Malware and Anti-virus

My company has a policy that we can use our personal laptops as long as it has some form of anti-malware and anti-virus software on it.
I am fairly new to the mac world, 18 years of working with government issued windows laptops. Could someone point me in the right direction.
Thanks.

No viruses that can attack OS X have so far been detected 'in the wild', i.e. in anything other than laboratory conditions.
It is possible, however, to pass on a Windows virus to another Windows user, for example through an email attachment. To prevent this all you need is the free anti-virus utility ClamXav, which you can download for Tiger and Leopard from (on no account install Norton Anti-Virus on a Mac running OS X):
http://www.clamxav.com/
The new version for Snow Leopard is available here:
http://www.clamxav.com/index.php?page=v2beta
(Note: ClamAV adds a new user group to your Mac. That makes it a little more difficult to remove than some apps. You’ll find an uninstaller link in ClamXav’s FAQ page online.)
However, the appearance of Trojans and other malware that can possibly infect a Mac seems to be growing, but is a completely different issue to viruses.
If you allow a Trojan to be installed, the user's DNS records can be modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's (that's you!) DNS records stay modified on a minute-by-minute basis.
You can read more about how, for example, the OSX/DNSChanger Trojan works here:
http://www.f-secure.com/v-descs/trojanosxdnschanger.shtml
SecureMac has introduced a free Trojan Detection Tool for Mac OS X. It's available here:
http://macscan.securemac.com/
The DNSChanger Removal Tool detects and removes spyware targeting Mac OS X and allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.
(Note that a 30 day trial version of MacScan can be downloaded free of charge from:
http://macscan.securemac.com/buy/
and this can perform a complete scan of your entire hard disk. After 30 days free trial the cost is $29.99. The full version permits you to scan selected files and folders only, as well as the entire hard disk. It will detect (and delete if you ask it to) all 'tracker cookies' that switch you to web sites you did not want to go to.)
A white paper has recently been published on the subject of Trojans by SubRosaSoft, available here:
http://www.macforensicslab.com/ProductsAndServices/index.php?mainpage=document_general_info&cPath=11&productsid=174
Also, beware of MacSweeper:
MacSweeper is malware that misleads users by exaggerating reports about spyware, adware or viruses on their computer. It is the first known "rogue" application for the Mac OS X operating system. The software was discovered by F-Secure, a Finland based computer security software company on January 17, 2008
http://en.wikipedia.org/wiki/MacSweeper
On June 23, 2008 this news reached Mac users:
http://www.theregister.co.uk/2008/06/23/mac_trojan/
More on Trojans on the Mac here:
http://www.technewsworld.com/story/63574.html?welcome=1214487119
This was published on July 25, 2008:
Attack code that exploits flaws in the net's addressing system are starting to circulate online, say security experts.
The code could be a boon to phishing gangs who redirect web users to fake bank sites and steal login details.
In light of the news net firms are being urged to apply a fix for the loop-hole before attacks by hi-tech criminals become widespread.
Net security groups say there is anecdotal evidence that small scale attacks are already happening.
Further details here: http://news.bbc.co.uk/2/hi/technology/7525206.stm
A further development was the Koobface malware that can be picked up from Facebook (already a notorious site for malware, like many other 'social networking' sites like Twitter etc), as reported here on December 9, 2008:
http://news.bbc.co.uk/newsbeat/hi/technology/newsid_7773000/7773340.stm
You can keep up to date, particularly about malware present in some downloadable pirated software, at the Securemac site:
http://www.securemac.com/
There may be other ways of guarding against Trojans, viruses and general malware affecting the Mac, and alternatives will probably appear in the future. In the meantime the advice is: be careful where you go on the web and what you download!
If you think you may have acquired a Trojan, and you know its name, you can also locate it via the Terminal:
http://theappleblog.com/2009/04/24/mac-botnet-how-to-ensure-you-are-not-part-of- the-problem/
As to the recent 'Conficker furore' affecting Intel-powered computers, MacWorld recently had this to say:
http://www.macworld.co.uk/news/index.cfm?email&NewsID=25613
Although any content that you download has the possibility of containing malicious software, practising a bit of care will generally keep you free from the consequences of anything like the DNSChanger trojan.
1. Avoid going to suspect and untrusted Web sites, especially p'orn'ography sites.
2. Check out what you are downloading. Mac OS X asks you for you administrator password to install applications for a reason! Only download media and applications from well-known and trusted Web sites. If you think you may have downloaded suspicious files, read the installer packages and make sure they are legit. If you cannot determine if the program you downloaded is infected, do a quick Internet search and see if any other users reported issues after installing a particular program. A recent example is of malware distributed through innocent looking free screensavers: http://www.zdnet.com/blog/security/malware-watch-free-mac-os-x-screensavers-bund led-with-spyware/6560?tag=nl.e589
3. Use an antivirus program like ClamXav. If you are in the habit of downloading a lot of media and other files, it may be well worth your while to run those files through an AV application.
4. Use Mac OS X's built-in Firewalls and other security features.
5. Stop using LimeWire. LimeWire (and other peer-to-peer sharing applications and download torrents) are hotbeds of potential software issues waiting to happen to your Mac. Everything from changing permissions to downloading trojans and other malicious software can be acquired from using these applications. Similar risks apply to using Facebook, Twitter, MySpace, YouTube and similar sites which are prone to malicious hacking: http://news.bbc.co.uk/1/hi/technology/8420233.stm
6. Resist the temptation to download pirated software. After the release of iWork '09 earlier this year, a Trojan was discovered circulating in pirated copies of Apple's productivity suite of applications (as well as pirated copies of Adobe's Photoshop CS4). Security professionals now believe that the botnet (from iServices) has become active. Although the potential damage range is projected to be minimal, an estimated 20,000 copies of the Trojan have been downloaded. SecureMac offer a simple and free tool for the removal of the iBotNet Trojan available here:
http://macscan.securemac.com/files/iServicesTrojanRemovalTool.dmg
Also, there is the potential for having your entire email contact list stolen for use for spamming:
http://www.nytimes.com/2009/06/20/technology/internet/20shortcuts.html?_r=1
NOTE: Snow Leopard, OS 10.6.x, offers additional security to that of previous versions of OS X, but not to the extent that you should ignore the foregoing:
http://www.apple.com/macosx/security/
Apple's 10.6.4 operating system upgrade silently updated the malware protection built into Mac OS X to protect against a backdoor Trojan horse that can allow hackers to gain remote control over your treasured iMac or MacBook.
http://www.sophos.com/blogs/gc/g/2010/06/18/apple-secretly-updates
Finally, do not install Norton Anti-Virus on a Mac as it can seriously damage your operating system. Norton Anti-Virus is not compatible with Apple OS X.

