X

Intego publishes a 2011 Mac security overview

Following F-Secure's malware analysis for 2011, security company Intego releases its own security report for OS X.

Topher Kessler MacFixIt Editor
Topher, an avid Mac user for the past 15 years, has been a contributing author to MacFixIt since the spring of 2008. One of his passions is troubleshooting Mac problems and making the best use of Macs and Apple hardware at home and in the workplace.
Topher Kessler
4 min read

Security company Intego has offered an overview of the OS X security scene (PDF) in the past year.

The overview summarizes the various malware attempts we've seen on OS X in 2011, but also covers a number of other security vulnerabilities both in OS X and common applications, as well as on social media sites and even e-mail phishing scams.

The article covers a number of details about Mac security, but overall touches on the following key points:

  • 2011 offered the most malware for the Mac since the introduction of OS X.
  • None of the malware was viral in nature (self-replicating, or self-moving).
  • The majority of malware was social-engineering Trojan horses that attempted to trick users.
  • There were no major security vulnerabilities or breaches in the OS X system software.
  • Potential vulnerabilities in OS X and third-party software were tackled in a timely manner.

This report follows a similar analysis recently released by F-secure, which summarized the malware threats that Mac users would contend with. When just looking at malware variants and new releases, F-secure noted two distinct time frames in which malware was released last year, which it describes as "bubbles." On the other hand, Intego's report suggests an overall notable increase in malware, regardless of how and when it was released. However, despite this new "bumper crop of Mac malware," as described by Intego, the company outlines that vulnerabilities in OS X and third-party software have been tackled and closed in timely manners. Despite this, some relatively notable malware attempts, such as the MacDefender scare, are bringing the idea of Mac malware to the masses.

Despite an increase in malware, the amount of it for OS X when compared to other platforms is minimal, with only 58 new malware variants (according to F-secure) when compared to more than a million new variants per year for the rest of the PC industry. Additionally, Apple and the developers of third-party software have tackled vulnerabilities in timely manners, before they were exploited by hackers, making OS X a solid and secure platform to use.

The largest threat to OS X users going forward will likely continue to be social engineering threats (Trojan horses), and while one approach to managing these is to keep anti-malware software installed and updated on your system, the best approach is educating yourself on security and recognizing malware and phishing attempts. A number of articles have outlined how to do this over the past year, but in general if you keep the following ideas in mind when using your system, you will greatly reduce your chance of being caught in a scam:

  1. Is it offering me something or asking for something
    The biggest way to spot a scam is to see whether or not the warning or message you see is ultimately asking you for something. Does it want you to upgrade, pay for a license, install a program, or visit a specific Web site? It does not matter if the program is running on your system, or in a Web browser, or is merely an e-mail. If you have never seen it before and it is requiring you to upgrade or pay in order to work, then do not trust it and close it down.

  2. Is it a Web page
    If you suspect a scanning window or warning message, quit all Web browsers on your system to see if the scanning progress or warning window goes away. If so, then you know it was a scam or at least an advertisement and should not be trusted.

  3. Did you install it?
    Know what is on your computer! Take the time to see what applications are on your system and open them to see how they behave and what they are for. Do this for every program you intentionally download so you will be able to recognize it when it is running. Therefore in the future if you see a program either scanning or otherwise running on your system that you suspect you have not installed, then close it down and check it out by searching the Web or visiting support forums like the Apple Support Communities to see whether or not others are seeing the same messages.

  4. Post a screenshot
    Nobody expects everyone to understand what a scam might look like, but there are many resources available for getting help. One of the biggest ones are user forums such as the Apple Discussion boards on which you can get answers from other Mac users. If you see something on your system that you are uncertain of, then the easiest way to investigate it is to press Shift-Command-3 to take a screenshot (the resulting file will appear on your Desktop). After doing this, open it in Preview to crudely crop it if needed, and then post it on the forum to show others your concern and get feedback about what is the best course of action to take. Doing this before clicking on or installing any suspicious links will help you understand whether or not it is a scam.


Questions? Comments? Have a fix? Post them below or e-mail us!
Be sure to check us out on Twitter and the CNET Mac forums.