Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Spyware

G

ghosthunt

macrumors newbie
Original poster
Aug 28, 2013
6
0
Hi
I've been reading a lot on how rare it is to have your mac being a victim of spyware but I'm just so paranoid that I need you to recommend me some kind of spyware scan, preferably free.. tried MacScan demo but reviews say that it's not very good.
What causes my concern is that last night, someone sent me a few files and I've opened them and saved them. Even though I know this person, I regret doing that but I just have a hard time saying no to people so I downloaded them. This person knows that I've this system and basically is a genius when it comes to everything so there is a chance that my mac has spyware now, isn't it? Can you please help me check?
 
While there is malware out there for Mac OS X, one needs to give an admin password to it to properly install it. Just opening an attached file will not do any harm, unless it is unknown malware, that has not been reported yet.

Currently there are zero viruses affecting Mac OS X in public circulation, but there are other kinds of malware existing, that can infect your Mac, but that can be avoided via employing the proper security steps without the help of any anti virus software.
To learn more about malware in Mac OS X and what steps can be taken to protect yourself, read the following F.A.Q.:
 
I never use Windows...
Start with DOS, OS/2, Linux, FreeBSD and now OSX but I don't believe that is not possible to write virus for Unix system. We are just lucky.
BTW there are some for OSX:

Olxy backdoor
Blackhole RAT version 2 (also known as Musminim)
Bancos
FakeAVZp-B
Bckdr-RID
FakeAv-DD
 
Last edited by a moderator:
starikarp said:
Olxy backdoor
Blackhole RAT version 2 (also known as Musminim)
Bancos
FakeAVZp-B
Bckdr-RID
FakeAv-DD
Click to expand...

While they are malware, they are not virus' in the definition of the term. Each and every one requires permission to be installed.

Olxy backdoor is only referenced by F-secure and by people claiming it's a virus on forums. Google "Olxy backdoor" and you'll find 12 hits, all the of them are links to F-secure or to a forum where someone made exactly the same post as you did. In other words, it isn't real, or was just a proof of concept; and considering it's age, most likely long since patched.

Bancos has already been proven that it does not infect Macs; it can be stored on their drives, but it is nothing less than a trojan horse for windows.

Musminim is a poorly written trojan designed to install and do things but tries to trick the user into installing itself. Again, the user has to take action to a) get the file, b) run it, c) give it permission to install. It is not self replicating. Quote from Sophos :
As this threat is still in it's infancy ( The samples seen so far even refer to themselves as "under development". ), users are unlikely to encounter this threat in the wild, and thus the risk is exceptionally low.
Click to expand...

FakeAVZp-B - This is a windows trojan horse. Not sure why it's on the list besides having been directly copied from another forum post by someone else making the same claim (IE this list is identical to a comment someone made on ZiffDavis website).

Bckdr-RID is yet another Trojan that requires user permission to install. This one does seem to be one of the more nasty ones, it does try to hook itself into the system but it's overall threat is minimal since it is obvious. Sophos is showing it as very minimal distribution. Considering the age, I am guessing Guardian already nukes it.

FakeAv-DD is yet another WINDOWS trojan. Has nothing to do with OSX, it attacks the registry. Only on the list for fear mongering? It appears to be a very poor windows trojan at that.

The one you didn't post and would have the most right to do so, Flashback. It was by far the biggest scare that the Mac community had. And it came through, well, flash. It is not a virus, but a trojan that mimicked the way that flash updated and thus looked legit and thus people gave it permissions. It was squashed by Guardian a short time later. Not using flash is a good thing anyway; but that's just my opinion, I don't have it installed on my machines.

While I won't claim that there will never be a virus for the Mac, I'm just saying that at this time the threat of one is VERY low. There are other pieces of Malware, some applications qualify themselves and people use them all the time. There are some bad trojans out there, people should be aware of everything that they install in their system, especially when it is asking for admin permissions. Granted, that Windows 7 has gotten a lot better than the previous versions, and if you don't run as administrator it helps a lot. People need to be intelligent enough to not just click every pop-up that comes up asking for the administrator password.
 
