12 Replies Latest reply: Apr 14, 2012 4:15 PM by Linc Davis
mouse_sg Level 1 (0 points)

Is anyone using virus protection for MAC Lion OS X now that a scare has been mentioned in the news media this week?  If yes; any suggestions?

  • djmordigal Level 2 (185 points)

    I don't use any. Apple released a patch for Java recently so since then I haven't worried about it. But if you want to use protection software, you can try Sophos Anti-Virus for Mac (free/no trials, etc).

  • Level 8 (41,745 points)

    Klaus's Tip Page has some of the best information on Mac OS X protection.  The Flashback problem is discussed at length on these communities if you care to use the Search communities function on the right.

  • mouse_sg Level 1 (0 points)

    Sophos was mentioned at one of my one-on-one classes but it's always nice to get others opinions.  I have only used PC's but just bought a MAC desktop.  I still have the virus jitters I suppose.  I hate virus protection software quite frankly and don't want to have to use it but I like having protection still the same.  I do love my MAC!


    Thanks for your help.

  • MAC ATTACKED Level 1 (5 points)

    Nothing that works.  I have been hit a couple of times and am dealing with all sorts of issues at present.  Maybe this time the community might take a closer look.




    I have discovered XCODE applications running on my machine that are acting maliciously.  XCODE can be downloaded from the Apple store and have all sorts of applications and wizards that can help you build custom applications to hack a MAC or install tracking software.


    I am sure many of the stuff out there (see below) has been created using APPLE's own XCODE development tools.  In my case, they were able to get background instruments running to track everything that was happening then use debugging logs to fine tune their attack.



    http://ca.news.yahoo.com/blogs/right-click/mac-users-hit-global-trojan-malware-o utbreak-211940564.html


    Not sure what the future is but I have been compromised more than once and haven't found a way to stop it yet or even engage in a serious discussion.


    Best of luck.

  • thomas_r. Level 7 (30,650 points)

    Is anyone using virus protection for MAC Lion OS X now that a scare has been mentioned in the news media this week?  If yes; any suggestions?


    I will second the recommendation for Sophos, as well as mention ClamXav.  Both are free and excellent.


    As to whether you need anti-virus or not, that is still a very personal decision.  To help you make the decision, see my Mac Malware Guide.  You can also see About the Flashback malware for information specific to the Flashback outbreak.


    (Note that my pages contain links to other pages that promote my services, and this should not be taken as an endorsement of my services by Apple.)

  • MAC ATTACKED Level 1 (5 points)

    I would recommend Sophos as well.  Although it had crashed and was disable at the time I ran across the SABPAB trojan it seems to be up to the task now.


    http://nakedsecurity.sophos.com/2012/04/13/sabpab-new-mac-os-x-backdoor-trojan-h orse-discovered/


    It is my opinion that the recent widespread infestation (including 276 machine in Cupertino, Apple's home town) demonstrates that Apple may have enjoyed secure surfing in the past due to a lack of effort on the part of hackers rather than superior defences.


    In a world where Sony, Facebook, Sophos, Gemnet, Stratfor and others get hacked and reports of Jave, Linux, OSX, Microsoft, Adobe, Google Android vulnerabilities it makes sense to take some precautions.


    You don't have to hide but I recommend taking some precautions and doing your homework.

  • mouse_sg Level 1 (0 points)

    Are there any negatives to adding Sophos to a new os x lion 10.7.3 system?  I have asked our IT department who oversee our Macs in our graphics company & they tell me they are not concerned quite yet to a point of telling  me to add it. Macs are pricey and I like feeling safe. After years of only using PC's with protection I feel like I'm leaving my doors unlocked. Something I would never do in my home.

  • thomas_r. Level 7 (30,650 points)

    If you update Java and keep a vigilant eye out against malware trying to trick you, you should be able to get by without AV software.  All that is spelled out in the guide I referred you to earlier.  But Sophos is pretty good, I've been testing it myself and have had absolutely zero problems with it.

  • Linc Davis Level 10 (184,960 points)

    Mac OS X versions 10.6.7 and later have built-in detection of known Mac malware in downloaded files. The recognition database is automatically updated once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders. In most cases, there’s no benefit from any other automated protection against malware.


    The most effective defense against malware is your own intelligence. All known malware that affects an up-to-date Mac OS system takes the form of trojans that can only operate if the victim is duped into running them. If you're smarter than the malware attacker thinks you are, you won't be duped. That means, primarily, that you never install software from an untrustworthy source. How do you know a source is untrustworthy?


    • Any website that prompts you to install a “codec,” “plug-in,” or “certificate” that comes from that same site, or an unknown site, merely in order to use the site, is untrustworthy.
    • A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim.
    • “Cracked” versions of commercial software downloaded from a bittorrent are likely to be infected.
    • Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. No intermediary is acceptable.


    Disable Java (not JavaScript) in your web browser(s). Few websites have Java content nowadays, so you won’t be missing much. This setting is mandatory in Mac OS X 10.5.8 or earlier, because Java in those versions has bugs that make it unsafe to use on the Internet. Those bugs will probably never be fixed.


    Follow these guidelines, and you’ll be as safe from malware as you can reasonably be.


    Never install any commercial "anti-virus" products for the Mac, as they all do more harm than good. If you need to be able to detect Windows malware in your files, use ClamXav — nothing else.

  • cozar Level 2 (340 points)

    I second ClamXav. Used it for years. It`s free and has the ability to detect both Windows and Mac threats.

  • mouse_sg Level 1 (0 points)

    All the information everyone has provided has been extremely helpful.  Before reading any of this I had downloaded a version of Adobe Flash Player and I believe it was because one of the websites I was using said I needed it.  No, I did not go to the developers site and now I'm very stressed about it.


    So, Is there something I should do from here so I can sleep at night.  My computer seems to be working fine and I haven't had any issues.  I'm sure I was on a reputable site but can't remember now which one it was.



  • Linc Davis Level 10 (184,960 points)

    See this Apple support document:


    About Flashback malware


    Back up all data, if you haven't already done so.


    Select  ▹ Software Update to install the latest Java update (if Java is already installed) or the Flashback malware removal tool (if Java is not installed under Lion), as well as any other available updates. Installing either of those items should clear the infection in most cases. You must update to the latest version of Mac OS X 10.6 or 10.7 before you can install the Java update.


    The removal tool runs automatically in the background and is then deleted. Don’t look for something to click. If the malware is removed, you’ll be notified.