Similar Messages

  • Malware and Anti-virus software

    Recently, there has been news about a particular trojan that infects the Mac using a gap in the Java software.  I haven't heard or seen much about it on the support communities or the security software websites, other than Sophos.  Apparently the problem has been solved for the later versions of OS X, but I am curious if versions prior to 10.6 are affected?  Does anyone know?

    John L Lewis wrote:
    Recently, there has been news about a particular trojan that infects the Mac using a gap in the Java software.  I haven't heard or seen much about it on the support communities
    Considering that there are around a dozen or more threads on the subject, some of them running to 100s of posts, I find that a little surprising!
    In theory, yes you can be infected. It's difficult to say what's the best way to stop it as there have now been so many variations, but the latest one uses a Java vulnerability to install a downloader which then 'phones home' and presumably loads the main malware package.
    Turning off Java in all browsers via the preferences settings should be sufficient to stop that variation (the latest update isn't available to anyone on 10.6.7 or earlier).
    Earlier versions have used JavaScript to attempt the same, giving fake Adobe Flash installers or fake ssl certificates or other other means to try to get you to enter your admin password and give the trojan access.
    Unfortunately JavaScript (which has nothing whatever to do with Java) is widely used and essential for many sites, so disabling it completely really isn't an option.
    However, FireFox with the NoScript extension gives you a good degree of control over what you allow to run, and the AdBlock+ extension can disable many of the fake ads used to induce you to download.
    Little Snitch is also very useful - it warns you of any processes attempting to dial out, and can give early warning if a downloader has slipped by your guard.
    One of the more comprehensive threads is here; https://discussions.apple.com/message/18036792#18036792
    That gives various terminal commands that may be useful in determining if there's any infection.
    One symptom of earlier versions was menu items turning to number strings.
    As for AV software, it's not really worth the bother as the detection is so far behind the curve you're almost certain to see symptoms before the AV definitions have caught up. Also, most AV applications are worse than the malware in terms of slowing your system and some are downright damaging (stay away from Norton in particular).

