Macs Are Virus Targets, Some Experts Warn

"Norton: Macintosh Edition" will probably be out within a year.

No user should assume their system is safe, regardless of their OS. Use a firewall. Protect what you can. Be weary of what you link to on the Internet.

Boy would it SUCK or what to be an "independent security consultant" or a "virus software company" if EVERYONE used MACS?

God! This Mac virus news is so old now. These are 'Proof of Concept' threats.

Does anyone else find it funny that every "virus" that comes out for OSX is suddenly OSX's "first virus" -- and every time the "virus" is an overplayed and weak attempt to do nothing to your system?

This is what we Mac users call Windnoise I laugh and still don't use any security. My OSX has a properly written core :)

I doubt any Mac user who has worked with OS X for more than two days would fall for a virus presenting itself as an operating system update. Apple has thankfully developed a consistent, official way of delivering software updates via System Preferences. Most users never have to double-click any file to update OS X; it's all done automatically directly through Apple's servers.

In Windows, however, one has to go to a Microsoft web site, which itself needs to install an ActiveX script. For most users, there is no way to know whether the ActiveX script or even the web site are legitimate.

This is not to say Mac OS X users will never see viruses or trojans; I'm sure the day will come eventually. However, I believe OS X is far superior to Windows in how crucial updates, etc. are delivered to the end user so as to minimize the potential for malware.

I have to agree with a large majorty of the posts above... All the viri have been proof pf concept, and haven't actually been able to do anything. The "first" Torjan requires a silly user initiated attach - where the user has to open a foreign file AND enter their administrator username and password... just between you an me... if I had a tif file that asked for my administrator password, i'd know something was up...

with OSX security, it all comes down to education, if a user [ take my mum for example ] decides to download or visit some nasty sites on the web, i've made if very clear to her NOT to give out details like your administrator password etc, its like they always say, if you go looking for trouble, you'll get it !

As a matter of fact, there's a $20.000 award for the first spreading virus under OS X. The "virus" available today requiers the user to give it permission. That is, enter the root password when prompted.

Anybody else think it's funny the guy in the picture isn't even on a Mac?

The problem isn't the computer but the user. Why would you click on links to unreleased software updates?? You deserve an attack if your that uninformed. But as of right now the Mac user base isn't full of your average internet/email user. Their people who use their Macs as tools, therefore know how to use their tool and not be used by it.

OS X still has some unpatched security holes; the sooner they're fixed, the better. Hopefully, the attention being drawn to these vulnerabilities, both within the industry and through articles like this one, will give Apple some incentive to fix their (perhaps minor) security flaws.

Of course, what's amazing is that (according to the article) only two people have been infected on OS X. That's bad publicity?

Thank goodness for security consultants — always willing to go above and beyond what's necessary to let everyone know the importantance of, well, security consultants.

"Now that we've been made aware that some of you have switched to Macs, we've realized that Macs are now susceptible to viruses..."

I can't remember what podcast I was listening to (TWiT or Security Now, or a similar one), but at least what we've come to know as viruses for computers have become sort of a 'grey hat' type goal for young hackers, to only show that they can write a piece of software that can get in between the OS and user without knowledge and do stuff, but as many above have pointed out, do absolutely nothing once that's there save for maybe flash the user's online name or some group, just to proof that it can be done. E.g. comparable to graffiti. Viruses are still hard to infect because they usually require the user to actually run some program in order to open the payload and do the damage, but now that Outlook's gone through it's trials, it takes a bit more work to actually infect yourself with a virus.

On the other hand, the more malicious software today is spyware and worms, where they can actually get key critical data back to some point for illegal monitoring and other activities, definitely 'black hat' type approaches; these are the ones that are likely to be backed by groups with questionable motives and likely will use that data for monetary purposes. Nearly all of these are built off the insecurities of IE on Windows, and I've yet to hear of a Linux or MaxOSX attack, though I'm sure there are black hats that are working on that as well. Yes, such hacks can ride in the payload of a virus, but it's much easier to simply take advantage of uninformed users and have them install the software for you from an environment that would encourage them to do so - through the web. Eventually, I'm sure we'll hear of an OSX spyware problem but likely will have required you to be logged in as root/admin in order to actually do any damage.

It still comes down to basic precautions you should use - inbound and outbound firewall protection, anti-virus software, and just knowing how your computer generally operates day to day as to be able to spot irregularities.

Actually my favorite statement was:

He and at least one other person who clicked on the links were infected by what security experts call the first-ever virus for Mac OS X, the operating system that has shipped with every Mac sold since 2001 and has survived virtually unscathed from the onslaught of malware unleashed on the Internet in recent years.

Wow! Two whole people, I see the virus is spreading far and wide. That had me laughing.

I'm a lifelong Mac user, who also works does technical support work, which means I fix Windows problems continuously. While, I would never call the Mac OS immune to viruses, it is relatively virus free. I do encourage Mac users to have anti-virus software. There are a number of benefits: (1) it's been years and those pesky Microsoft Office worms are still alive and kicking, and while they may not screw up a Mac, they can be pretty lethal to Windows users, that you may share files with; (2) automatic pruning of your attachments folder, set your virus scanner to delete virus related files so you don't have to do so manually; and (3) warnings for when you visit websites that are doing things that they shouldn't, like downloading files are trying to access data. They scripts might not work properly on a Mac, but do you really want to continue to visit a site that's trying to compromise your computer??

Those are just my top three reasons for recommending Mac users have anti-virus software; and yes for the record, I also recommend they have Little Snitch installed as well. Because I hate applications that call home or elsewhere without reason or notification. Obviously, the best protection is knowledge. But even the best of us can fall behind in that, so if using a Mac takes you 50-75% of the way to carefree computing, why not add a few other components to increase it to 80-95%.

I just seeded the Yahoo! news version of this story. A sad display of recycled news. I hope the author gets lectured about this crap.

The unbelievably spooky picture is what really sells me on the threat!

Daines was the victim of a computer virus.

This was not a virus. It was a trojan. Completely different