From the How-To Geek website Jim Hamm finds some helpful info on viruses, worms, and Trojans, along with adware, crapware, and spyware programs. The writer outlines the problems and the possibilities. He also warns, “Don’t have the Java plug-in enabled, either . . . “ This article was published 7-25-15.
8 Simple Tips: Secure Mac from Malware, Viruses & Trojans
Two key words jump out here: "simple" and "secure." Jim Hamm has found a very helpful site at OS X Daily. Read these 8 tips here.
New Trojan Targets Mac
Keeping a lookout for computer security Jim Hamm shares this, "Here is an article about a new trojan targeted at the Mac. The key point here to observe is not to install anything from a popup box. Always go directly to the appropriate website from your browser to update/install anything."
"Pintsized Trojan" on Mac
Keeping us alert, Jim Hamm passes along this, "Although the 'pintsized trojan' (as it's called) hasn't been released yet to cause trouble for your Mac, you might take a read on this article http://www.macobserver.com/tmo/article/pintsized-trojan-bypasses-macs-gatekeeper-feature to be aware of what might be coming."
Curious? Another Way to Check
Curious if your Mac got infected? Jim Hamm writes, "Here is an article by MacWorld describing another very easy method of checking to see whether your Mac has been infected by the Flashback Trojan. Odds are good that you haven't been infected, but I tried, out of curiosity, the small app in the second link below. It worked quickly and showed that my Mac wasn't infected."
Java in Lion: You Might Need Help
In a recent post regarding the Flashback virus, John Carter reported that he had a problem with Java. This “bug” appeared only after a recent update to Java. He brings us up-to-date here:
"There is a workaround for the problem with Java in Lion. (The problem is that in the Terminal the command ‘java -version’ returns an error message: unable to locate java runtime to invoke) The workaround is accomplished by adding the system environment variable JAVA_HOME to the login environment in the file /etc/bashrc.
"The variable should be set to '/System/Library/Frameworks/JavaVM.framework/Home'
"There is no easy way to instruct the non-technical person on how to add a line of code to a system file. Anyone having a problem with Java should contact John Carter and he will install the workaround free." Go to the PMUG site > About Us and scroll down to Contact Us and click on Webmaster.
John closes with this, "The JAVA_HOME variable should not have to be added, so there is still some kind of Java problem that needs to be researched."
Now, John Carter to the rescue! Here's the very latest help: "Regarding why Java fails on the iMac Lion that I have, I just discovered this fix:
Remove this file: /Users/[logname]
The next time you execute ‘java -version’ in Terminal, you get:
java version "1.6.0_31"
Java(TM) SE Runtime Environment (build 1.6.0_31-b04-414-11M3626)
Java HotSpot(TM) 64-Bit Server VM (build 20.6-b01-414, mixed mode)
"This is confirmed by: osdir.com/ml/java-dev/2010-10/msg00974.html by Mike Swingler, Java Engineering, Apple Inc."
Any other questions? If so, email John. And remember, he's speaking this Saturday for PMUG. See you there?
More on Flashback
"The Flashback virus is real," emphasizes John Carter. He elaborates on the issue, "There is a Java update available from Apple to fix the problem.
"As a result of doing the latest Java update from Apple, I no longer have Java working on my iMac.
However, the update works on the Mac Mini and the MacBook Air.
" I discovered this on my iMac by invoking the following command in Terminal: java
"The result was: Unable to locate a Java Runtime to invoke
"I went online and discovered that many people complained of the same thing. It seems that installing the older version of Java fixes the problem, but then you leave yourself open to the Flashback virus."
John continues, "I attempted to install the older version from a download from Apple, but the package detected the newer version and would not install. I guess you can only install the older version from the installation DVD.
"At this point, since I am not doing any Java development I am not overly concerned about this 'bug' and I haven’t seen any problems with websites I’ve visited. Google Chrome has its own Java built into the browser and is the preferred browser now for surfing the web because it is immune to the Flashback virus.
"Within the next week, Apple should be doing something about the problem caused by the update and put out a new update."
Summarizing the Malware Attempts
"Here is an excellent article summarizing the current state of affairs regarding the Flashback Trojan." Jim Hamm goes on to comment, "As the use of Macs becomes more widespread in the computer world, I suspect, unfortunately, there may be more malware attempts in the future on the Mac. One big concern I have is why Apple is so slow to respond to threats like this, as the article points out?"
The article does state that "Apple has been introducing a series of technologies—tools like Address Space Layout Randomization (ASLR), sandboxing, and DEP—to reduce the chances of exploitation even when a Mac is vulnerable and to limit the potential damage of an attack. But these technologies aren’t perfect, especially when complex programs that run Web content like Java or Adobe Flash are involved.
"Gatekeeper will significantly change the game for manually installed Trojans when it’s released later this year; it will make that form of attack much less profitable (and thus less likely)."
Be Aware of This Trojan
"Here's some info on a trojan that attempts to infect your Mac. Something to be aware of." Thanks to Jim Hamm for this warning.