  • Question:  Do I need to run and anti virus program with MAC OSX Lion? Have heard different opinions! If so what would you recommend? Was looking at Sophos. Does anyone have any experience with this? Thanks

    Question:  Do I need to run and anti virus program with MAC OSX Lion? Have heard different opinions! If so what would you recommend? Was looking at Sophos. Does anyone have any experience with this? Thanks

    Do I need to run and anti virus program with MAC OSX Lion? Have heard different opinions!
    You will continue to hear different opinions here, where thoughts range everywhere between "anti-virus software is the evil spawn of Satan" to "anyone not running anti-virus software is a fool."
    Truth is, this is still a very personal decision on a Mac. Depending on circumstances, it is still very easily possible to stay safe without using anti-virus software, but circumstances and personal preferences vary widely. Besides which, anti-virus software cannot even remotely provide you a guarantee of protection!
    To learn how to stay safe (with or without anti-virus software), and how to decide whether to use anti-virus software, see my Mac Malware Guide.

  • What is the best mac cleaner and anti virus for mac pro.

    what is the best mac cleaner and anti virus for mac pro.

    OS X already includes everything it needs to protect itself from viruses and malware. Keep it updated with software updates from Apple.
    A much better question is "how should I protect my Mac":
    Never install any product that claims to "speed up", "clean up", "optimize", or "accelerate" your Mac. Without exception, they will do the opposite.
    Never install pirated or "cracked" software, software obtained from dubious websites, or other questionable sources. Illegally obtained software is almost certain to contain malware.
    Don’t supply your password in response to a popup window requesting it, unless you know what it is and the reason your credentials are required.
    Don’t open email attachments from email addresses that you do not recognize, or click links contained in an email:
    Most of these are scams that direct you to fraudulent sites that attempt to convince you to disclose personal information.
    Such "phishing" attempts are the 21st century equivalent of a social exploit that has existed since the dawn of civilization. Don’t fall for it.
    Apple will never ask you to reveal personal information in an email. If you receive an unexpected email from Apple saying your account will be closed unless you take immediate action, just ignore it. If your iTunes or App Store account becomes disabled for valid reasons, you will know when you try to buy something or log in to this support site, and are unable to.
    Don’t install browser extensions unless you understand their purpose. Go to the Safari menu > Preferences > Extensions. If you see any extensions that you do not recognize or understand, simply click the Uninstall button and they will be gone.
    Don’t install Java unless you are certain that you need it:
    Java, a non-Apple product, is a potential vector for malware. If you are required to use Java, be mindful of that possibility.
    Disable Java in Safari > Preferences > Security.
    Despite its name JavaScript is unrelated to Java. No malware can infect your Mac through JavaScript. It’s OK to leave it enabled.
    Block browser popups: Safari menu > Preferences > Security > and check "Block popup windows":
    Popup windows are useful and required for some websites, but popups have devolved to become a common means to deliver targeted advertising that you probably do not want.
    Popups themselves cannot infect your Mac, but many contain resource-hungry code that will slow down Internet browsing.
    If you ever see a popup indicating it detected registry errors, that your Mac is infected with some ick, or that you won some prize, it is 100% fraudulent. Ignore it.
    Ignore hyperventilating popular media outlets that thrive by promoting fear and discord with entertainment products arrogantly presented as "news". Learn what real threats actually exist and how to arm yourself against them:
    The most serious threat to your data security is phishing. To date, most of these attempts have been pathetic and are easily recognized, but that is likely to change in the future as criminals become more clever.
    OS X viruses do not exist, but intentionally malicious or poorly written code, created by either nefarious or inept individuals, is nothing new.
    Never install something without first knowing what it is, what it does, how it works, and how to get rid of it when you don’t want it any more.
    If you elect to use "anti-virus" software, familiarize yourself with its limitations and potential to cause adverse effects, and apply the principle immediately preceding this one.
    Most such utilities will only slow down and destabilize your Mac while they look for viruses that do not exist, conveying no benefit whatsoever - other than to make you "feel good" about security, when you should actually be exercising sound judgment, derived from accurate knowledge, based on verifiable facts.
    Do install updates from Apple as they become available. No one knows more about Macs and how to protect them than the company that builds them.
    Summary: Use common sense and caution when you use your Mac, just like you would in any social context. There is no product, utility, or magic talisman that can protect you from all the evils of mankind.

