Well, Mac folks, as we’ve mentioned before, while it’s true that Macs have historically been less likely to get infected with malware, that doesn’t mean they’re immune to it. We’ve recently run across a serious, bona-fide virus on a Mac, and we want to give you a heads up about it so that you can avoid it.
What It Is and How It Works
A common way this virus makes it onto a Mac is when the user unintentionally navigates to a website that is infected with the virus. The malicious code in the website triggers a legitimate-looking Flash Player installer window (pictured on the left), which are common to see when your Flash Player is not up to date. The window asks for the user’s administrative password, just like any download on a Mac, and when the user complies, the virus downloads and installs itself. It proceeds to corrupt several applications on the user’s computer (such as Microsoft Word and others). In some cases we’ve read about, the virus has also infected web browsers and other network-connected applications, probably with the intention of stealing confidential user information (login credentials, financial information, etc.).
This is what we’ve seen. Others, however, have seen variants of this virus that use other means to install itself, such as posing as a permissions check from “Apple Inc” or exploiting vulnerabilities due to Java not being up to date, in which case the virus could be installed without your even being asked to enter your credentials.
How to Avoid It
While this virus is a tricky one, there are steps you can take to avoid it. Here are a few general rules of thumb that will help protect you from this and other malware threats:
-
Install OS X updates often. Apple has historically been pretty good about fixing the vulnerabilities cybercriminals exploit. So when you see the Software Update window pop up, consider taking the time to install the update right then. If don’t like being interrupted, make sure you’re manually checking for and installing updates often (simply click the Apple icon in the top-left of the screen, click Software Update, and install the appropriate available updates).
-
Be wary of installation windows. One of the advantages of using a Mac is that you have to personally authorize installations from downloaded software with your administrative password. So, in most cases, malware can only be installed if you authorize it. So be wary of installation windows that pop up unexpectedly like the one posing as a Flash Player installer. One way to avoid the threat in this case would be to avoid installing Flash Player updates from pop-up winows and instead navigate to Adobe’s website to download updates directly from them.
-
Stay up on your backups. If, for some reason, you end up with this virus or one like it, you’ll be much better off if you have a recent backup of your computer. In extreme cases, your hard drive may have to be wiped in order to get rid of the virus, and you’ll be a much happier camper if you have a recent backup.
What to Do If You Have It
If you’ve been noticing applications like Word or Safari crashing often and unexpectedly, or if file names on your computer look to have been changed unexpectedly, you may have this virus. Unfortunately, this is a really nasty virus that, unless you have a high level of tech know-how, you may not be able to get rid of on your own. We’re happy to help you take care of getting rid of this virus, so please give us a shout!