Forgot your password?
typodupeerror
This discussion has been archived. No new comments can be posted.

One In Five Macs Holds Malware — For Windows

Comments Filter:
  • Infected? (Score:4, Insightful)

    by Rosyna (80334) on Tuesday April 24, 2012 @12:20PM (#39783167) Homepage

    If the code never can run on Mac OS X, how can Mac OS X be infected? To Mac OS X, it'd just be a useless file full of some kind of data.

    • Re:Infected? (Score:5, Insightful)

      by StoneyMahoney (1488261) on Tuesday April 24, 2012 @12:23PM (#39783201)

      They may only be able to carry the germ without symptoms, but that still sounds like an infection to me.

      • Re:Infected? (Score:4, Insightful)

        by Joce640k (829181) on Tuesday April 24, 2012 @12:32PM (#39783369) Homepage

        ...but how is it 'transmitted'? That implies an installed transmitter, ie. malware.

        • Re:Infected? (Score:4, Interesting)

          by WrongSizeGlass (838941) on Tuesday April 24, 2012 @12:55PM (#39783749)

          ...but how is it 'transmitted'? That implies an installed transmitter, ie. malware.

          I guess we'd have to attach it to an email and send it along to them. Since it's can't act on its own, and it isn't active on the system, it's just sitting there like any other file on my Mac.

        • by mcgrew (92797) *

          It got on the Mac's drive somehow, probably by a downloaded file, which could easily be downloaded from the mac by a windows PC on the network. Say you're in the coffeeshop with your MacBook Pro and see what appears to be a usefull MS program, so you DL it to take home and install on your Windows box.

          But what I'm wondering is how your perfectly reasonable question was infected with a "flamebait" mod. Windows user with thin skin, maybe?

          • by Rosyna (80334)

            Actually,it probably got there because some infected windows host that was part of a botnet sent it via spam. In which case, the file is still just a useless bag of bytes stored with your email.

          • I finally installed a version of ClamAV on my Mac. I was surprised when it found more than a dozen viruses on my Mac. Interestingly these were all in my junk mail folder. I now do not feel so "infected".

        • Re:Infected? (Score:4, Interesting)

          by wkcole (644783) on Tuesday April 24, 2012 @11:01PM (#39790931)

          ...but how is it 'transmitted'? That implies an installed transmitter, ie. malware.

          A lot of Windows malware is transmitted via email, because there's a long history of Windows mail clients (most importantly Microsoft's crapware) being directly vulnerable and/or facilitating deceptive mail.

          I have a lot of Windows malware on my Macs because I have email addresses that have been used openly and actively for 20 years and so have made it onto all sorts of indiscriminate spamming lists that are used for malware distribution. Because mail abuse is a professional focus of mine, the archives of malware-bearing spam I have accumulated is a resource, not an infection. I'm not sure why anyone else would retain all of their junk forever, but many people do so. It is a rare hour when I can't identify a log entry from my mail server rejecting mail that is almost certain to be bearing malware, and a rare week when I don't have at least one spam slip through carrying some form of malware.

          If you dig down past the click-bait page referenced in the /. submission, the original source of this story is a blog post by Graham Cluley at Sophos: http://nakedsecurity.sophos.com/2012/04/24/mac-malware-study/ [sophos.com] and it includes a breakdown of the strains of Windows malware seen on Macs. The top 2 I recognize as mail-borne and some of the other named ones are likely to end up the browser cache of any carelessly wandering user. It is an act of irresponsible fearmongering by Cluley to say (as he does) in an unqualified way that these "can still be spread to others" and compare the 20% infection rate to the 20% rate of Chlamydia infection in young men in the UK. Those in men are infective, a Mac with a Windows trojan in its browser cache or junk mailbox is not.

      • Re:Infected? (Score:5, Insightful)

        by ashpool7 (18172) on Tuesday April 24, 2012 @12:50PM (#39783699) Homepage Journal

        Contaminated would be a better word, since the viruses have no way to spread or affect the computer.

    • Re:Infected? (Score:4, Informative)

      by Anonymous Coward on Tuesday April 24, 2012 @12:25PM (#39783221)

      In biological disease, there's a phenomenon called a carrier. For reasons unknown, the person is infected, but doesn't show any of the symptoms and never will. They are however able to infect others. As such, they are still considered infected. I think that's how the mac is considered infected.