  • I have a brand new ipad2 connecting to iTunes 10.7 for the first time... It is not recognizing it in iTunes. It on windows and anti virus is off.  What do I need to do?

    I have a brand new ipad2 connecting to iTunes 10.7 for the first time... It is not recognizing it in iTunes. It on windows and anti virus is off.  What do I need to do?

    On the apple website that is correct i beleive.... but i have an italian american express and am able to purchase stuff here in the US.
    I mean, i dont think it really matters

  • Do i need to install and anti virus software on my macbook air? if yes, which one should i install?

    Do i need to install and anti virus software on my macbook air? if yes, which one should i install?

    Welcome to Apple Support Communities
    OS X has got its own security systems, so you don't need any antivirus. Furthermore, they will only slow down your computer. If you want more information, read > http://www.thesafemac.com/mmg
    If you want an antivirus, install ClamXav, but you don't need an antivirus

  • How to make the mobile application work with firewall and anti-virus ON

    Hi,
    I keep on receiving internal processing error when i try to login sap mobile solution 1.3.0 on my ipad and i was provided a solution, that is to turn off my firewall and antivirus. I works by turn off both of it but i cant possible turn of the firewall and antivirus on the server.
    Can anyone guide me how to make the mobile application work with firewall and anti-virus ON
    Thank you

    Dear Rajesh,
    Create a policy in your fire wall to allow the port to send and receive data.
    I believe the port for the mobile should be port 8080 and 8443.
    And your license server port 30000 and 30001
    nd.Q

  • Anti-spam and anti-virus suggestions

    I would like to ask and get some feedback about the free anti-spam and anti-virus tools which integrate with the Java Messaging System from Sun. I would also like to express my concern with SpamAssassin since I suspect it uses too much system resources. But, anyway, if it blocks the spam with a higher percentage compared to other solution(s), then I would forget about how much resource it requires as long as it is in reasonable amounts.
    Please send me your comments,
    Thanks!

    Hi,
    Following on from what Jay said, SpamAssassin can indeed use a lot of resources if badly managed. This includes using large numbers of rulesets especially if they add very little to the overall score, and simpler things such as not using a local DNS cache. SpamAssassin if tuned well and if your system has a reasonable amount of RAM (2GB or more) can work just fine.
    For example I ran x86 dual-CPU systems (less powerful then say an x4200) which were able to comfortably Spam (SpamAssassin) and Virus (Sophos Anti-virus) process 100-150K emails/day.
    At the end of the day you get what you pay for. I tried out the Sophos Anti-Spam/Virus solution (Puremessage which has its own messaging server channel from memory) and found it to be very competent & slightly more efficient then SpamAssassin. In this case the cost was the limiting factor.
    Regards,
    Shane.

  • Are there solutions to Compatibility Issues with Thunderbird, Windows 8.1 and Anti-Virus Software, e.g., MacAfee?

    Since I upgraded to Windows 8.1, Thunderbird freezes up and goes into "Not Responding" mode repeatedly every few minutes. My research indicates that it is a problem with compatibility with antivirus software, which obviously is needed with an e-mail program. How can this problem be solved, or is there an antivirus program that works seamlessly with Thunderbird and Windows 8.1?

