Why it matters to you
You might think that malware is only for Windows and your Mac is safe, but Malwarebytes has found the first Mac malware of 2017. Securing your Mac might be a good idea.
Apple’s MacOS, once known as OS X, is believed by many to be completely free of malware — so free, in fact, that you don’t need to run any kind of software to protect against it. That’s for those Windows users to worry about.
MacOS is indeed less of a target than Windows 10, and whether that’s because it’s used on less than 8 percent of all PCs or that it’s inherently more secure has been a topic of some debate. Nevertheless, the fact is that you’re not completely worry-free running a Mac. And now, some researchers at security software company Malwarebytes have found the first piece of MacOS malware for 2017.
Malwarebytes was informed of the new malware by a particularly perceptive IT administrator, who noticed that one of his Macs was engaging in some unusual network traffic. As Malwarebytes staff looked into things, they discovered a piece of malware written with “antiquated code” that had likely existed — primarily on biomedical research center computers — for some time.
The code is simple but ingenious, made of only two files but capable of communicating with a remote command and control server, and of taking screenshots and sending them along. Some of the code made calls to functions that haven’t existed since before OS X, marking the code as evidence that Macs have indeed suffered from malware since the earliest days. But it’s not been untouched since its creation, with code referencing OS X 10.10 Yosemite.
Regardless of whether the malware is really that old or just appears to be, it’s relatively easy to discover and eradicate. Malwarebytes’ own software will do the job, detecting it as OSX.Backdoor.Quimitchin. As the company summarizes, “Ironically, despite the age and sophistication of this malware, it uses the same old unsophisticated technique for persistence that so many other pieces of Mac malware do: a hidden file and a launch agent. This makes it easy to spot, given any reason to look at the infected machine closely (such as unusual network traffic). It also makes it easy to detect and easy to remove.”
Apple itself is aware of the malware, calling it “Fruitfly,” and has since released an update to protect against future infections. The moral of the story, of course, is that although you might think your Mac is less of a target than Windows 10, you’ll want to make sure to keep an eye on things because malware does exist for MacOS. You should consider running some kind of malware software on your Mac, and scan it periodically with an application like Malwarebytes to make sure you’re not infected.