Think your Mac is safe from hackers?

Walking in from the brisk autumn weather that blankets our campus and into your first lecture of the day, you are greeted with a glowing ambience of laptops. With keys clacking and notes noted, you couldn’t help but be distracted. After a time your attention has starts to wane and your eyes start darting around the room. Eventually you notice that five or six out of 10 of the laptops in the room have softly glowing Apple logos. You may look at these fashionable art students, graphic designers, music students or tech geeks with envy. You’ve probably seen the catchy commercials in which Justin Long informs a despondent John Hodgeman that Apple’s operating systems are impenetrable to the feared internet infections or as Justin puts it: “Macs don’t get viruses.” You could be forgiven for succumbing to the juicy appeal of having one less thing to worry about, such as your system crashing thanks to a pimply, pubescent problem child who spends his weekends locked in the basement writing code for viruses. I regret to inform you that this is not the case now, nor will it likely ever be.

Recently, the annual Virus Bulletin Security (meeting of people fighting malware such as viruses and spam) conference was held in Geneva, Switzerland, and the security of Mac operating systems was a large point of interest. A researcher from the anti-virus software company Sophos, Dmitry Samosseiko, presented a talk on the discovery of a network of phony Russia-based websites vending everything from fake pharmaceuticals, to fake pirated software and movies. The name given to this evil-genius internet-empire is called the Partnerka.

Now, I am not trying to say that the USSR is back and they are taking over the Internet, but this is a group of people who are annually grossing thousands of dollars from sales of impotent Viagra, and in my mind, any organized group of people pushing that many fake penis plumping pills is something to be concerned about.

“What does this have to do with my Macbook?” you might be asking. Well, currently the same group of bearskin-hat wearing hackers and web spammers who have made a living selling phony penile promises are channeling internet surfers towards their own websites, which advertise free or cheap copies of software applications specifically for Macintosh’s supposedly secure OS X.

There are a growing number of financially motivated hackers specifically targeting Mac users.
Ironically, virus scares weren’t an issue for this operating system in the past because the number of users happened to be much smaller, and therefore not of much concern to virus designers. However, as more and more Windows user are converted from clunky laptops to sleek Macbooks the attraction for hackers to mess with Mac-users becomes more appealing.

The pervasiveness of Macs can be seen in our own city and university, one need only walk to the back of the U of M BooksStore, where there is a small licensed Apple retailer, or drive to Polo Park, where a short while ago a brand new Apple store was opened, enthusiastically pumping out fresh aluminum laptops and desktops into the hands of keen consumers.

Now, if you are a computer-savvy person who loves file-sharing, or just downloading in general, and if you happen to be a Mac user, you should be rather more cautions than a certain Mr. Long would have you believe. A recent virus , which got a lot of media attention was embedded into a pirated release of a version of the productivity software iWork ‘09 that once installed, deposited an difficult to notice and difficult to repair trojan. This vulnerability was pointed out back in spring 2009, but it still remains a threat to those who download the application package from an untrustworthy site. The install file contained everything that the normal iWork ’09 included from Apple, however it also had a small bootable package that loaded as soon as you installed iWork. Once this trojan loaded it connected to an online repository and began funneling other trojans into your beloved computer. This may sound like any other trojan you may find by accidentally stumbling onto a pornographic website while looking for new a cookie recipe — damn you, Gingersnap.com — but it is more severe than your average information infection. This trojan has the ability to rewrite other applications and will instantly hide in back up drives and other files.

Now, if you have heeded the warnings contained in this article you’re hopefully going to reconsider your security and install some anti-virus software on your Mac, but don’t get comfortable; your iPhone or iPod touch isn’t any safer. Recently Apple released an update for the popular touch-screen devices. The v3.1 software update patched some the security flaws that were discovered in the long awaited v3.0 update. These security flaws were reported at the Black Hat cyber security conference — a conference supporting a group of mostly reformed hackers who meet annually in Las Vegas. The flaws allowed an unscrupulous individual to send a text message attack, allowing them to turn on your built-in microphone or enable your handy dandy GPS, letting the hacker to listen in to what you were saying and know where you are. This flaw has since been patched, as the Black Hat community was nice enough to report it to Apple.

Quite literally, the Russians (amongst others) are indeed coming, and hiding under your desk won’t stop them. Even if you aren’t the type of person who hunts out the latest DVD rip or free copies of applications like Photoshop, it’s a good idea to consider installing an anti-virus application on your Mac. If you don’t, you’ll likely be sorry.