things you find trivial, has financial value. Whether it be age, gender, relationship status, other demographic information, personally identifiable information, indirectly identifiable information, information about your emotional state, financial solvency, interest in purchasing, etc., information about your preferences of brands, books, movies, music, etc. – you get the point – all of it has financial value to some types of people, crooks, or companies.  Your location information can have particularly high value.

Information has value in entirely legitimate scenarios – to predict the fashions that will be a ‘hit’ next season or to offer you ads or discounts to nearby stores. Or, the value may be for use in legitimate-but-potentially-less-savory scenarios – reselling your data to data-brokers who use it in a variety of ways that you don’t know about, may not appreciate, and which may threaten your privacy or safety.   Or, the value may be for entirely criminal endeavors.

What makes sharing location information particularly valuable – and particularly risky – is that you are physically findable. Your property is findable. Your patterns are discoverable. This risk necessitates the need to make conscious choices about whom you choose to share this with – while erring on the side of caution.

Sometimes the value of your location is in knowing where you aren’t – for example, you aren’t home when you’re tweeting from another city, or across town, making it an ideal time to burglarize your home.  Sometimes the value is in your patterns – if you always stop at a doughnut shop on the way to work, but never stop at a gym, it may be of interest to your health insurance company, or the health insurance company with whom you’re applying for coverage.

Next, you need to identify how these people, entities, or companies are protecting and/or sharing your information with others. How public is your information in the hands of friends? What are the privacy policies of the sites you are registered with? How much information is being collected about you from websites you just happen to visit? What information is being collected about you or your device at the WiFi hotspots you use? See my blog Starbucks Launches Digital Network – 6 Steps to Safer WiFi Use to learn more.

Consider Google’s response to the Canadian Privacy minister during hearings about their WiFi data collection Google’s future plans for its location-based services: Google still intends to offer location-based services, but does not intend to resume collection of WiFi data through its Street View cars. Collection is discontinued and Google has no plans to resume it. [Instead]Google intends to rely on its users’ handsets to collect the information on the location of WiFi networks that it needs for its location-based services database.  The improvements in smart-phone technology in the past few years have allowed Google to obtain the data it needs for this purpose from the handsets themselves.

You may be surprised to find that even many charitable organizations sell your information – including location information – as a way of raising funds. See my blog What’s the Privacy Policy of the Non-Profits You Support? to learn more about this issue.

In many cases a service may not be selling, renting or sharing your information behind the scenes, your location may be the primary information being shared, and shared with a potentially very broad audience. For example, if you’re a FourSquare user, ask yourself if being mayor of a bar is worth a potential increase in your auto insurance premiums, or having a would-be employer think twice about your drinking habits, or the potential impact this could have in a child custody dispute, etc.

Once you understand the potential financial value and potential risks associated with sharing your location information, you are positioned to make more informed decisions about the individuals, entities, or companies with whom you choose to share your location, and to what extent.  My recommendation? Be VERY conservative about giving anyone, any company, or any other entity access to your location information.