The Real Woes for Apple Security Begin – 1 in 5 Mac Computers Now Carries Malware‏

April 25, 2012

At the start of the month, in what was the largest attack on the Apple OS to date, a beleaguered Apple released two security patches to address flaws in their Java code that had enabled malware to infect over 600,000 computers.  According to Symantec, in just 2 weeks consumers downloading the security patches dropped the number of infected computers from 600,000 to 140,000, where it seems to have stagnated. Symantec urges consumers that suspect their Mac has been infected with OSX.Flashback.K, to install the latest patches, and ensure that your antivirus is up to date.

But the problem doesn’t end there as a new variant has sprung up. Sound familiar? It should. Apple has grown in relevance to now face the same frustrations as the Windows platform – fix a hole and watch hackers find a new angle.

On April 23rd, the New York Times reported that “researchers at Intego, another computer security firm, discovered that a new variant of the malware, called Flashback.S, continued to spread through the same Java vulnerability. Security researchers said the variant was “actively being distributed in the wild” and noted that the malware deletes traces of itself on victims’ machines to avoid detection.

Today (April 24th) the Wall Street Journal reported that security firm Sophos released new research that analyzed “100,000 Mac computers running its free anti-virus software, and discovered that one in five machines was found to be carrying one or more instances of Windows malware.” And that “2.7 percent (one in thirty six) of Macs were found to be carrying Mac OS X malware.”

The Journal article included comments from Graham Cluley, senior technology consultant at Sophos, who said “Some Mac users may be relieved that they are seven times more likely to have Windows viruses, spyware and Trojans on their Macs than Mac OS X-specific malware, but Mac malware is surprisingly commonly encountered. Mac users need a wake-up call about the growing malware problem.”

“The simple fact is that you can scan your Mac for infection from your armchair. The test is painless and free; you just download an anti-virus product and allow it to check your computer and protect it against infections in the future,” explained Cluley.

At the end of the day the question is this, will Mac users be any better than Windows users at securing their devices with anti-malware tools?



Flashback Trojan has Infected Over 600,000 Macs

April 19, 2012

This week Apple patched a flaw in their Java code to prevent Macs from becoming infected with the Flashback Trojan – a malicious program that steals infected users’ user names and passwords, and has continued to evolve to exploit other elements.

Unfortunately, the malware has run rampant the last two months – when the malware was first detected. The Russian antivirus company, Dr. Web, reports that over 600,000 Mac’s are infected – and that 56% of the infected Macs are in the hands of U.S. consumers.

A ZDNet article includes these links for Mac users to get “the new version of Java that patches the security hole in question from Apple here: Java for Mac OS X 10.6 Update 7 and Java for OS X Lion 2012-001. Additionally, F-Secure has instructions on how to remove this malware if you think your Mac may already be infected.”

If you are among the Mac users who have clung to the belief that Macs don’t need strong malware protection, let this be a wakeup call.


Giving Technology This Season? Use McAfee’s 10 Tips to Keeping Devices Safe

December 21, 2011

Tech items are wish-list toppers again this year, and if you’re among the millions planning on giving devices, don’t forget to include the safety, privacy and security tools and education that are needed to ensure the recipient is protected. This festive tip sheet from McAfee helps identify areas to think about.


Most Users with Free Android Antivirus Scanners aren’t Protected

November 30, 2011

Many free AV apps exist for the Android market but new comparisons by AV-TEST, a globally recognized security institute out of Germany, uncovered sobering security failures when they took the AV products through their paces.

The products to come out best were for-pay services from “Kaspersky and F-Secure, which detected at least 50% of all malware samples already in inactive state.”

Among the free options “Zoner AntiVirus Free was best with 32% detected malicious apps. All other scanners detected at best 10% of the apps; some didn’t detect anything at all.” Commenting on the results AV-Test said, ‘the circulation of obviously near to useless security apps endangers those, who trust them.’

AV-TEST’s test results are shocking, particularly as the advice given by security experts is that all smartphone users need anti-malware software in place. Yet those who diligently installed one of these free programs, has an entirely false sense of security.

