Our fidelity web site was hacked into. Fidelity figured it out quickly but have shut us off until we do a professional cleaning of all our Mac products. We need to do virus/malware scanning how do you do this?

I use INTEGO - written for the Mac - as you are a company or seem to be go to their Web site & check it out (they will probably also help you with what you need.)

If you are using Windows software on the Mac that is one way to get malware.

Intego scans for Mac, windows, Linux malware.

maybe thomas_r. will stop by with some advice.

dkaitz wrote:

We recently converted all our products to Mac's and were told they rarely get Malware or Virus's. However yesterday someone was able to get into our investment accounts at Fidelity. Fidelity caught on quickly but have shut down our accounts until we get all our computers professionally cleaned. We need to do a virus/malware scan. How does one do this with a mac? Any thoughts on how they got our passwords through the Mac?

Fidelity may be saying professionally cleaned - because they have found a resistance to the concept of Malware on a mac.

Did see a blip on network news about 1 month ago that Apple had to pull some apps (think it was a small number --maybe 4 tops but still) because the apps had malware in them - hopefully the purchasers were advised of the problem.

You do not need individual computer virus scans. You need professional IT Security help. I doubt it was an individual computer that suffered the breach. It was likely your security policies, server/database configuration and design, or network design/policies. It may even have been social engineering that caused the breach.

So instead of thinking you know the cause, virus on some computer, and spinning your wheels, get professional help.

"Any thoughts on how they got our passwords through the Mac?" It was in all likelihood not because of a virus on a computer.

There is so little chance that your computer is infected with password-stealing malware that trying to check for it would be a waste of time. If you want to check anyway, you need the services of a consultant in forensic computing. Running any kind of commercial "anti-malware" software is worse than doing nothing. All such software is useless.

In almost every case, this kind of incident has one of the following causes:

1. An account number or password was stolen by someone to whom you knowingly disclosed it.
2. The service provider had an internal security breach that it either doesn't know about or is trying to blame on its customers.
3. You set a weak account password that someone was able to guess, or you chose weak security questions, or you used the same password for more than one account.
4. You fell for a phishing scam and the password was stolen.

Change the password to a random string of at least 10 characters, and never use that password for anything else. Any password that you can remember is too weak. If there are security questions on the account, the answers should also be random strings, and you have to make sure you don't lose them.

dkaitz wrote:

Any thoughts on how they got our passwords through the Mac?

I would suspect Fidelity being hacked before your Mac.

Who setup your Macs?

Is remote desktop allowed?

As Fidelity tracked it back to you & you imply multiple Fidelity accounts -- are you/your people keeping a list on the macs? in plain text?

Do you leave the macs powered on all the time -- found some notes that Prior to Tiger you had to do that to run Unix cleanup during the early morning hours - but since Tiger it is not necessary - you mac will not do it when sleeping - only when it wakes up.

Apparently from some snippets found on general internet search - mac does keep track of malware for macs - but the security updates would not be the same as say Intego -- written for the mac and updating once or twice a week. Intego has a page to report suspected malware & and they also share with other security companies and probably apple.

Make sure, if you hire a consultant - that they are mac people as opposed to windows with a splash of mac.

notcloudy wrote:

Who setup your Macs?

Is remote desktop allowed?

As Fidelity tracked it back to you & you imply multiple Fidelity accounts -- are you/your people keeping a list on the macs? in plain text?

Do you leave the macs powered on all the time -- found some notes that Prior to Tiger you had to do that to run Unix cleanup during the early morning hours - but since Tiger it is not necessary - you mac will not do it when sleeping - only when it wakes up.

Apparently from some snippets found on general internet search - mac does keep track of malware for macs - but the security updates would not be the same as say Intego -- written for the mac and updating once or twice a week. Intego has a page to report suspected malware & and they also share with other security companies and probably apple.

Make sure, if you hire a consultant - that they are mac people as opposed to windows with a splash of mac.

Do you work for or own stock in Intego? Several posters here have said that it is not likely a Mac virus that is causing the breach. An antivirus program will not solve the OP's issue. It is social engineering, systems engineering, database engineering, network engineering, policies, or some other systems issue. The OP does not need a "Mac antivirus" solution they need a Systems Security Solution.

BobTheFisherman wrote:

Do you work for or own stock in Intego? Several posters here have said that it is not likely a Mac virus that is causing the breach. An antivirus program will not solve the OP's issue. It is social engineering, systems engineering, database engineering, network engineering, policies, or some other systems issue. The OP does not need a "Mac antivirus" solution they need a Systems Security Solution.

I don't work for them - or have stock - I use them.

Malware is getting more creative - and Apples APP store did have some apps that had malware in them -- it was in the news.

Intego can be setup to check for Windows and Linux malware along with Apple Malware - a plus as mac product can forward malware they may not catch.

With mac users running windows product and probably linux - it pays to be covered.

dkaitz wrote:

We need to do a virus/malware scan.

No, you don't. Not only will it be a waste of time and / or money, installing a non-Apple "anti-virus" product will leave both you and your Mac more vulnerable to malware intrusion and identity theft.

You have already been provided some possible reasons your account was breached, to which I would add the possibility of your wireless router or access point being maliciously tampered with or your wireless network password discovered. Either one would enable the kind of information security breach you describe. Any router that uses a web page for configuration are vulnerable to that kind of intrusion.

In no case should you install anything or allow anyone to "clean" your Mac, professionally or otherwise. If you decide to take such action yourself, you should accept nothing short of completely erasing it and rebuilding your system from the ground up, which will do nothing to address other, more likely causes. As I wrote through the likelihood of the information breach being the result of something nefarious installed on your Mac is low... unless you already installed some ill-conceived "anti-virus" or "anti-malware" product, in which case it becomes possible.