Skip to main content

New malware revives Mac vs. Windows security debate

New malware, which can be blocked by anti-virus software, has renewed a timeless debate about Mac vs. Windows security.
New malware, which can be blocked by anti-virus software, has renewed a timeless debate about Mac vs. Windows security.
STORY HIGHLIGHTS
  • A "trojan horse" called Mac Defender is telling Mac customers they must install anti-virus software
  • If a customer agrees, the program loads porn sites on their computer
  • Despite some perceptions, experts say the Mac isn't more secure than Windows
  • Anti-virus software will help protect your system from being infected, but it's expensive
RELATED TOPICS

(Wired.com) -- A new piece of malware has caused an uptick in Apple customers reporting infected machines, renewing a timeless debate on the state of Macintosh security versus Windows.

The trojan horse is called Mac Defender. It's a web pop-up containing a spoof message that tells customers their machines are infected by a virus and they must install anti-virus software. If customers agree to install the software, the program sporadically loads porn websites on their computer.

ZDNet writer Ed Bott was first to spot a long thread of complaints in Apple's support forums related to Mac Defender, with at least 200 posts of customers reporting they've been infected by the malware.

"I've done similar searches in the past ... [and] I have never found more than one or two in-the-wild reports," Bott wrote. "This time, the volume is truly exceptional."

Furthering his case, Bott in a follow-up article quoted an AppleCare technician who claims that phone calls to AppleCare support have grown four to five times recently, and the majority of the calls are related to Mac Defender.

Customers and technology observers have debated for years whether the Mac is truly more secure than a Windows PC.

The general consensus among security researchers is that there's nothing about the Mac that makes it inherently more secure than Windows -- indeed, the Mac platform has been easily penetrated in the Pwn2Own hacking contest in years past. But Windows has always been a juicier target for malicious hackers because it has much larger market share than the Mac.

As a result, when customers switch from a Windows to a Mac, they're often under the impression that they're switching to a more secure, sterile environment where they won't need to install expensive, resource-hogging anti-virus software. While it's not true that the Mac is more secure, theplatform is generally "safer" because fewer people target it, security researchers have told Wired.com in the past.

Bott's discovery renews this debate: A new piece of malware seems to be fooling more Mac customers than past examples. So does this change the scenario? Should Mac customers install anti-virus software by default like most Windows customers do?

Charlie Miller, a security researcher who has repeatedly won the annual Pwn2Own hacking contest by hacking Macs and iPhones, told Wired.com he doesn't think so.

Miller noted that Microsoft recently pointed out that 1 in 14 downloads on Windows are malicious. And the fact that there is just one piece of Mac malware being widely discussed illustrates how rare malware still is on the Mac platform, he said.

And while 200 posts complaining about Mac Defender in Apple's support forums may seem like a lot, that's still a small fraction of the millions of Mac customers in the world.

While Mac Defender does show that the problem is getting worse and people should be more wary about malware, it doesn't necessarily mean that every Mac user today should rush to buy anti-virus software, Miller said.

Ultimately, it's up to the customer because there's a trade-off involved. Anti-virus software will help protect your system from being infected, but it's expensive, uses system memory and reduces battery life.

"Mac malware is still relatively rare, but is getting worse," Miller said. "At some point soon, the scales will tip to installing antivirus, but at this point, I don't think it's worth it yet for most people."

In looking into the effects of Mac Defender, Wired.com's sister publication Ars Technica did a thorough investigation on the state of Mac malware, speaking with 14 Mac support specialists.

"The truth is hard to tease out," ArsTechnica's Jacqui Cheng wrote. "Partly because Mac OS X still makes up a comparatively small percentage of the global OS market share, and partly because Apple itself is a secretive company, it's not easy to find out whether malware on the Mac is indeed becoming more common, or it's simply being reported on more often."

The results were all over the map, with most certified Mac support specialists logging a low number of malware reports. But some Apple Genius Bar technicians noticed an uptick in malware instances, thanks to Mac Defender.

Though the conclusion is unclear, the moral of this story is to be wary that Mac malware is in the wild, and be cautious about installing sketchy software from unfamiliar sources. Mac Defender may be the first wake-up call for people who believed that Macs don't get viruses.

Subscribe to WIRED magazine for less than $1 an issue and get a FREE GIFT! Click here!

Copyright 2011 Wired.com.

[TECH: NEWSPULSE]

Most popular Tech stories right now