Macintosh Malware + Twitter = Greater Vigilance (If You're Smart) - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
IT Leadership // IT Strategy
Commentary
6/26/2009
06:51 PM
Jake Widman
Jake Widman
Commentary
50%
50%

Macintosh Malware + Twitter = Greater Vigilance (If You're Smart)

Tweets from a respected Macintosh evangelist inadvertently contained links to a Trojan horse aimed at Macintosh computers. The incident should serve as a warning to Mac-using SMBs that while their Macs aren't nearly as subject to malware attacks as Windows machines are, that's not a guarantee that nothing bad can happen.

Tweets from a respected Macintosh evangelist inadvertently contained links to a Trojan horse aimed at Macintosh computers. The incident should serve as a warning to Mac-using SMBs that while their Macs aren't nearly as subject to malware attacks as Windows machines are, that's not a guarantee that nothing bad can happen.One of the better reasons for basing your business on Mac computers is that there has never been as much malware, adware, spyware, and so on for Macs as our Windows-using brethren have to contend with. That not only simplifies your IT tasks, it provides a better level of information security.

But that doesn't mean your Macs are immune. Several proof-of-concepts have demonstrated that someone can hack into a Mac, and recently Mac malware has started to show up in the wild. The debate continues over whether the reason there isn't more is OS X's inherently better resistance or just the fact that compared to Windows machines, the Mac doesn't afford a target-rich environment. Unfortunately, more Mac means more targets.

The recent case involves a Trojan called OSX/Jahlav-C. First reported in early June, this bit of nastiness comes disguised as software required to watch a pornographic video. It identifies itself as a Video ActiveX Object, which should set off alarm bells in savvy Mac users' head already, as ActiveX is a Windows technology.

Downloading the file opens what looked like a standard Mac installer for a tool called MacCinema. But what the program really installs is an "AdobeFlash" shell script which in turn contains a Perl script. The Perl script can communicate with a remote website and download more code, though it's not clear whether that's actually happened to anyone.

Earlier this week, Guy Kawasaki's Twitter feed invited viewers to download a "Leighton Meester sex tape video free." (Venture capitalist Kawasaki was part of the original Mac marketing effort and has almost 140,000 Twitter followers.) Anyone who followed the link and the instructions would have installed OSX/Jahlav-C on their machine. Kawasaki had nothing to do with the process--his Twitter account automatically retweets material posted to the NowPublic user-contributed news site, and that was the source of the bogus Meester story.

The point of all this is not to slam Kawasaki or make fun of Twitter. It's to serve as a reminder to you and your staff that smugness (however justified) is not in itself a defense. Windows users have learned the hard way that no business can afford to be cavalier about security. The smart Mac SMB will pay attention to incidents like this week's and learn that lesson the easy way.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
Future IT Teams Will Include More Non-Traditional Members
Lisa Morgan, Freelance Writer,  4/1/2020
News
COVID-19: Using Data to Map Infections, Hospital Beds, and More
Jessica Davis, Senior Editor, Enterprise Apps,  3/25/2020
Commentary
Enterprise Guide to Robotic Process Automation
Cathleen Gagne, Managing Editor, InformationWeek,  3/23/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
IT Careers: Tech Drives Constant Change
Advances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!
Slideshows
Flash Poll