Last edited:
starikarp said:
I never use Windows...
Start with DOS, OS/2, Linux, FreeBSD and now OSX but I don't believe that is not possible to write virus for Unix system. We are just lucky.
BTW there are some for OSX:

Olxy backdoor
Blackhole RAT version 2 (also known as Musminim)
Bancos
FakeAVZp-B
Bckdr-RID
FakeAv-DD
Click to expand...

Nowhere did I say, that it is impossible, but as of now, there are ZERO viruses affecting Mac OS X.
See CylonGlitch's extensive post for information, but then again, this thread would have to end, and we all know, it has to have at least 50 inane posts and should be closed by a tired mod eventually.


As it does not seem to get into some heads, and not that many actually read stuff here posted several times, viruses need to infect and propagate from the infected machine WITHOUT user interaction.

PS: Mac OS 8 and 9 had 80 or so actual viruses affecting them, with less users than Mac OS X is having since the iPhone was introduced. Now where are the viruses? It may not be impossible to write one for Mac OS X or OS X, but where the hell are they, now that Mac OS X is more popular? Also take a look at Windows 6 and Windows 6.1, they have introduced new user access models, which prevents viruses much better than in the Windows 3, 4 and 5 days.
 
Last edited:
simsaladimbamba said:
PS: Mac OS 8 and 9 had 80 or so actual viruses affecting them, with less users than Mac OS X is having since the iPhone was introduced. Now where are the viruses?
Click to expand...

This point is very important and I made it a few years ago. People often claim that there are no virus' for OSX because it is too small of base and the authors would rather focus on the big fish. To an extent that is true; but considering that pervious versions of Macs had quite a few virus' and that base was MUCH smaller, where did all those writers go? Tell you where, they tried, and couldn't find an easy way in so they went to an easier OS to get into. Second, and this one is very important, is that the person who makes the first real virus for Mac will be VERY famous! That alone is reason enough for wanna be virus writers to get their name out there.

Now, if we talk about the BlackHat hacking conference that shows that they can get into any PC or Mac every year, I say, so? Seriously though, the #1 issue is that they have to have physical access to the machine to get in. In some cases they would just boot a previously written boot loader off a flash drive and then get access that way. If you lose control of your machine, assume you've lost what's on it. It is also why I have FileVault turned on my accounts; even if the machine is breached, it is unlikely that they will get anything from my account.
 
How to avoid malware on a Mac:
  • Use the latest version of OS X
  • Keep your Mac up to date
  • Turn off Java in Safari
  • If you absolutely HAVE to run a VM of any version of WinDoze, make sure you have antivirus installed on it
  • Don't visit naughty sites
 
Bending Pixels said:
How to avoid malware on a Mac:
  • Use the latest version of OS X
  • Keep your Mac up to date
  • Turn off Java in Safari
  • If you absolutely HAVE to run a VM of any version of WinDoze, make sure you have antivirus installed on it
  • Don't visit naughty sites
Click to expand...

If you are running VM's of windows, just treat that VM as a windows machine and take all normal windows safeguards. But nothing that goes on there can really damage your Mac. . . except, turn off drive sharing. Otherwise, in theory, a PC piece of malware could delete things off of it.

And the last bullet point, that's just silly, just don't install everything that pops up on your screen. In fact, don't install ANY of it.
 
CylonGlitch said:
This point is very important and I made it a few years ago. People often claim that there are no virus' for OSX because it is too small of base and the authors would rather focus on the big fish. To an extent that is true; but considering that pervious versions of Macs had quite a few virus' and that base was MUCH smaller, where did all those writers go? ...
Click to expand...
Actually (that word again), the number of unique Mac viruses up through MacOS 9 was something like 26. That is 26 viruses from 1984 to 2001. That was a slow week on MS-DOS and Windows. There were additional vulnerabilities, but the vulnerabilities were Microsoft Office macroviruses based on primarily on Visual BASIC for Applications. Even before VBA, Microsoft's Word 6 enabled viruses to go cross-platform for the first time in human history. VBA, however, was a revolution is viruses. Viruses had been the exclusive domain of sophisticated assembly language programmers. With VBA, any idiot with a text editor could cobble together a very dangerous virus. Google "script kiddie."

