MacDefender rogue antivirus requires immediate action by Apple

The rash of rogue Apple Mac AV software appearing in recent weeks – culminating in the widely-publicised appearance of MacDefender – highlights the fact that the Mac is just as susceptible to malware as the Windows platform.

The Mac has never been more secure than Windows – it is just that it has been attacked less frequently by malware authors

This situation – as witnessed by the arrival of MacDefender – is slowly changing. We are seeing more attack tools for the Mac OS being released. If this continues, the risk of using a Mac could become similar to the risk of using a PC.

It’s important to note that the relative insecurity of a computing platform is purely based on the amount of effort cybercriminals are willing to put into developing malware that attacks it.

If darkware like MacDefender keeps appearing – as seems quite likely – then sales of Apple Macs to users looking for a “less insecure” computing platform than Windows are likely to fall.

This makes it imperative that Apple addresses the problem of malware rapidly and decisively – something that Microsoft failed to back in the late 1980s and 1990s, when worms and malware were still in their infancy.

MacDefender is a rogue antivirus, which is a well-known concept in the PC world that has recently been ported to the Mac operating system. Once installed it generates fake pop-up messages about the presence of malware on the computer, luring users into handing over their credit or debit card details to purchase a fake product.

This harvesting of payment card details is something that has significant consequences for the user and, of course, Apple. If Apple steps in and decisively solves the problem of rogue AV packages like MacDefender – as Microsoft has done by developing a free IT security package, Security Essentials, for its Windows users – then the problem can be assuaged.

Until this happens, Mac users should only download and install software from Web sites they trust. Additionally, Mac Safari users are encouraged to disable the “open safe files after downloading”, option in their browsers.

Research confirms what many have suspected in the industry for some time, namely that fraudsters are becoming more sophisticated in their use of social engineering tactics.

They also keep coming up with creative new ways to convince people to surrender their personal information and payment card data, which puts money at risk. Mac users need to join their Windows cousins in understanding the need to be safe online and exercise extreme caution when surfing the Internet.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Prior to founding Trusteer, Amit Klein was Chief Scientist at Cyota (acquired by RSA Security) a leading provider of layered authentication solutions. In this role, Amit researched technologies that prevent online fraud, phishing, pharming, He filed several patents in those areas during his time at Cyota. Prior to Cyota, Amit worked as Director of Security and Research at Sanctum (acquired by Watchfire) where he was responsible for the security architecture of all Sanctum products. Prior to Sanctum, Amit spent almost 7 years serving in the Israeli Army as a research officer and project manager. He is a graduate of the prestigious Talpiot programme of the Israeli Army. He holds a B.Sc. (cum laude) in Mathematics and Physics from the Hebrew University (Jerusalem). Amit is also a world renowned security researcher, having published over two dozen articles, papers and technical notes on the topic of Internet security.