    Personally I use ESET NOD32. It is not cheap, but it is unobtrusive and appears to get the job done. Originally I was drawn there for their server protection, but since I no longer have windows servers that need is gone, but I see no reason to change.
    Previously over the years I have used;
    * Norton (Found it just to much embedded into the operating system. Something went wrong with it and Windows would not boot.
    * Microsoft Security Essentials. Any application using large data files was unworkably slow. That included Thunderbird.
    * AVG It was just clunky and I did not like it.
    But the big issue these days is the products are not just anti virus, they are suites including firewalls, password managers/vaults and often spam and scam tools. It is usually these later tools that cause the most issues with the firewalls blocking anything but known versions of known software and spam tools that mess up because it has not had enough testing.
    Basically your on your own in selecting a product5. I can not recommend one. But I seriously question the need for mail scanning. Especially after that remarkable admission by Symantec regarding Norton's not scanning mail.
    Thunderbird does not run any scripts in mail, nor does it do anything with attachments before you open them and then it decodes them and places them in the temp folder where any good anti virus will scan them.
    Personally I suggest anti virus rather than security suite software. Especially so if you use Chrome or Firefox browsers and they both use Google lists of known malware and phishing site to block inadvertent visits.
    Windows has a firewall, your modem (over 90%) has one as well, those firewalls block ports, protocols and route traffic. Do you also need one that blocks programs?
    Mozilla products have a password manager, do you need another? And so the list goes on.

  • Best malware remover/anti-virus for OS X

    I think I downloaded Flash Player Pro (non-Adobe product) virus.  What is the best anti-virus/malware removal tool to use on Yosemite?

    What, specifically did you do? Fake Adobe Flash Player update alerts are very common. However, unless you went to the linked page, downloaded the fake update and then opened it, it could not harm you.
    If you did open something downloaded from that fake update site, it's unlikely to be malware. If it were malware, Mac OS X would have blocked it if it were known malware, and in this case anti-virus software wouldn't help you either.
    It's more likely that this fake update would have been adware, which is not well-detected by Mac OS X or anti-virus software. If you are having symptoms of adware (ads being injected in sites that should not have ads, redirects to a different search engine than the one you usually use, etc), then you should be able to remove it by following the instructions in my Adware Removal Guide.
    (Fair disclosure: I may receive compensation from links to my sites, TheSafeMac.com and AdwareMedic.com, in the form of buttons allowing for donations. Donations are not required to use my site or software.)

  • Bootcamp and anti-virus and is getting VMware or Parallel better?

    I am starting research that requires me to download File Warden in Windows, so I loaded Windows onto my Mac by using bootcamp. Is this partitioned hard drive that is now I guess a mini-PC in my Mac require its own anti-virus programs and such?
    Also, the research program that I will be using will analyze the data using Excel, so I guess I would also have to download Excel into Windows. However, if I just got VMware or Parallel, and ran the research program on my Mac, would that data be converted automatically to "Numbers" which I have on my computer? If I used VMware or Parallel would I still need anti-virus?
    Apologies if these questions are obvious, I'm new to this.
    Message was edited by: karym

    Yes you need AV/anti-malware.
    http://www.microsoft.com/Security_Essentials/
    You need to buy and install Office though you might want to see if Office 2011 for Mac will do for your needs.
    I would guess Numbers is not going to do more than import and may or may not be suitable.

  • Whats the best Mal-ware and anti virus program that will check all of programs and see if there's anything hanging around from surfing

    asdaa

    I will dissent. For a one time scan you could run Sophos. It will probably only pick up something meant for Windows, if at all, and it may throw a false positive at you, so don't be in a hurry to delete anything. I see you're running 10.8, which has some built in protection, but since it's an '09, you probably migrated stuff over from an earlier OS or Mac and it's also possible you weren't (or haven't been) observing safe browsing techniques, so it may find something genuine.
    http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-ed ition.aspx
    For the Sophos forum in order to get more help, if needed.
    http://openforum.sophos.com/t5/MacTalk/ct-p/FTT_MAC
    When done, you can leave it if it's not causing any problems (but not set to auto scan) or uninstall it.
    http://openforum.sophos.com/t5/Sophos-Anti-Virus-for-Mac-Home/Removing-Sophos-An ti-Virus-for-Mac-Home-Edition/td-p/37/page/7
    And don't let any A-V allow you to become complacent. It's only going to find something already catalogued, but it won't find any brand new threats.
    Also, make sure you do not run Java (not JavaScript) in the browser. (Or just don't install the plugin, to begin with.) That would be asking for big trouble. Java is buggy and relentlessly exploited by malware.
    Also, pay attention to updates in all your most used applications, Flash included.
    Message was edited by: WZZZ