      • Re:Infected? (Score:5, Insightful)

        by ColdWetDog (752185) on Tuesday April 24, 2012 @12:32PM (#39783377) Homepage

        In biological disease, there's a phenomenon called a carrier. For reasons unknown, the person is infected, but doesn't show any of the symptoms and never will. They are however able to infect others. As such, they are still considered infected. I think that's how the mac is considered infected.

        Macs are the computer equivalent of Typhoid Mary [wikipedia.org]?

        This should go over well.

        I'll just make some more popcorn.

        • Macs are the computer equivalent of Typhoid Mary?

          Totally invalid comparison. A Mac with say thousand potent windows viruses on its hard drive, connected to a network with Windows PCs, would not do any harm - because none of those Windows PCs would open any of those infected files.

        • Re: (Score:3, Funny)

          by hemo_jr (1122113)
          Typhoid Mary was not only a carrier, but contagious. She ended up being forcibly quarantined because she was killing too many people and she could not be cured of being infectious.

          In the case of the carrier Macs, they are not infectious, the infections can be removed, and the haven't killed anyone.
          • Re:Infected? (Score:4, Informative)

            by machinelou (1119861) on Tuesday April 24, 2012 @02:02PM (#39784851)
            Actually, she was forcibly quarantined twice. The first time was because she was spreading it without her knowledge. After at least a year, she agreed not to work as a cook and they let her go. A few years later, there was an outbreak of Typhoid in a hospital and when investigators arrived, they found Mary working in the kitchen. This time they forcibly quarantined her because she knowingly put others at risk. At the same time, there were a number of individuals in the New York area who were also showed no outward symptoms but were nonetheless infecting others. These individuals were not similarly incarcerated. Hence, in retrospect, incarcerating Typhoid Mary was more 'security theatre' than anything else. It was a visible but largely ineffective solution to a bigger problem.
            • Re:Infected? (Score:5, Insightful)

              by b4dc0d3r (1268512) on Tuesday April 24, 2012 @03:15PM (#39786095)

              Please don't inure people to the idea of "security theater". It really is a great description for a lot of what is being done publicly to pretend to do something, often at great expense, and frequently to the financial benefit of well connected people.

              She swore by affidavit not to cook, but returned to cooking. Under a different name. Her release as a carrier depended on her not cooking, which she didn't follow.

              She was the first carrier identified (at least in New York), and the policies evolved as more information came along. The effective solution to the bigger problem was to restrict carriers' activities, and Mary was used as the example of what would happen if you didn't comply. The rest were considered not justified for quarantine, again as more information was discovered.

              Making up policies as you go along, and having to fight an obstinate woman who refused to acknowledge her danger to others, is not even close to security theater. You may be able to call it "meting punishment based on public perception" since she became relatively famous, which is not a whole lot better.

              http://cythereabast.wordpress.com/2007/02/20/the-board-of-healths-exile-of-mary-mallon-was-it-justifiable/ [wordpress.com]

      • Re:Infected? (Score:5, Insightful)

        by Wild_dog! (98536) on Tuesday April 24, 2012 @01:45PM (#39784559)

        Not really similar since a carrier is replicating and spreding the disease. The disease cycle is still progressing even though a carrier doesn't know it and there are no ill effects for the carrier. The mac isn't even a dead end host like many parasitic infections which are not meant for humans. Those actually can cause a disease process that has symptoms.

        The malware on macs isn't replicating and spreading.

        It is more like someone picked got a piece of mail addressed to nobody with no forwarding address and it is in a pile of junk in a drawer. Unless someone gets it out of the drawer and sends it to someone else, there is not really a problem.

        • by vought (160908)

          It is more like someone picked got a piece of mail addressed to nobody with no forwarding address and it is in a pile of junk in a drawer. Unless someone gets it out of the drawer and sends it to someone else, there is not really a problem.

          That's exactly the right analogy. The vast majority of Windows malware found on Macs is in filed e-mails from Windows users. Seriously. If you never do anything with the mail again, it's not even comparable to a dormant bacillus like anthrax because there is literally zero chance of infection of the host being infected, and a zero chance of infecting others unless direct action is taken by the "host".

    • Re:Infected? (Score:4, Interesting)

      by masternerdguy (2468142) on Tuesday April 24, 2012 @12:25PM (#39783225)
      Correct but it does indicate mac peeps aren't particularly careful about what they download or what sites they visit. This is going to cause them problems later when we see more mac malware.
      • by quasipunk guy (88280) on Tuesday April 24, 2012 @12:34PM (#39783415)

        I'd wager the majority of the Windows malware "infections" are trojan exes from shitty porn sites.

