Why Mac users need to grow up about viruses
Social engineering affects Mac users, too, says Graham Cluley
Pardon me for ranting, but I think I've had enough.
I've been working in the computer security industry for umpteen years, and have lost count of the number of times I've had to explain to a Windows user how they really shouldn't open unsolicited attachments, or how installing a codec to view a naked video of Angelina Jolie and Paris Hilton enjoying themselves in a bubble bath is a really bad idea.
It feels like I'm knocking my head against a brick wall sometimes - however much you explain to people that it's often their silly mistake which meant they ran the virus or installed the Trojan, they still allow their trousers to overrule their brain and make the important decisions for them.
"Yes, I know there are lots of viruses out there but maybe this time it really is a nude movie of Christina Aguilera that I've found on this website," seems to be the thinking.
Over the years, some of these computer users have probably been so battered by spyware attacks and irritating pop-ups that they may well have decided to ditch their pox-ridden PC altogether and switched to an Apple Mac.
And I don't blame them for doing that. After all, the vast majority of malware is written for Windows, not Mac OS X.
Macs aren't immune
Get the best Black Friday deals direct to your inbox, plus news, reviews, and more.
Sign up to be the first to know about unmissable Black Friday deals on top tech, plus get all your favorite TechRadar content.
But that doesn't mean that there is no one trying to hack into your shiny Apple MacBook.
The fact is that Mac malware is being actively distributed by cybercriminals. We have seen more activity on the Macintosh malware front in the last few months.
For instance, in March, Sophos reported on how hackers were planting versions of the RSPlug Trojan horse on websites, posing as an HDTV program called MacCinema.
And this month as well as some lame email worms, we found hackers planting a Mac Trojan called Jahlav-C on hardcore porn websites, posing as - you guessed it - a plugin to allow you to watch the XXX-rated video.
Attacks like the Jahlav-C Trojan are not proof-of-concept threats. They are real, and regular Mac users can get themselves infected.
The thing is that Mac malware today is using the same tricks as Windows malware. When Apple Mac malware is planted on websites posing as a program to allow you to watch a saucy video, guess what? People install it! And when you install it, the malware downloads additional malicious components from a third party server.
That's exactly the same way so many Windows attacks work. You visit a website thinking you're going to watch a naked video of Paris Hilton, Angelina Jolie or some other Hollywood celebrity and it tells you that you don't have the right codec, or the right version of Adobe Flash to watch the movie. And when you upgrade yourself - BAM! - you've been infected.
Yes, there aren't as many Mac malware threats as Windows threats - not by a long shot. But they do exist, and we are seeing some hacking gangs writing malware for both platforms, and planting their attacks on webpages in such a way as to serve up a Mac threat when Apple users visit, and a Windows attack when PC users surf by.
The fact is that Mac users are just as human as Windows users. Mac fans aren't any less susceptible to social engineering tricks than Windows users. Mac users are just as keen to view a pornographic video as Windows users are.
Some Mac users in the past have argued that on Mac OS X you need to enter your system administrator username and password to install software, and that this is a defence.
Guess what? If you want to install a codec to watch a porn video, you will enter your username and password.
-------------------------------------------------------------------------------------------------------
Graham Cluley is senior technology consultant at Sophos, and has been working in the computer security field since the early 1990s. When he's not updating his other blog on the Sophos website you can find him on Twitter at @gcluley.