The program with the lion’s share of installations is Antivirus Free by Creative Apps who, along with GuardX Antivirus and LabMSF Antivirus beta, failed to identify any malware in either the manual or real-time on installation scan.

Not only should these ineffectual products be purged from the Android market, there should be a howl of protest from consumers insisting that apps claiming to protect consumers actually do so – and be required to show how well they protect in their descriptions.

Below are two tables from the research, click here to read the entire report.


Estonians Charged For $14 Million in Click Fraud – Is Your Computer Infected?

November 22, 2011

In a particularly advanced two prong click fraud scheme, 7 men are charged with infecting 4 million computers worldwide – 500,000 in the U.S. alone. Once infected, the criminals would redirect users search results to websites that would pay the criminals a referral fee, so the more searches they redirected, the more money they made. The second method used was to replace legitimate ads on websites with ads from companies that paid for referring clicks.

In a statement by Janice Fedarcyk, assistant director in charge of the FBI New York office, “They victimized legitimate Website operators and advertisers who missed out on income through click hijacking and ad replacement fraud.”

Hijacked sites included The Wall Street Journal and ESPN. An article in the New York Times included the following illustration of how ESPN ads were swapped; the page shown on the left has a legitimate Dr. Pepper ad, while the ad on the right is for a timeshare company that paid for clicks.

Called the biggest cybercriminal takedown in history, the FBI worked with international law enforcement agencies, security companies, and security experts for over two years to crack the case.

This malware that infected both the Windows and Mac operating systems did not target consumer information; it was designed to defraud advertisers and website companies, but in order to avoid detection by antivirus software the malware blocked antivirus updates. This means that infected users were (and are) vulnerable to other malware.

What this means to you:

Although the FBI has replaced the malicious servers involved, infected users remain infected with the DNSChanger malware, and any other malware that was able to crawl into computers while security software updates were blocked. If you’ve seen unlikely ads or suspect your machine may be infected, the FBI has created a website that will help you detect the malware and get rid of it.


Great Infographic with Sobering Stats on Mobile Malware and User Ignorance

September 12, 2011

Over half (53%) of smartphone users say they are unaware that there is security software available for smartphones according to research by security company BullGuard, a shocking data point when mobile malware is skyrocketing.

In just the first six months of 2011, malware aimed at the most vulnerable platform, Android, has grown by 400% according to BullGuard, but that isn’t to say that Symbian, Apple or Windows Mobile users are safe.

The company has just released a new infographic titled Mobile Malware: – The Growing Threat of Smartphone Hackers & What You Need to Know’ that gives a great overview of the landscape of mobile malware, the lack of awareness about mobile threats among consumers, and what to expect for the second half of this year and into 2012 (the news isn’t great).

By the time you’ve finished scanning through the infographic, you may just be persuaded to install the mobile security software smartphones now desperately need.


Commtouch’s Internet Threats Q2 Trend Report Another Sobering Read

July 22, 2011

Bad news always outweighs the good when talking about online security, and a new report from Commtouch just underscores this point.

The good news is that spam volumes are down nearly 30%, to a measly 113 billion a day, thanks to the takedown of the Rustock botnet.

That includes a downturn in pharmacy spam though this category still represents 24% of all spam.

The bad news on the spam front is that spammers are now using compromised email accounts – so expect more spam coming from friends and family’s accounts.

Additionally, the report found that zombie activity skyrocketed with an average turnover of 377,000 new zombies per day targeted at sending malware and spam. This represents a 68% increase over zombie volumes in the first quarter of the year. India remains the top zombie producing country now hosting 17% of the global population, followed by Brazil and Vietnam.

Whether or not you think of pornography as ‘dirty’ the websites hosting porn really are dirty. Pornography and sexually explicit content sites rank highest in the most-likely-to-contain-malware contest, followed by parked domains and portals.

Education websites interestingly enough come in fourth place for categories infected with malware ahead of entertainment and business. This may be because scammers are smart enough to suspect users will be less cautious on educational sites, or the reason may be that educational sites aren’t very well protected and make easy targets.

The bottom line

Criminals continue to increase the number and creativity of their exploits; letting your guard down for even a moment increases the likelihood that you’ll be their next target.