3 Reasons Why You Shouldn’t Be Surprised by Mac Malware

by Monique on June 24, 2013

Apple Mac

Many were alarmed when Topher Kessler released a blog post talking about the “first” viral malware compromising Macs. According to the post, the malware’s name is “Clampzok.A”.

This virus is capable of propagating and altering binary files on infected systems. He further added that the malware’s code was originally released in 2006 and was written in assembly code to primarily infect Windows and Linux operating systems. He insists that this is the first ever Mac threat ever discovered.

But he’s wrong. Mac threats have existed since 1982, as shown in this Mac virus timeline. In 1982, a fellow named Rich Skrenta created the “Elk Cloner virus”, which can infect the boot sector of any Apple II computer. Additionally, an ESET datasheet traces all the significant Mac threats they found from 2004 to 2012.

Mac threats aren’t really a new breed of threats; they’re just not as voluminous as Windows threats. This is because malware writers don’t see any value in creating Mac malware, since only a small portion of the population owns a Mac.

According to a Sophos’ 2013 threat report, most malware writers find it more profitable to attack Windows than Mac because only a small community uses the Apple product. In fact, one of the new features of OS X Mountain Lion is whitelisting, which prevents Mac users from downloading malicious apps that can harm their machines.

To further illustrate, here are 3 Mac threat categories that will wipe off your obsolete perceptions of Mac malware:

#1 Spyware

Also called as “parasite software”, “scumware”, “junkware”, and “thiefware”, spyware is a type of malware capable of stealing private information, of tracking and recording conversations over IM APPS, and of patching web browsers and network applications to search for user’s personal account information and passwords. Typically, spyware is downloaded together with software freely offered in the web.

In 2012, 600,000 Macs were infected by the spyware Flashback trojan. A botnet that exploits a Java flaw found in Mac OS X machines, Flashback is capable of monitoring an infected machine’s network traffic to steal usernames and passwords.

#2 Worms

Worm and virus are often interchangeably used, but they’re not really synonymous. A worm is a type of malware that automatically replicates itself in infected computers. A virus, in the meantime, doesn’t automatically copy itself—a user has to execute a certain command to trigger replication.

A worm is capable of damaging output, decreasing computer performance and consuming internal disk and memory. There are also occasions in which it deposits a trojan capable of turning infected computer into a botnet.

In 2006, the OSX.Leap.A worm was found. This Mac worm spreads via the iChat instant messaging application and forwards itself as a file called “latestpics.tgz” to the contacts on infected users’ buddy list. Opening a “latestpics.tgz” file will show a hoax JPEG graphic icon that looks harmless.

#3 DNS changers

DNS changers alter an infected system’s network settings to redirect internet traffic to a malicious URL. It usually poses as legitimate downloadable software or application updates for Mac OS X 10.6 Snow Leopard and QuickTime player.

In 2009, OSX/Jahlav.A was detected by security engineers. This malware is capable of redirecting domain name system requests to malicious servers and websites. This Trojan carries a payload that disguises itself as a video software crack keygen that typically uses the following names: QuickTime.dmg, MacTubePlayer.dmg and crack_photoshop.dmg.

Evidently, malware targeting Mac is old news. And as more and more businesses and government agencies show a preference for Mac over Windows, your Mac gets more and more vulnerable to cyber-attacks everyday.

In fact, trusted analyst Frank Gillette reported in a blog post that almost half of enterprises with 1,000 employees or more are installing Macs, and are planning to increase the number of Macs they issue in 2012 by 52%.

With this, it’s inevitable to see an increase in the number of Mac threats in the near future—malware that target not only Apple desktops but also mobile business phones.

Have you been a victim of Mac Malware ?

Image Credit: Luc

177519790dffdaca99d344c8625b27e1delicious

Article by Monique Jones

Monique Jones juggles being a wife to an engineer and a mother to a witty toddler. In her spare time, she involves herself in getting the word out about RingCentral office phone system. Find Monique on Google+.

Monique has written 8 awesome articles for this blog.