Bogus Flash Installer & Other Warnings
The eagle eyes of Jim Hamm have found some valuable info on how to avoid malware. He sends this MacWorld article which describes the problem of a bogus Flash installer and gives a solution, along with a list of similar articles. One point is to make Safari safer by going to Safari > Preferences > General and unchecking where it says "Open 'Safe' files after downloading." This second article tells about safe downloading.
Apple Releases Security Update Today
Alerted first by a PCmagazine article, the official info comes from this Apple Support site. The security update 2011-003 is 2.1 MB and takes less than 2 minutes to download. It was released earlier today, May 31, for OS X v. 10.6.7.
What do you know? David Passell writes to brag that his update took less than a minute!
More About: Keep in Mind About Your Computer Security . . .
A good reminder comes from Allen Laudenslager. He sends this CNN article, declaring that it might help give a little clarity on the MacDefender malware issue. The article, entitled, "New Malware Revives Mac vs. Windows Security Debate" states that Microsoft recently pointed out that 1 in 14 downloads on Windows are malicious. And the fact that there is just one piece of Mac malware being widely discussed illustrates how rare malware still is on the Mac platform. The writer concludes, " . . . the moral of this story is to be wary that Mac malware is in the wild, and be cautious about installing sketchy software from unfamiliar sources."
This evening several news reports discuss the malware. AppleInsider, states that Apple will release an update to Mac OS X to automatically find and remove the malware. The article concludes, "The scam site is also unable to install the malware without the user supplying an administrative password. Even so, hundreds of users have been duped by the scam, although the outbreak appears to be more of a nagware annoyance than a serious security problem."
First thing this morning, (5-25) Allen passes on this Apple Support information which lists the authorized steps to take to remove the malware if you happen to inadvertently download it. Once the Mac OS X software update is here we'll have "no more concern about the only widespread Mac malware that we have to worry about" because it will automatically find and remove the MacDefender malware and its known variants.
Joining in with helpful info now is Art Gorski, recommending this from MacWorld.
This afternoon (5-25) we found this in ComputerWorld: "Mac users running Safari can stop avRunner from automatically opening its installer screen by unchecking the box marked 'Open 'safe' files after downloading' at the bottom of the General tab in the browser's Preferences screen." Read the whole article.
Here's the 5-26 article from Computer World with more details.
What else are PMUG members saying about malware, security, anti-virus issues? On the right side of this newsblog scroll to the Labels list and look up those keywords, and any other keywords you're interested in researching. Our PMUG members do a good job of finding out -- and passing along -- all kinds of Mac information.
Stay Alert, With Reasonable Precautions
Eagle-eyed PMUG users keep us informed! Both Jim Hamm and Allen Laudenslager pass along some vital info. In other words, stay alert, with reasonable precautions!"Here is an article commenting about potential malware for Macs," begins Jim Hamm. The author makes some good points, and, as he notes, Macs are not immune to malware. As the Mac presence on the internet increases, we become more of an attractive target for malware. As Mr. Bott observes, every percentage point increase in Apple's share of Web traffic means about 10 million more potential customers for hackers. "This article isn't any cause for alarm, just something to be aware of. Anyone who uses a computer and surfs the net is potentially vulnerable to malware. We just need to be alert and exercise reasonable precautions," Jim summarizes the situation. More information is just in from Allen Laudenslager, "There has been a lot of news lately about Mac 'viruses' and malware, particularly something called Mac Defender*#% "First and most importantly, this is not a virus, it's a trojan horse. What it really does is fake you into downloading an app that reports a 'virus' and asks you to buy their software. The big con is to get your credit card information, not eat your data! I really liked this article for plain speak and clear explanations. I really liked Mac360's quote of Betteridge’s Law of Headlines: 'Any headline which ends in a question mark can be answered by the word no.' "A little common sense and a quick check of the internet will protect your Mac better than some 'anti-virus' software from an unknown source. "For the official Apple stand on viruses and malware, check here." And now it's Skype with problems. Apparently Skype users should have known about this since April 14 when an update for software was made available and publicized.
Things About Trojans You Need to Know
Ever watchful, here's from Jim Hamm. With the title, "I Smell a RAT" we know that there's something here to read! What are trojans and how do you get them? How do you protect your Mac? Jim comments, "It's oft been said the best protection from the malware lies between the chair and the computer!" While you're at it, you might want to sign up to get Small Dog Electronics' Tech Tails.
A Reminder to Be Careful
A warning of a trojan comes from Jim Hamm. The Mac blog he subscribes to sent this, ""Today the Black Hat Trojan infected a Mac OS X server at a company that I work with in Washington, D.C. The company has about 65 Macs at this location. The Trojan came in via an unknown attachment to an email message and then infected 15 Macs that had been asleep during the night. When employees arrived for were five were tricked by the Trojan into keying in their Admin password at which point the entire HD was wiped clean including OS and the Trojan itself."
Jim adds, "Along the same vein are comments on a backdoor trojan from this website." And Jim concludes, "No great cause for alarm, just something to be aware of. From further reading on the blog, one should be careful if all of a sudden you're asked to enter your admin password -- especially when, at that point in time, it isn't normal for you to do so."