        • Re:Infected? (Score:4, Insightful)

          by Billly Gates (198444) on Tuesday April 24, 2012 @02:27PM (#39785263) Journal

          I'd wager the majority of the Windows malware "infections" are trojan exes from shitty porn sites.

          The majority are from flash and java and javascript exploits by driveby downloads from infected servers or ads. Infact slashdot hosted a virus by a fake virgin mobile ad 3 weekends ago.

          Thank God I ran Avast!. If you are one of those types who feels they are virii free who are running Windows and reading this, well your system is 0wned if you came here 3 weekends ago. Oops

          Apple is easier to target for malware writters anyway because their users typically do not run anti virus software and feel safe clicking on shit anyway because the genius at the Apple Store said they are secure.

          Windows users know better and have anti virus software and run Windows 7 (hopefully if they are home users) with full updates.

          • by vought (160908)

            Apple is easier to target for malware writters anyway because their users typically do not run anti virus software and feel safe clicking on shit anyway because the genius at the Apple Store said they are secure.

            Credibility fail troll. You meant trojan, right? Because zero Mac viruses (self-spreading and replicating) exist. There's one widespread Mac trojan which masqueraded as a Flash installer with an Adobe logo - because, you know, Mac users are all stupid and clicking on shit like installers from major software vendors.

            Malware "writters" must be busy doing something else, eh?

      • Correct but it does indicate mac peeps aren't particularly careful about what they download or what sites they visit. This is going to cause them problems later when we see more mac malware.

        This is very true. Mac users generally surf the web with a complacent sense of impunity from malware.

      • by Bert64 (520050)

        Why should mac users be careful about downloading files which are harmless and/or useless to them?
        There are plenty of pieces of malware sent via email (i receive several per day) as well as websites which trigger an automatic download (although obviously it cannot execute, so it just sits in the download dir)... I imagine many users never bother to clean this junk up because its harmless to them, whereas a windows users would either become infected, or have it removed automatically by their anti-malware app

    • Re:Infected? (Score:5, Insightful)

      by jdgeorge (18767) on Tuesday April 24, 2012 @12:25PM (#39783233)

      True - if it's inert, it's not really an infection. However, this is why you see Linux workstations running anti-virus software in an enterprise environment. It's not because your Linux system will get "infected"; it's so your Linux system won't inadvertently infect vulnerable systems.

    • Re:Infected? (Score:5, Insightful)

      by tlhIngan (30335) <.slashdot. .at. .worf.net.> on Tuesday April 24, 2012 @12:28PM (#39783301)

      If the code never can run on Mac OS X, how can Mac OS X be infected? To Mac OS X, it'd just be a useless file full of some kind of data.

      The same way lots of people are infected with some very potent diseases. It's just they're immune to it, so they're really just carriers of the disease. Heck, isn't something like chickenpox able to hide for decades in people only to infect those who haven't had it yet?

      Heck, I'd be the rates of Linux infection are the same - Linux is immune to practically all malware, but it certainly can be a carrier of them. Heck, if you think about it, Linux may cause the spread of it (via Linux-based email servers)

      • Re:Infected? (Score:4, Informative)

        by Daniel Dvorkin (106857) on Tuesday April 24, 2012 @12:43PM (#39783567) Homepage Journal

        The same way lots of people are infected with some very potent diseases. It's just they're immune to it, so they're really just carriers of the disease. Heck, isn't something like chickenpox able to hide for decades in people only to infect those who haven't had it yet?

        Not really comparable. Carriers are still infected, in the sense that the pathogens can still reproduce inside their bodies; they just don't show any symptoms, presumably because their immune systems are capabable of keeping the infection at a subclinical level. Malware infections, OTOH, are, well, binary -- a system is either infected or it's not.

        The "Macs" that are infected with Windows malware, it sounds like, are really Apple-branded machines running both OS X and Windows, through dual-booting or with something like Parallels. The only thing comparable in medicine would be if someone were a chimera of different species, vulnerable to two different sets of diseases and with two different immune systems to deal with them, and both the diseases and the immune systems switched places throughout the day. IOW, there's really no such thing.

      • by Wild_dog! (98536)

        Infected is not equivalent to immune.
        Immune means your body kills off the disease and you don't have it anymore.
        Chicken pox is like a herpes virus. It is able to hide itself from immune attack and will only surface when immunity gets messed up somehow.