If you like This post, you can follow WebTrafficROI on Twitter.

Subscribe to WebTrafficROI feed via RSS or EMAIL to receive instant updates.

MaxBlogPress Ninja Affiliate

WebTrafficROI runs on the Thesis Theme for WordPress

Thesis WordPress theme

Thesis is the search engine optimized WordPress theme of choice for serious online publishers. If you’re a blogger like me who does not understand any code or technical elements, Thesis will give you a ton of functionality without having to alter any code. For the advanced, Thesis has incredible customization possibilities via Thesis hooks.


With so many design options, you can use the template over and over and never have it look like the same site. The theme is robust and very flexible, the Thesis Theme helps WebTrafficROI to run far more efficiently than ever before.

{ 8 comments }

Riza June 25, 2013 at 7:16 am

That’s some seriously scary stuff. Thanks for the heads up though and explaining things. A little more knowledge and worries will go away. Reality bites though. With the seeming increase of Mac users, these malware will also increase. But that’s life, I guess.

Nice information, Monique! Your article has been shared and “Kingged” on the IM social networking site, Kingged.com.
http://www.kingged.com/3-reasons-why-you-shouldnt-be-surprised-by-mac-malware/

Martin June 25, 2013 at 9:21 am

If you don’t have Java installed, however, Apple has taken some steps to ensure that you are not in danger if at all possible. If you still have Java 6 installed, which is what is installed automatically on your system whenever you try to open a Java app, Apple has completely removed the Java web applet plug-in. This means that users of Java 6 cannot run Java applets embedded in web sites, which is the real source of concern with regard to Java. Those users do not have anything to fear from future “drive-by downloads,” installed through Java vulnerabilities by an applet on a web site.

ZK June 30, 2013 at 5:37 am

Thanks Martin for this update

Rew June 25, 2013 at 9:24 am

I’ve always suspected that the whole “Mac’s don’t get viruses” thing was not completely true. Now I’m completely positive. I’ve been a huge proponent of Macs ever since my wife got one 4 years ago, in fact its my Mac now and she has a MacBook Pro.

While Mac’s may still have to deal with some of the headaches of Malware, I do think Macs have it way more together than any Windows OS. I’ve seen 4 updates of Mac OSX and I’ve only seen improvements. With the last few releases of Windows I’ve seen a complete overhaul of the OS and then a struggle to get it working correctly with umpteen hundred updates.

I’ve never had a Windows computer last more than 3 years before it gets completely screwed, even after wiping the hard drive and re-installing. However, it seems to me that Mac’s are getting a lot more popular. Only a few years ago it was rare to find someone with a Mac, now it seems everyone I know either has one, or is getting one.

Apple owns my soul, and I’m Ok with that.

ZK June 30, 2013 at 5:41 am

Hi Rew,

Can I invite you to write about your Apple product experiences on this blog , you can become a guest contributor by clicking the below link
http://www.webtrafficroi.com/guest-post/

Let me know if you have any questions, I look forward to seeing your posts published on this blog :)

Womens Clothing June 26, 2013 at 8:57 am

I use to think that only Windows users are facing these threats and Mac users are feeling relax but today it is revealed that Mac users are also suffering from these threats but every threat has solution.

logodesignservices June 27, 2013 at 2:43 am

Before read your post i was completely unaware about this Mac Malware. It is absolutely clear that every system and website need to get protection from these kinds of Malware. Everyone is using internet for business as well as personal purpose therefore there is more need to protect our systems. In this scenario your shared information is very important and helpful to find out the problems and its solution.

Cycling June 29, 2013 at 4:36 am

The problem is inevitable as Macs become more popular. I’ve tried to explain to a few of my friends more than once that Macs aren’t really targeted yet simply because they’re not worth it compared to a Windows system, but they continue to believe it’s some inherent Mac superiority that protects them. It’s only a matter of time until they learn they’re wrong the hard way.

Comments on this entry are closed.

Previous post:

Next post:

Webtrafficroi on Twitter Webtrafficroi on Facebook Webtrafficroi RSS Feed