Tech-Friendly: While not common, Mac malware exists

Macintosh computers can be attacked by malware. There are different types of malware: viruses, trojans, spyware and adware, to name a few. Generally, the user has to be coaxed or tricked into downloading Mac malware, but not always.

Security glitches in Adobe Flash, Adobe Reader and Oracle Java have exposed Macs and PCs to “drive-by” security threats, with little or no user interaction required. That’s why in previous articles I’ve encouraged you to keep these software packages up to date and to regularly apply operating system security patches.

Recently, malware named “Yontoo” found its way onto some Macs, none of mine, thankfully. Yontoo is an adware program that users are tricked into downloading believing the software is a media player named “Twit Tube.”

Once installed, Yontoo tracks your Internet browsing, swaps out legitimate ads for its own, and may direct you to websites you had no intention of visiting. Fortunately, Apple has updated its built-in malware security system, XProtect, which runs on Mac OS X 10.6 or greater, to protect users against Yontoo.

Not all adware is stopped by anti-malware software. Neither Apple’s XProtect or Microsoft’s Security Essentials/Defender stop the installation of custom search toolbars by Conduit software. Conduit search toolbars can be designed to reset your homepage and redirect your Internet searches from Google or Bing to Conduit’s search tool.

There’s some debate as to whether the Conduit search toolbar is malware, as there may be a legitimate reason to use its search tool. However, I’ve recently found the software installed, secretly, on a Mac. The software was installed along with a download of the Google Chrome browser, then the software tried to install itself in the user’s default browser, Firefox.

A program that jumps from one browser to another browser without the user’s consent is malware, in my book.

Firefox would have nothing to do with the Conduit search toolbar, though. Because the user kept Firefox updated, the software didn’t install successfully. Reason again to keep your browser software current.

In this case, the user was not running the most current Mac OS, which is v10.8. Had the user been running Mac OS X 10.8 (or 10.7), he would have been alerted to the Conduit install, unless the user manually disabled the Mac’s default download and install protection. A perfect example of why to keep your operating system software at the most current version when possible.

Sophos Anti-Virus for Mac is a free antivirus program for Mac OS X; download it at: Sophos would have identified the toolbar as a “controlled application,” not stopping it, but alerting you to its presence.

A major benefit of Sophos Anti-Virus for Mac is that it is available for Mac OS X versions that don’t include the security features of Mac OS X 10.7 or greater; Sophos runs on Mac OS X 10.4 or later. So, if your Mac doesn’t support Mac OS X 10.7 or 10.8, Sophos will fill some of the security gaps on your older Mac.

For free virus, spyware and adware protection on Windows computers, Ad-Aware ( comes highly recommended.

Note to Comcast/Xfinity Internet customers: you may download Norton Internet Security software ( for free, PC or Mac, as part of your subscription. In addition to antivirus, this software provides firewall, antiphishing and identify guard protection.

I don’t claim this is a complete review of malware protection products. I’m simply using recent experiences to demonstrate how important it is to keep your computer software up-to-date and to alert you to products that might enhance computer security. Oh, yes, while not common, Macs can get malware, too.



Hi Tech Crime Solutions,,,