The latest malware attack on the Mac OS has largely blown over, though I still hear people talking about Flashback and viruses on the Mac. One thing that keeps coming up are the amount of people calling Flashback a virus when it’s actually a trojan. Intego, an antivirus software company, runs a Mac security blog and they did a pretty good article recently on the various terms for different types of malware, so I thought I’d share some of it with you.
Most people seem to lump all malicious software into the term “virus.” This is inaccurate. All malicious software can be lumped into a catchall term of malware. Viruses are a very specific type of malware that replicates and spreads itself once installed on the computer. To my knowledge viruses are still pretty rare on the Mac, mostly because the majority of black hat hackers are writing code for Windows-based systems. What Macs are currently vulnerable to are trojans. These are malware that masquerade as legitimate programs and are installed by the user. Once installed they can cause harm to your system.
Flashback was a trojan (as was MacDefender) that hit last year, and both of which were done by the same people. Flashback disguised itself as an Adobe Flash updater and once you installed it, it would redirect certain ad-centric web traffic to a different server. Had it worked like the hackers planned, the revenue for those ads would have gone to them rather than the advertisers. These trojans almost always require user intervention to install themselves. So if you’re not paying attention to what you’re clicking on or entering your passwords for you are vulnerable.
I think it’s a good idea nowadays to have antivirus software installed on your computer. While the majority of malware out there will not affect your computer, that number is going to change. The market share of Apple computers is increasing, and with the popularity of iPhones and iPads we’re becoming more of a target to nefarious computer users. There are many antivirus programs on the market, and some are better than others. Some will slow your machine down to a crawl and others let your machine still run great but don’t actively scan your hard drive.
I’ve gone back and forth between Sophos and ClamX, and it really comes down to personal preference. If you’d like to read Intego’s article on security jargon (I’ve only covered a small fraction here) you can read it here.