Mac Attack: The Second Mac Virus
Added by Adam Brines on Apr 26, 2012
The recent virus craze that has struck fear into users of Macintosh computers for the past few months has worsened now that a second virus has been discovered. According to BGR, the outbreak started with the "Flashback" Trojan that affected over 600,000 Macs last week. Although the Flashback Trojan was patched by a recent Java security update, it didn't stop the plague. Number two was on its way.
Back For Battle
Writers beware, the second Mac virus (codename "Lucky Cat") was discovered today. It has been shown to be potentially as dangerous as the Flashback virus. The key difference is in how the viruses work. The Lucky Cat nestles within a vulnerability found in Microsoft Word. What makes this new threat so lethal is that fact that it is currently undetected and irremovable by both antivirus engines and users.
Response From Apple
Currently, it is unknown what Apple's response will be to the second virus. Users are left hoping that Apple will take initiative and quickly release an update to Microsoft Word. According to an article on SFGate, Apple has earned itself a notorious reputation of being slow to act when it comes to releasing security updates for both iOS and Mac OS devices.
Instead of focusing on the immediate problem of computers becoming infected, Apple prefers to play the role of detective by trying to find the culprit and pressing legal charges.
The Impact on Midsize Businesses
The notion that Macs are virus-proof is being shown as a falsehood. With the increasing number of hacking attacks on companies, it is imperative that businesses do everything possible to protect themselves against viral threats. Improved Mac antivirus software has recently emerged on the market. Midsize businesses using Macs should always have firewall, malware, and spyware protection installed and updated. Most software experts would agree that Intego VirusBarrier 2012 is currently the best software for full protection. However, because the second virus is still in its incipient stages, it is undetected by most software. Because the virus is contracted from an XSS vulnerability in Java, businesses are advised to disable Java if it is not necessary in the workplace. The only other option that does not involve disabling Java would be to change to a different word processing software such as Open Office, so that the virus will remain dormant.
IT professionals should be able to recognize vulnerabilities in scripted code and monitor the network for any abnormalities. Keep a log of all the incoming IP addresses to detect any unknown remote connections. The Lucky Cat requires the attacker to extract data manually, meaning that abnormalities can be seen. Data that is confidential and important should be encrypted and copied to a Cloud backup server.
This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. Like us on Facebook. Follow us on Twitter.