{"id":11511,"date":"2016-03-08T09:02:19","date_gmt":"2016-03-08T14:02:19","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=11511"},"modified":"2020-02-26T11:05:52","modified_gmt":"2020-02-26T16:05:52","slug":"mac-malware-again","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/mac-malware-again\/11511\/","title":{"rendered":"Wait, my Mac can be infected?"},"content":{"rendered":"<p>Please stop me if you have heard this before: <em>\u2018I don\u2019t need a security solution for my Mac. They are super-secure and are completely immune to viruses.\u2019<\/em><\/p>\n<p>Do you believe it? If so, I hate to break it to you, but the statement is nothing but a big ol\u2019 myth. <a href=\"https:\/\/securelist.com\/analysis\/36081\/2005-nix-malware-evolution\/\" target=\"_blank\" rel=\"noopener\">As early as 2005<\/a>, Kaspersky Lab\u2019s GReAT reported on vulnerabilities and exploits to Macs.<\/p>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2016\/03\/06022740\/apple-vuln-FB.jpg\" rel=\"attachment wp-att-11518\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2016\/03\/06022740\/apple-vuln-FB.jpg\" alt=\"Wait, my Mac can be infected?\" width=\"1280\" height=\"1280\" class=\"aligncenter size-full wp-image-11518\"><\/a><\/p>\n<p>At last week\u2019s <a href=\"https:\/\/www.kaspersky.com\/blog\/tag\/rsac2016\" target=\"_blank\" rel=\"noopener nofollow\">RSA conference<\/a>, I sat in a session that covered hacking a Mac. The theory behind this presentation was that an assailant could hack into a Mac given the practice of installing software that did not come from a trusted store or official App Store. This bit of social engineering plays into the ego of the \u201cuber-savvy\u201d Mac user.<\/p>\n<p>The exploit could come in the form of a spoofed email, file share or any other method commonly used to lure in PC users. While this was just a proof of concept, seeing it in action only means that unlike the myth, this is a plausible scenario.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/KeRanger?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#KeRanger<\/a> OS X <a href=\"https:\/\/twitter.com\/hashtag\/ransomware?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#ransomware<\/a> impact likely mitigated via <a href=\"https:\/\/twitter.com\/threatpost?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">@threatpost<\/a> <a href=\"https:\/\/t.co\/RbFa12KOFA\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/RbFa12KOFA<\/a> <a href=\"https:\/\/t.co\/PqMKG9HLDr\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/PqMKG9HLDr<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/706917978751766529?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">March 7, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>If you followed the news yesterday, you probably heard that ransomware has now made its way onto Macs. While it is said that <a href=\"https:\/\/threatpost.com\/keranger-os-x-ransomware-impact-likely-mitigated\/116612\/\" target=\"_blank\" rel=\"noopener nofollow\">KeRanger could be short lived<\/a>, it is still an alarming piece of news. Ransomware is currently a plague on the Internet and has impacted individuals and businesses alike.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter size-full wp-image-11513\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2016\/03\/06022742\/Mac_Malware.png\" alt=\"Mac_Malware\" width=\"1280\" height=\"970\"><\/p>\n<p>The problem is that if a user has not backed up their files on a regular basis, there are some who will pay to get their digital artifacts back. We do not suggest paying criminals, but sometimes people don\u2019t have a choice. There was even a <a href=\"https:\/\/threatpost.com\/hollywood-hospital-pays-17k-ransom-to-decrypt-files\/116325\/\" target=\"_blank\" rel=\"noopener nofollow\">hospital that recently ponied up the ransom money<\/a> to unlock their files. Given that Mac users are typically profiled as better off, you could potentially see attackers target the platform with more of a premium ransom in the future.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">10 tips to protect your files from ransomware <a href=\"https:\/\/t.co\/o0IpUU9CHb\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/o0IpUU9CHb<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/iteducation?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#iteducation<\/a> <a href=\"https:\/\/t.co\/I47sPIiWFF\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/I47sPIiWFF<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/671348678607642624?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">November 30, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>We won\u2019t blame you if you were one of the people who believed the myth of the super-secure Mac. We blame the Internet and the media for building up the hype. As well as Apple ads, like this one:<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/sdF5IsyOxU4?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<p>Overall, given the mainstream media attention, we sincerely hope that this has raised at least some distrust to this longstanding myth and hopefully will help put it to bed.<\/p>\n<p>If you are one of the folks who are possibly thinking \u201cOK, now how can I keep my expensive machine from Apple safe,\u201d fear not \u2013 we\u2019ve got you covered.<\/p>\n<p>Perhaps the easiest first step for you to take is to only install applications from the App Store and verified sites. As mentioned in the example from RSA, a spoof app can get you into some trouble.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Don't forget to protect your Mac. As well as <a href=\"https:\/\/twitter.com\/hashtag\/iPhone?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#iPhone<\/a> and <a href=\"https:\/\/twitter.com\/hashtag\/iPad?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#iPad<\/a>! <a href=\"https:\/\/twitter.com\/hashtag\/mac?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#mac<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/apple?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#apple<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/security?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#security<\/a> <a href=\"http:\/\/t.co\/guhxOctUod\" target=\"_blank\" rel=\"noopener nofollow\">http:\/\/t.co\/guhxOctUod<\/a> <a href=\"https:\/\/t.co\/f6N9ieSWpE\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/f6N9ieSWpE<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/534654843244511232?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">November 18, 2014<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The second step is to install some type of anti-virus protection for your Mac like <a href=\"https:\/\/kas.pr\/Macsec\" target=\"_blank\" rel=\"noopener\">Kaspersky Internet Security for Mac<\/a>.<\/p>\n<p>But hey, should you decide to forego security measures, don\u2019t say that we didn\u2019t warn you.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>While the popular notion is that Macs are virus-proof, it is actually quite a myth. These computers can catch viruses and Ransomware.<\/p>\n","protected":false},"author":636,"featured_media":11519,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5,9],"tags":[180,34,36,1072,4210],"class_list":{"0":"post-11511","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-tips","9":"tag-kaspersky-internet-security","10":"tag-mac","11":"tag-malware-2","12":"tag-rsa-conference","13":"tag-rsa2016"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/mac-malware-again\/11511\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/mac-malware-again\/6814\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/mac-malware-again\/6810\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/mac-malware-again\/7901\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/mac-malware-again\/7674\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/mac-malware-again\/11166\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/mac-malware-again\/2041\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/mac-malware-again\/7189\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/mac-malware-again\/10668\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/mac-malware-again\/11166\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/mac-malware-again\/11511\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/mac-malware-again\/11511\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/kaspersky-internet-security\/","name":"Kaspersky Internet Security"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/11511","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/636"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=11511"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/11511\/revisions"}],"predecessor-version":[{"id":33649,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/11511\/revisions\/33649"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/11519"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=11511"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=11511"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=11511"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}