Gotcha! Macs lose their innocence

Still believe your Mac is secure because Microsoft PCs fall prey to viruses and worms but Macs don’t? Time to wake up! This year has seen the first major compromise of Macs worldwide*. How is yours doing?

 

The “Flashback” Trojan is affecting Apple’s own variant of Java and compromises Macs via so-called drive-by infections, i.e. when you visit an appropriately prepared (infected!) website - and this might not necessarily be a site with questionable contents, but could well be a popular, reputable one. Security Companies worldwide have been monitoring this particular Trojan for a while and have estimated that more than half a million Macs were compromised. Connected to a few central command and control servers, the compromised Macs were then supporting the malicious activity of the bad guys! Fortunately, the security companies have now been able to take over those command and control servers and stop their destructive drive.

So, Mac users, face the fact that timely patching and running of anti-virus software is also good for the well-being of your Mac (and your nerves). Keep your operating system up to date and use the “Software Update” mechanism which is accessible under the Apple menu. If you run an older Mac OS version, upgrade to MacOS 10.6 or 10.7 by following the instructions provided by the CERN Mac Support Team. You can find out which version of the operating system your Mac is running by clicking on the “About This Mac” item in the Apple menu.

PLEASE NOTE that running “Software Update” does NOT update to newer major versions of the operating system! In order to move to a newer major version (e.g. 10.6 or 10.7) you have to explicitly install that major version.

In addition, you can get free anti-virus software from CERN. Finally, only move up to "administrator" rights where it is strictly necessary, and elsewhere stick to restricted “user” rights.

*Interestingly, the very first ever virus (called “Elk Cloner) targeted Macs in 1981, five years before the first IBM/DOS virus (see here).


For further information, please check our recommendations or contact us at Computer.Security@cern.ch.

by Computer Security Team