        Chicken pox gets supressed and hides in your neurons. People who get their immunity compromised temporarily let the virus replicate. It travels down the neurons and causes skin erruptions known as shingles. Shingles lesions contain live chicken pox virus which

      • by s.petry (762400)

        People like you are frustrating because what you claim has some truth, but actually has no value in the root issue. Let me try to explain this in a different way.

        You run Mac or Linux, and receive email. Spammer sends you an email that has an embedded file "hackme.jpeg.exe".

        You sitting in your world keep it in your inbox. Even if you tried to preview the file, it would not execute. It's just there in the mail file.

        Now, run a virus scanner on your Mac or Linux. OMG, you are infected right? That's what t

    • Re:Infected? (Score:5, Informative)

      by phantomfive (622387) on Tuesday April 24, 2012 @12:40PM (#39783511) Journal
      After going through the links to find a better source [sophos.com], I think I understand what happened.

      The study comes from Sophos, with data collected from computers which downloaded their free anti-virus for Mac.

      The most commonly found malware on the Macs was apparently fake antivirus scareware. My guess is that a lot of users saw the fake browser popup telling them a virus was found, and then clicked on it. This started a download which didn't run, but now they have a malware binary in their download directory that they can't use.

      These are the people who downloaded free anti-virus from Sophos. No correlation.
    • It's actually the wrong terminology.

      The Mac system has been contaminated with the Windows virus, which, to use the "viral" analogue, doesn't have the correct DNA to infect the host.

      In the same way that a farmer which has been handling sheep with Foot and Mouth disease can become contaminated and pass the infection onto another sheep the Macs which have been contaminated with the disease can potentially pass the infection on, especially if it's infected Microsoft Office documents.
      • by Wild_dog! (98536)

        Contaminated is actually a more apt description as you say although even if contaminated it can't rub off as Foot and Mouth contamination can exactly.

    • by kurt555gs (309278)

      Typhoid iMary.

    • by mcgrew (92797) *

      To stretch the "virus" analogy a bit, if you harbor a virus yet are immune to it you are in fact infected; you are a carrier. You won't get sick, but you'll make everyone else lacking that immunity sick.

      However, that is a stretch. You can't infect a Mac with a Windows virus, of course. But a virus-ridden file can be on a Mac's drive. This would be problematic for someone who uses both Mac and MS. But I wouldn't call just having a file on your hard drive an "infection".

  • Passive carriers (Score:5, Insightful)

    by sandytaru (1158959) on Tuesday April 24, 2012 @12:25PM (#39783231) Journal
    Isn't that like 90% of tuberculosis infections? Many people are infected, but only ten percent or so ever develop an active infection, and the rest of them never develop the diseased form at all.
    • by oneiros27 (46144) on Tuesday April 24, 2012 @12:37PM (#39783467) Homepage

      Yep. When I changed virus scanners a few years back, it found hundreds of infections on my system ... because I save my spam for when I need to train new filters.

      The bigger problem is going to be people with infected files on a webserver that they're serving to the world ... JPEG exploits, word macro viruses, etc.

      And it's compounded by the fact that some virus scanners don't bother scanning for older infections, so they can save CPU cycles & size of the virus definitions.

  • This is true. (Score:4, Interesting)

    by Tokerat (150341) on Tuesday April 24, 2012 @12:27PM (#39783259) Journal
    I've run Macs most of my life, and recently backed up the entire contents of a machine to a Windows box with the space needed for the backup; close to a million files (app bundles contribute largely to this number), about 120 common-use files had various infections that Norton picked up.
    • Re: (Score:3, Funny)

      by lennier1 (264730)

      If even Norton picked up 120 infections imagine what a real scanner would've found.

  • by Qwerpafw (315600) on Tuesday April 24, 2012 @12:27PM (#39783261) Homepage

    One in five macs where people chose to install antivirus software have (inactive) Windows malware.

    Which is a bit like saying "one in five cars brought to the mechanic get serviced for something." The survey is skewed due to the sample group - most Mac users never install any anti-virus software.

    The only places I've seen it installed are on computers in corporate environments where there are already viruses being passed around commonly via email attachment, USB stick, and network drives. These places install antivirus on Macs so users don't forward a virus to Windows users - and it sounds like from this survey, that's with good reason.

    Apple's Mail software (and Microsoft's Outlook for Mac) cache attachments locally on the user's disk, so it's very easy to "have" malware and viruses if you just receive email (even without opening it).