On the Mac, Office macroviruses were limited to your Office installation. On Windows, VBA had the run of the System. Therefore, a VBA macrovirus could wreck havoc on the entire computer.

One other thing. It is not a given that Windows has more viruses because Windows has more users. It was an excuse created by Bill Gates to address a major public relations problem:

During the early days of Windows XP, Microsoft's latest NT-based OS proved to be extremely vulnerable to viruses. What is more, NT viruses were much more pernicious than those that plagued the DOS-based versions of Windows. In fact, Windows NT was breaking down from the virus onslaught. Major customers and commentators were taking notice with open talk about abandoning Windows. Bill Gates came out an said that it was expected that Windows had more viruses because it had more marketshare.

Gates offered no data to backup his statement. Proof was left as an exercise for the student. However, the statement was a lie on its face. Windows XP was not the most popular OS extant. That honor went to Windows 98. Windows XP did not surpass Windows 98 until years later.

However, no proof was necessary. The popular press, the computer press, and the customer base accepted Gates's statement uncritically. Gates had converted a serious problem--Windows XP's lack of virus defenses--into a badge of honor. Virus infections became proof of Windows's popularity.
 
Thank you for all the replies guys..
So, after reading everything you've all said, is it right to assume that there's absolutely no way that this person could've gotten any spyware onto my mac just by sending me files, and me opening & saving them, because he does not know my password, and does not have, and never did, physical access to my macbook? When I was downloading the files, I didn't need to type my password or anything, like you sometimes need to before installing any kind of software etc.
Oh and thanks for the FAQ will give it a read.

edit: oh and please tell me do you think I should download any free antivirus software such as avast or sophos? Does it work for spyware too?
 
simsaladimbamba said:
While there is malware out there for Mac OS X, one needs to give an admin password to it to properly install it. Just opening an attached file will not do any harm, unless it is unknown malware, that has not been reported yet.
Click to expand...

Not so. The Flashback malware would infect a Mac if one simply visited a compromised web site. No admin password was needed.
 
ghosthunt said:
Do you know a free scan that would detect it?
Click to expand...

If you have kept your system updated, it is not likely you have Flashback. Apple does have a tool here to check.

The intent of my post was not to imply you have malware, but to make it clear the statement we keep seeing that your Mac cannot be infected unless you supply a password is incorrect.
 
Weaselboy said:
If you have kept your system updated, it is not likely you have Flashback. Apple does have a tool here to check.

The intent of my post was not to imply you have malware, but to make it clear the statement we keep seeing that your Mac cannot be infected unless you supply a password is incorrect.
Click to expand...

Thanks, I'll check anyway just to be sure.
 
Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 12 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). 3rd party antivirus apps are not necessary to keep a Mac malware-free, as long as a user practices safe computing, as described in the following link.
Read the What security steps should I take? section of the Mac Virus/Malware FAQ for tips on practicing safe computing.
 
So, are you guys 100% that my mac hasn't been affected by spyware just by me downloading those few files from that person and I can stop freaking out and running the anti virus scans? Sorry for being a pain but I'm just really paranoid of being spied on.
And once again, thank you for your input.
 
ghosthunt said:
So, are you guys 100% that my mac hasn't been affected by spyware just by me downloading those few files from that person and I can stop freaking out and running the anti virus scans? Sorry for being a pain but I'm just really paranoid of being spied on.
And once again, thank you for your input.
Click to expand...

Yes, you're fine. Just relax and enjoy your Mac. It is quite rare for an average users' Macs to be hacked or infected with spyware or malware.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back