There’s an old saying which allowed Mac computer users to sleep while Windows fans dealt with swarms of pesky malicious hackers : security through obscurity. However, now that you can’t go a day without hearing or reading about Apple, that maxim may be wearing thin. Security researchers now report hackers have a way to remotely send commands to your Mac OS X computer.
Although security research firm Sophos wants to call the Trojan the “OSX/Musminum-A”, hackers involved prefer “Blackhole” RAT, or Remote Access Trojan. Whatever the name, the security exploit could allow hackers to control your Mac, even displaying a fake “Administrator Password” window. However, before you hit the defcon-3 button, there are some details you might want to know.
Security exploits have two stages of availability: proof-of-concept, which is essentially a pr stunt to let other hackers know of a flaw and then there are hacks in the “wild,” or actually infecting and taking control of computers. The Blackhole RAT “is available for download from the net, but we haven’t seen any reports from customers being hit by it,” Sophos’ Graham Cluley reports by e-mail.
“Our advice is not to panic at the news of this new Mac malware, but take sensible, appropriate setps to properly protect your computer,” Clulely adds. To put this threat into better perspective, 95,000 cases of Windows-based malware appear each day, the research says.
However, the Trojan’s appearance on security researchers’ radar screens indicates hackers now view Macs as a more tempting target. It is time for Mac owners to wake up to the threat, as well.
When Sophos launched its Mac Anti-Virus product in 2010, “we found a dangerous number of Mac users do seem to think they’re safe and secure ‘by design’ and that only their own crass stupidity (which they say they don’t have) would lead them to trouble,” Clulely wrote.
Apple is even taking a closer look at security. The Cupertino, Calif. company reportedly invited two security experts to review an early version of Mac OS X 10.7, which is expected out this summer.