    It's a bit ridiculous to claim they are "infected" however, and again, the sample group is not really representative. That said, I don't think Macs are in any way immune from viruses. Apple's iOS-like sandboxing and signed-app requirements would likely help OS X considerably in this regard, but of course every decision that increases security by removing control from the user also infuriates free/open software proponents and hackers. Think of jailbreaking iOS and how Apple patches security holes - this is maddening for people who want to jailbreak, but is ultimately an attempt to fix a potential infection vector.

    • by mikael_j (106439)

      Apple's iOS-like sandboxing and signed-app requirements would likely help OS X considerably in this regard, but of course every decision that increases security by removing control from the user also infuriates free/open software proponents and hackers.

      Changes in 10.8 won't remove control from the user, any admin user (which for home users is the same as "the user" unless they asked a cousin or someone to set things up for them) can change the settings, it just defaults to "block unsigned". It's a setting, you can turn it up and only allow app store downloads and you can turn it off completely.

    • by drinkypoo (153816)

      They are infected, though they don't have any symptoms; they are still carriers.

      • It's an infection only if the code runs. If the files just lie dormant somewhere and cannot run on the system at all then it's not an infection.

    • One in five macs where people chose to install antivirus software have (inactive) Windows malware. [...] the sample group is not really representative.

      It's true that this applies to all Macs that have an antivirus, but I'll answer your claim of not being representative with a healthy [Citation needed].

  • by King_TJ (85913) on Tuesday April 24, 2012 @12:29PM (#39783319) Journal

    The last sentence in the article makes their motives clear: “What Mac users really need to do is protect their computers now or risk allowing the malware problem on Macs to become as big as the problem on PCs in the future.”

    Sophos simply wants to scare up some more business selling Mac business users their anti-virus software. (At least right now, home users can get it from them for free, at: http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx [sophos.com])

    I'm in no position to challenge their numbers, but even "1 in 36 Macs" having a Mac specific infection seems awfully high to me. Maybe this last trojan horse that made the rounds pushed that number way up ... but I haven't encountered a single Mac that was infected yet, out of the ones my co-workers own (and always ask me for help with when they have problems), out of the ones we use at home, or out of the ones I support for clients in my side job. I don't think any of my Mac using friends on Facebook mentioned problems with it either.

    Regardless? The concern of Macs harboring Windows malware is nothing new... That's been a potential issue for as long as I can remember. I recall the office running Norton anti-virus for the Mac on iMac G3 machines running MacOS 8.6 and 9.1, at one of my old jobs, just for that reason. They didn't want to accidentally spread an infected file they might have gotten via email to a Windows recipient.

    The main reason Mac users stopped that practice, as I recall, was the really poor quality of most anti-virus packages when OS X came out. Apple even gave away copies of Virex for OS X to .Mac account holders at one time, and the software bogged down and destabilized the machines so badly, everyone I knew removed it in a matter of days!

    • I know someone who had that Mac trojan.
      • by s.petry (762400)

        Honestly, trojans are simple to create for any operating system. The hard part is getting users to run the install which actually infects the system.

        Like with Linux, OS-X user space is protected from system space. non-root access means very minimum damage to a system.

        Back about 15 years ago, I wrote a proof of concept virus for Unix. It modified user start up files to run, and just needed a port above 1024 on the network to listen for C&C. The amount of work it took was pretty incredible, but it's p

        • non-root access means very minimum damage to a system

          Hahahahaha no.

          Non-root access is sufficient to blow away the user's documents and snarf their passwords. The only thing root lets you do is screw with the other users. But most desktops are single-user machines.

    • by Guppy06 (410832)

      I haven't encountered a single Mac that was infected yet

      Did you actually look, or do you simply equate "no complaints from the end-user" with "not infected?"

  • by williamyf (227051) on Tuesday April 24, 2012 @12:38PM (#39783477)

    No matter if your OS is Windows 5.x, 6.x, Mac OS X 10.x or GNU/Linux Kernel 2.4.x or 2.6.x. If your machine is a desktop run an antivirus.

    You owe it to the rest of the world to exterminate viruses/trojans/malware, both the many (or few) that your machine is susceptible to, as well as those that, even though will not infect your machine, will be passed on to someone else... ...because YOU, saavy and enlightened slashdot user, did not catch and exterminated them.

    Do it for the unwashed masses, that are clogging the pipes with port scans and attempts to infect, do it to have a tad fewer cheap viagra/penis enlargement offers in your spam folder... do it for the children!!!! :-)

    If you "feel confident" (note the quotes) that your OS is "safe", that you use "safe practices", and the AV is a "Waste of resources", then fine, get an AV with a small footprint, both in system resorurces, and in $£¥€, and run it while you are sleeping, so it does not affect your daily work routine.

