eXtensions - Saturday 26 August 2017
Cassandra: The Malware Bogeyman Appears - Comparing Apples and Oreos
By Graham K. Rogers
Every once in a while the specter of malware on Apple devices appears and we are all meant to run screaming into the welcoming arms of the purveyors of protection software, although as many of these threats (especially Trojans, macro viruses and phishing) are detected using signatures, someone - or several someones - has to download an infected file first before problems start. In some cases, they may never appear and it is only with the help of research that vulnerabilities are found and (hopefully) patched.
This week we were warned by Paul Wagenseil (LapTop) and Darren Allan (Techradar) about the 220% (or 230%) increase in specific types of malware now being found on Macs with a finger being pointed at the Mac App Store and its certificates. Both of these articles included quotes from the findings of Malwarebytes and a link to that site which - as luck would have it - sells a software solution, Malwarebytes for Mac.
The description on that page, however, does leave me with the question of whether they actually understand the difference between a virus and a Trojan horse (or a worm, for that matter) but still claim the security by obscurity idea: not so many Macs in use, so no one bothers to write malware, which is defeated by their own argument.
They claim that the main threats are from Adware and PUPs: Adware is software that "automatically renders advertisements in order to generate revenue for its author" (Wikipedia); while PUPs are unwanted programs that also seem to deliver advertisements. I thought all these bundling problems were connected with Microsoft's earlier releases?
The article does manage to separate the platforms, in that "threats facing macOS are different than Android or Windows" (no mention of iOS at all), but those PUPs and Adware are taking their toll. To be fair, the article does mention that external sources may be the main threat for such malware. Apple's Gatekeeper will prevent many such downloads unless, like in my case, it is disabled. I am very circumspect about where my non-Mac App Store downloads come from: e.g. MacPhun, Hamrick (Vuescan), and a few others from trusted sites. Like the other articles, this one on TechRepublic closes with a "We are all doomed warning" and another link to the Malwarebytes site.
Her words are almost taken verbatim from what the sources I outline above, although in the Mail's style you may doze off with the way the text is repeated (under images and again in block format). As well as the "tidal wave" of scam software, this is apparently from the Mac Apple store (sic), which none of the other sources have (two correctly cite the Mac App store).
She also mentions the ProtonRAT Trojan which only Paul Wagenseil (LapTop) mentioned, although she does have a good description of how it works as well as a rehash of the FruitFly threat: again of a couple of months ago.
Graham K. Rogers teaches at the Faculty of Engineering, Mahidol University in Thailand. He wrote in the Bangkok Post, Database supplement on IT subjects. For the last seven years of Database he wrote a column on Apple and Macs. After 3 years writing a column in the Life supplement, he is now no longer associated with the Bangkok Post. He can be followed on Twitter (@extensions_th)
For further information, e-mail to
Back to Home Page