{"id":2943,"date":"2010-06-18T15:29:52","date_gmt":"2010-06-18T19:29:52","guid":{"rendered":"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/?p=2943"},"modified":"2022-12-30T15:18:13","modified_gmt":"2022-12-30T20:18:13","slug":"full-av-needed-for-macos","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/full-av-needed-for-macos\/","title":{"rendered":"Full AV Needed for MacOS"},"content":{"rendered":"<p><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"wp-image-2947 alignleft\" style=\"border: 0pt none; margin-top: 4px; margin-bottom: 4px;\" title=\"malware\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/2010\/06\/malware-e1562350375853.jpg?resize=97%2C97&#038;ssl=1\" alt=\"\" width=\"97\" height=\"97\" \/>The Mac antivirus vendor<a href=\"http:\/\/www.intego.com\/\" target=\"_blank\" rel=\"noopener noreferrer\"> Intego<\/a> has identified a new malware threat for MacOS. On the <a href=\"http:\/\/blog.intego.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Mac Security Blog<\/a>, the firm <a href=\"https:\/\/web.archive.org\/web\/20110209154208\/http:\/\/blog.intego.com:80\/2010\/06\/04\/spyware-is-back-in-tainted-screensavers\/\" target=\"_blank\" rel=\"noopener\">calls<\/a> the threat, OSX\/OpinionSpy, a &#8220;high risk.&#8221; According to their blog, the main distribution channel for the malware through screen saver programs downloadable from reputable download sites including <a href=\"http:\/\/www.macupdate.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">MacUpdate,<\/a> <a href=\"http:\/\/web.archive.org\/web\/20100207171948\/http:\/\/www.versiontracker.com:80\/\" target=\"_blank\" rel=\"noopener noreferrer\">VersionTracker<\/a>, and <a href=\"https:\/\/www.softpedia.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Softpedia<\/a>. The malicious code does the typical malware things like scan files, record user activity, create a backdoor, and send stolen data to remote servers.<\/p>\n<p><a href=\"http:\/\/www.apple.com\/\" target=\"_blank\" rel=\"noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-2946 size-full\" style=\"border: 0pt none; margin-left: 4px; margin-right: 4px;\" title=\"apple\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/2010\/06\/apple-e1562350401676.jpg?resize=106%2C113&#038;ssl=1\" alt=\"\" width=\"106\" height=\"113\" \/><\/a><em><a href=\"http:\/\/searchsecurity.techtarget.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">SeacrchSecurit<\/a>y<\/em> quotes security expert and <a href=\"http:\/\/www.sans.org\/\" target=\"_blank\" rel=\"noopener noreferrer\">SANS Institute<\/a> instructor, Rob VandenBrink, writing on the <a href=\"https:\/\/web.archive.org\/web\/20101013084205\/http:\/\/isc.sans.edu:80\/diary.html?storyid=8890\" target=\"_blank\" rel=\"noopener noreferrer\">SANS Internet Storm Center Diary<\/a>, who said the malware is a simple bolt-on to other freely downloadable applications. &#8220;The neat thing about this malware is that it passes most static scan tests &#8211; the downloaded software itself is clean, the malware is downloaded as part of the installation process,&#8221; VandenBrink wrote. &#8220;This highlights the requirement for an on-access virus scanner for your OSX computers.&#8221;<\/p>\n<p><strong><em>rb-<\/em><\/strong><\/p>\n<p><em>Many people have long-held that macOS is more secure than Windows. macOS and its underlying *NIX OS have their own issues. The recent announcement by Google to increase its use of non-Windows OS&#8217;s (<a href=\"https:\/\/web.archive.org\/web\/20160903061005\/http:\/\/www.ft.com:80\/cms\/s\/2\/d2f3f04e-6ccf-11df-91c8-00144feab49a.html\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a> and <a href=\"https:\/\/web.archive.org\/web\/20100605134521\/http:\/\/blog.seattlepi.com\/techchron\/archives\/208523.asp\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>) has made macOS security thru obscurity mute. <span style=\"color: #000000;\">Mickey Boodaei, CEO of security vendor Trusteer, told <a href=\"https:\/\/www.scmagazineuk.com\/microsoft-states-that-windows-is-secure-as-industry-claims-that-security-problems-lie-across-all-operating-systems\/article\/171610\/\" target=\"_blank\" rel=\"noopener noreferrer\">SC Magazine<\/a>, \u201cMac and Linux are not more secure than Windows. They&#8217;re less targeted. There is a big difference.&#8221;<br \/>\n<\/span><\/em><\/p>\n<p><em>This announcement weakens the theory that using MacOS computers is the best way to secure online financial transactions. For the time being, a * NIX-based live CD is probably the safest bet to secure your online financial transactions.<\/em><\/p>\n<p><em>macOS users should get a real anti-malware package that includes an on-access scanner.<\/em><\/p>\n<p>&nbsp;<\/p>\n<p><em><a title=\"Ralph Bach\" href=\"https:\/\/rbach.net\/index.php\/new-resume\/\" target=\"_blank\" rel=\"noopener noreferrer\">Ralph Bach<\/a>\u00a0has been in IT long enough to know better and has blogged from his\u00a0<a title=\"Bach Seat\" href=\"https:\/\/rbach.net\/\" target=\"_blank\" rel=\"noopener noreferrer\">Bach Seat<\/a> about IT, careers, and anything else that catches his attention since 2005. You can follow him on <a class=\"broken_link\" href=\"http:\/\/www.linkedin.com\/in\/rb48334\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">LinkedIn<\/a>,\u00a0<a href=\"https:\/\/www.facebook.com\/ralph.bach.14\" target=\"_blank\" rel=\"noopener noreferrer\">Facebook<\/a>,\u00a0and\u00a0<a href=\"https:\/\/twitter.com\/rbach48334\" target=\"_blank\" rel=\"noopener noreferrer\">Twitter<\/a>. Email the Bach Seat\u00a0<a href=\"mailto:\/\/bach.seat@gmail.com\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>New macOS malware is a simple bolt-on to other freely downloadable applications that pass most static scan tests<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[3240,420,101,3023,197,23,282,4,1468],"class_list":["post-2943","post","type-post","status-publish","format-standard","hentry","category-security","tag-3240","tag-aapl","tag-apple","tag-intego","tag-macos","tag-malware","tag-sans-institute","tag-security","tag-trusteer"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/2943","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/comments?post=2943"}],"version-history":[{"count":10,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/2943\/revisions"}],"predecessor-version":[{"id":132546,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/2943\/revisions\/132546"}],"wp:attachment":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/media?parent=2943"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/categories?post=2943"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/tags?post=2943"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}