  • IPS and anti-virus

    Does the IPS prevent viruses? So we do not require anti-virus on endpoints?
    Thanks
    Hilary

    Hi Hilary,
    To add on ISE, the Cisco ISE supports posture assessment of clients. Posture assessment allows inspecting security “health” of the PC and MAC clients. This includes checking for installation, running state, and last update for security software, such as anti-virus, anti-malware, personal firewall. It also ensures the operating systems are patched appropriately.
    In addition, ISE posture policies can check for additional custom attributes, like files, processes, registry settings, and applications. Taken together, these features provide ISE with the ability to determine the security “health” of a client that is trying to access your network. ISE uses posture policies to determine the access rights and remediation options that should be provided to clients.

  • Since download of Firefox Hello desktop & laptop both on Windows 7 are very slow even after refresh, download history removed and anti virus software turned off

    Since download of Firefox Hello my home desktop & laptop, both on Windows 7, are very slow to open. I have refreshed firefox, removed download history and turned off the anti virus software in extensions. All the plugins are up to date. Can we revert back to Firefox without Firefox Hello?

    Firefox Hello is simply a wrapper for technology already in Firefox, it doesn't negatively impact performance if you aren't using it. Are you saying that your entire computer is slow or just Firefox?

  • My operating system is windows 2002, how can i provide and anti-virus protection, is it possible to get help for this obsolete system?y

    is it possible to get an anti-virus program for an obsolete operating system. Mine is windows xp 2002. i can't download a compatible service pack to compensate for the anti-virus program that i have or the one available for download provided by my internet server. are there any free, or for purchase, downloads available for the system i have. The anti-virus product i have says that i must have a service pack 2. the current one on my computer is service pack 1. The anti-virus provided thru my internet carrier says that i must have windows 7 or enternet explorer of at least 6.0 or higher or FireFox 3.6 or better, but i'm unsucessful with any attempts i've tried. so is there any help or i'm i stuck with this old system until my finances improve for a better one?
    Thanks

    Unfortunately, there are many reasons why the PSE Editor might crash, and often it is hard to diagnose quickly the reason for the crash.   Here are some steps you can take to try to fix the problem:
    http://www.johnrellis.com/psedbtool/photoshopelements-6-7-faq.htm#_Troubleshooting_Editor_ crashes

Maybe you are looking for

  • Undo History

    In AA 1.5 in the Edit view when the mouse was hovered over the Undo/Redo buttons a pop up told you what you were about to undo. Please can we at least have th.is function back. Even better would be a full undo history for both Multitrak and Edit view

  • Will there be a universal phone with 4G/LTE + Current CDMA + Foreign GSM?

    This would be a true universal phone, yet I see none on the horizon: http://www.phonearena.com/phones/carriers/Verizon/upcoming This would seem an obvious great niche to fill...  So where is this phone?  Any ideas why this niche isn't being filled? 

  • Global Trust Between WebLogic Domains ?

    Hi there, Need clarification on "Global Trust between weblogic domains " My scenario : WebLogic Version installed                : 10.3.5.0 Linux physical machines                     :  2           x - machine           y - machine Now, I've created

  • Query to find first and last call made by selected number for date range

    Hi, query to find first and last call made by selected number for date range according to filter: mobile_no : 989..... call_date_from : 25-april-2013 call_date_to : 26-april-2013 Please help

  • Stuffit part 2

    I need to make my question simpler. I have 5 pdf's that i need to compress to send out via email, how do i do this? I have stuffit expander but all i can get it to do is expand! Please help! kat