Every other week, I host a Security Fix Live chat with readers, and almost invariably, one of the questions that comes up is: “Hi. I’m a Mac user. Should I be using anti-virus software?” I usually answer that while there are very few recent examples of malicious software in the wild built for Mac users, no amount of protective software should be seen as a substitute for using your head when surfing the ‘Net.
One of the more amusing statements I’ve heard from at least a couple of Mac users who are also Windows users is that they only do the stereotypically “risky” online activities — such as surfing random porn sites — from their trusty Macs.
This is interesting because it looks like some of the same tactics that malware writers have used to install malicious software via porn sites on Windows PCs have taken a step into the Mac world. For years, scam artists have been using the demand for online porn as a way to trick Windows users into installing fake video “codecs,” malicious software disguised as a program that supposedly enables the user to view protected video content (probably no one has covered this trend more exhaustively than the corporate blog from anti-spyware firm Sunbelt Software.)
According to an alert issued Monday by Intego, a company that sells anti-virus software for the Mac, a number of Mac user forums are being spammed with links to video porn sites that prompt Mac users to install one of these magic codecs. Intego says the trade-off is hardly worth it, as Mac users who agree to install the software don’t get to view any additional racy material, and yet they’re left with a nasty little rash on their machine to boot.
Intego says the bogus codec silently changes the user’s DNS settings so that when they visit certain financial sites — such as eBay, PayPal, and those of several banks — the victim is routed to a counterfeit look-alike site designed to swipe their credentials. In addition, it appears that undoing the damage wrought by this Trojan horse program is fairly tough.
So what lessons can we learn from this? Whether you use a Mac or a PC or a Linux box for that matter, it pays to avoid risky behaviors, period. For Mac users, the riskiest of those actions includes installing software of dubious origin.
That said, my Macbook Pro came with the corporate edition of Symantec’s anti-virus software installed (by our IT folks). But I’m wondering how many other Mac readers have installed anti-virus software, and if so — what software you’ve settled upon?
Malware-Laced Banner Ads At MySpace, ExciteNew QuickTime Version Plugs 7 Security HolesBarbara Moratek Is Not Your FriendMicrosoft Plugs Critical Windows Security HoleKaspersky Decides Windows Explorer Is A Virus