Apple has updated the Xprotect malware definitions for Mac OS X to flag a recently discovered Trojan, but Graham Cluley of Sophos advises Mac users to stay on the safe side and install antivirus software.
Following the recent discovery of a new piece of malware targeting Macs, Graham Cluley, senior technology consultant at Sophos, made a blog entry with details about the Trojan.
In his post, Cluley revealed that the OSX/Revir-B Trojan hides behind a malicious PDF disguise. The reason? According to the security expert, “many people still think that PDF files are somehow magically safer to open than conventional programs.”
After analyzing the PDF file, Sophos found strings embedded deep inside its code that “make it clear that it was written with malicious intent,” Cluley said.
Despite not being functional, the exploit was subsequently patched by Apple by releasing a malware definition update that flags the Trojan.
“In its current form the Trojan does not pose a significant threat,” Mr. Cluley told Softpedia in an email interview.
“The good news is that the malware is currently half-baked. However, it is possible that what has been uncovered is a piece of malware that is still being developed by its creator, and there may be future incarnations which pose a greater risk,” Mr. Cluley said.
He also noted that it certainly wouldn't be a surprise to find more Mac malware using social engineering tricks in the near future, as they have worked well in the Windows camp.
“For instance, we saw a spate of fake anti-virus attacks targeting Mac users earlier this year, a scourge which most Windows users are all too familiar with,” he said.
“As the popularity of Macs increase, I suspect OS X users will become a more attractive target for cybercriminals. Mac users would be wise to run anti-virus software, and regularly back up their sensitive data,” Cluley said.
A good choice is the free, Sophos Anti-Virus Home Edition. Version 7.3.3 is fully compatible with OS X Lion, and earlier versions of the Mac OS.