OSX Malware Vectors

Don’t Panic! I know that this topic can get complex and technical very quickly. But the goal of this blog post is to give information to users who have never actually removed malware from their Mac. You seasoned Mac security professionals need not dawdle. You will most likely get bored.

The point is, even a novice user can drastically reduce the chance of getting their iMac infected with Malware if they have a basic understanding of OSX Malware Vectors. I hope this Blogs helps them with that understanding.

What is a Vector?

Look at biology for understanding

an organism (such as an insect) that transmits a pathogen from one organism or source to another”

https://www.merriam-webster.com/dictionary/vector

I know that sounds scary. It is supposed to. The use of biology terms to describe malicious software on a computer is no accident. The science used to plot the spread of infection between humans is very similar to process used to plot the spread of malicious software computers. (Stopping this train of thought before I have to break out the calculator or put you folks to sleep)

A Vector is how your computer comes in contact with the malware.

The Vector is the process that malware designers chose to get you to load the software onto your computer, with or without your knowledge. This could be anything from downloading a pirated copy of popular software to having a website ask you to install a seemingly harmless package that contains harmful software code

OSX malware Vector types

  • Fake Software
  • Fake Updates
  • Trojan Software (Existing software with some new code)
  • Pirated Applications

You probably noticed that in all these cases the user of the computer needs to actively install the software. Most of the time OSX users don’t accidentally install malware on their Macbook Air. But everyone has that day where they just click “OK” without thinking it through. It happens enough that people like me actually have to study malware.

I know it seems like these examples are the same thing. But when it comes to finding and removing malware, the difference is important.

Fake OSX Software

This is when the user discovers free software that does not actually do what is advertised or is not even the product it claims to be. The idea of the malware designer is to trick you into downloading and installing the software. The most famous of these is a fake version of WhatsApp. Fortunately, all the downloads from the Apple App store are certified safe and do not fall under this category. Mostly you only get into trouble when you go looking for a bargain or download from an unverified source.

Fake Updates

These are the most common OSX Malware Vectors I have encountered. They normally show up when you’re visiting a website and you receive an alert to download the latest version of “__________”. The most common infection comes from the Adobe Flash Player. I have also seen popups that ask you to update Safari, Firefox, Chrome or MS office.

If you get a pop-up, don’t hit the link. Go to the Apple App store or directly to the actual website of the software. And just stop updating Flash. It has been so compromised, even the original designers of the legitimate software won’t support it anymore.

Trojans

This kind of OSX malware Vector happens when legitimate software is bundled with a sneaky surprise. This means that a malware scan on the installed application itself will not show anything wrong. But the installer script used to add that software to your computer will unknowingly install a nasty surprise while installing the software you actually want.

Like above you can avoid Mac Trojans by only installing software from the Apple App store or making sure that the software you are installing is from certified Apple Developers. (OSX does this automatically through Gatekeeper)

Pirated software

Also know as the “You should have known better” Vector. I try to avoid chastising people on this blog but this one makes me shake my finger at you.

A common malware strategy is to attach malicious code at the same time as modifying it so you no longer have to pay to activate it. Pirated versions of expensive software are the most commonly infected softwares because they will attract more victims.

You get what you pay for. Free sounds great until you pay for that illegal copy with a nasty surprise. Common examples of pirated software that contain malware are:

  • Adobe Photoshop
  • MS Office for Mac
  • Ableton Live

Just buy legitimate versions of the software directly from the Apple App Store or the software distributors. Or, if you are like me and have a tight budget, find and learn open-source applications that do the same thing as the common softwares for free.

Understanding OSX malware Vectors is the key to avoiding infection

Mac Malware removal

Honestly, the key Vector for malware on your Mac is YOU! Sorry to say this but it is true. Mac malware almost always requires you to take some action to infect your computer. (Not always the case and new methods of infection are being created as we speak, but as a general rule it applies). Being careful about who uses your computer and where you source your software is the key to protecting your Apple computer, and your private data, from harm.

If you think that your Apple computer has been infected by malware and you are in the Upper Blue Mountains, Katoomba, Lithgow or Bathurst areas, contact us.

[hubspot portal=”8099725″ id=”c86c3a05-d1b4-4068-8ba1-40c76785443c” type=”form”]

More from MacMason