Monday, November 27, 2006

Mac (OS X) as a target for malicious attacks.


Well, it seems now adware creators are targetting Mac. One of the features of Mac is to allow the installation of a system library without prompting the user. And this is exactly the loophole the adware creators needed. The information related to the proof-of-concept adware program was released by F-Secure in their blog. What this adware does is to launch the Safari browser each time an application is opened. F-secure has not not given more info on this. But it seems there is more than meets the eye. For now the adware is called the
iAdware.

Symantec conducted a recent study on the Mac OS X and one of the important things they have mentioned is that since OS X has historically been untargeted by malicious people many of it's users would be unsuspecting of nefarious and malicious activities. The Mac users are relatively unafraid and unsuspicious when it comes to downloading files because of the basic comfort level arising out of the less number of attacks in the past. But this could be a thing of the past since Mac is slowly but steadily become the target of attacks.

One of the basic things to be noticed is that there are currently at least three publicly available RootKits viz:- WeaponX,OSXRK and Togroot targetted at Mac. The chkrookit available at Chkrootkit.org is the ANti-RootKit which is freely available for Mac users to combat the RootKit attacks.

I suggest that Mac users download this PDF file released by Symantec and have a look at least at the "Defenses" part that starts from page 21. to ensure you are protected.

Related Reading:-
What are RootKits.

Google