Graham Cluley Just a few years back, Apple would proudly claim that their systems were virus free. Then the popularity of Apple increased and criminals had a good reason to spend time creating malware targeting that much larger user base. Then last week, just hours before the release of Mountain Lion, the latest version of the OS X operating system, new malware was discovered highlighting the need for Apple Mac users to protect their computers with anti-virus software. Sophos researchers found that the new Morcut Mac OS X malware, also known as “Crisis,” was distributed as part of a multi-platform attack, designed to hit both Windows and Mac users – embedded in an archive file which pretended to be Adobe Flash Player. The threat is complex and when run on an OS X system drops multiple components, reconfigures system settings and installs a backdoor and rootkit combination that connects to a remote server and waits for instructions from malicious hackers. When run on Windows systems, a version of the Swizzor malware is installed instead. “Analysis of this malware is ongoing, but Mac users are protected right now if they are running a good, up-to-date anti-virus,” said Graham Cluley, senior technology consultant for Sophos. “The good news is that this threat has not been seen in the wild so far, but we are seeing increasing evidence of cybercriminals exploiting the fact that many Mac users have still not got the message that they need to protect their computers. There is much less malware for Macs than there is for Windows, but that doesn't mean it's non-existent. If Mac users are too laid-back about security and leave their bellies exposed, they're asking for trouble.” SophosLabs' experts are continuing to analyze the Morcut malware, and warn that even if the threat does not break into the wild, the techniques it uses could be deployed by other malicious hackers in the future. Mac users have been largely complacent and smug about security, thinking that it's Microsoft Windows users that need to protect against malware. But Cluley advised that more and more malware is being written for Mac OS X as cybercriminals discover there is an opportunity to make money on the platform. Therefore it's a sensible move to protect Apple Mac systems with anti-virus software, especially if the software is free. Sophos makes available a free anti-virus for Mac home users that can be downloaded from www.sophos.com/freemacav. “Earlier this year we saw 600,000 Macs infected with the Flashback botnet, and there has been a spate of fake anti-virus attacks on the platform in the last year or so,” said Cluley. “More Mac users have come to realize that Internet criminals are likely to target Macs more in the future, especially as they are considered a ‘soft target' because of the low adoption of anti-virus software. Mac users should be responsible members of the Internet community and protect their computers for the benefit of us all.” Follow Graham Cluley on Twitter: http://twitter.com/gcluley