    I am writing this fom Firefox 10.0.3 esr in a Mac with 10.6.8, and I am not scared at all about these developments, but, as safe practice, run ClamXav manually. I scan my machine and its external hard-drives every night, and scan smaller/unknown removable media every time it is inserted. ;-)

    So, please my Linux and Mac OS X brothers and sisters, stop being a bunch of snobs, get on with the program, and run an antivirus. :-)

    --

    • by ratbag (65209)

      As a service to your brethren, could you let us know the hit rates from Clam on your Mac?

      1. In files only available to your Mac
      2. In files shared between Mac and Windows (VM/Boot camp etc.)
      3. Viruses that can affect your Mac
      4. Viruses that you are just a carrier for.

    • by OrangeTide (124937) on Tuesday April 24, 2012 @02:04PM (#39784887) Homepage Journal

      Why should I waste electricity scanning for viruses that can't infect my computer?

    • It sounds like you work for Norton. Maybe your tin-foil hat is just a tad too tight and it's cutting off circulation.

      1. A couple times a year I do some spring cleaning and make sure I'm not running anything I don't want to be. Usually this is just stuff I don't use anymore. Then there's cookies.

      2. The last thing I'm worried about when I'm getting ready to go to bed is whether some piece of spam contains a trojan horse I'll never open. Actually, my spam folder is empty. I must be doing some(multiple)thing ri

  • by smitty_one_each (243267) * on Tuesday April 24, 2012 @12:39PM (#39783505) Homepage Journal
    For the sake of variety.
  • One in five Apple Macs is infected with malware, according to Sophos. But most of that is harmless to the Mac... it is Windows malware ready to be transmitted to the Windows population. OnlyOne in 36 Macs has OS X specific infections.

    FTFY. A 2.8% infection rate is pretty significant.

    • by 6ULDV8 (226100)

      75% of that 2.8% figure is the Flashback trojan. If they haven't patched or upgraded by now, they are not likely to do so.

  • Only one in five? I'm guessing they got their numbers from Macs with Sophos installed. That should have made it a solid five in five.
  • So 20% macs have infections on it that they have no reason to counter. Woo. A stat like how many would actually make it onto a system that would have a reason to guard against that virus would be an important stat to guestimate. If you assume there are hardly any windows machines with rudimentary enough security to accept the majority of these viruses to begin with - a story which would sync with known windows infection rates -, this becomes a nonstory. But this essential fact wasn't looked at, making thi
  • by jsepeta (412566) on Tuesday April 24, 2012 @01:01PM (#39783833) Homepage

    I'm sure Sophos' sample size is too small to be of any use. Hardly anyone knows who Sophos is or uses their antivirus. I like it, but I haven't run AV on my Mac since moving to OSX 10.3 when Norton failed to make the jump in a timely manner. And I've never seen Macs on OSX brought down as hard as PC's on XP.

    Don't forget, Malware & Trojans are a different beast than viruses. A lot of viruses can spread just by the fact that your Windows PC is connected to the same network as an infected PC. This does not happen to Macs with OSX, no matter how loudly Leo Laporte whines about it. Or Sophos.

  • I still can't decipher where exactly this malware is on OSX, I suppose it's just sitting harmlessly in the browser's cache?

    • I still can't decipher where exactly this malware is on OSX, I suppose it's just sitting harmlessly in the browser's cache?

      Macs (and Unix boxes) might also harbor infected MS Office docs.

      We had this problem a few years back - one of our end users repeatedly would get his box thoroughly infected. His group shared a workspace drive that was on a Linux box running Samba. He'd upload a doc that'd sit there, biding its time on the Linux box, until one of the other users grabbed it - then they'd either get a pop-up from their antivirus, or they'd get hosed themselves.

      I'm not a Windows sysadmin, so I found the whole thing rather funny

  • by bmo (77928) on Tuesday April 24, 2012 @02:11PM (#39785003)

    Cluley adds that while the spread of malware to and from Macs is no different than that for Windows computers, a lack of anti-virus implementation means that it sticks around for longer. Some samples collected by Sophos found malware dating back to 2007.

    For shits and giggles, I ran a scan on my email archive, some of which dates back to 1994, and it resides on a linux machine.

    I found *two* Windows trojans.

    I didn't bother removing them. So this means I'm infected?

    What a load of horse-pucky.

    --
    BMO

The sooner you fall behind, the more time you have to catch up.

Working...