Mac Malware

There is a lot of chatter today about “Mac Defender,” a trojan horse pretending to be anti-malware software for the Mac. Gruber summarizes the situation well:

Trojans aren't a new problem on Mac OS X — trick a user into installing an app with admin privileges and the game's over. Mac Defender isn't an indication that Mac users need anti-malware software — in fact, the reason it appears to be succeeding is that it preys on uninformed users' belief that they might need anti-malware software.

The software does not appear to be making use of any exploits, but rather works by convincing people that they need the program and then getting them to give it legitimate access to the computer. Ultimately, even the most impenetrable security system will fail if the users of that system can be convinced to open the front door and allow something malicious in. Remember the original Trojan Horse?

Moral of the story: beware of Greeks bearing gifts. Don't take installing software that requires giving your administrative password lightly. This is a matter of social engineering (much like Facebook phishing scams) and not a symptom of any flaw in Mac OS X. If you feel uncomfortable making that sort of judgment about security yourself, let Apple do the work for you by using the Mac App Store to download software.