Feeds

Google makes malware microscope Mac mod

Cupertino wants intel on Apple VXer plays

The essential guide to IT transformation

Google has upgraded its popular VirusTotal analysis tool by adding an Mac OS malware uploader in a bid to better understand increasing attacks against Cupertino's fruity 'puters.

The tool has been made available for OS X 10.8 and 10.9.

Malware and suspicious URL samples uploaded to VirusTotal are checked against 52 anti-malware products to test for malicious components. Google sent samples to anti-virus outfits that failed to detect known malicious wares.

Technical account manager Karl Hiramoto said the popular security and research tool acquired in September 2012 would give security bods better intel into the Mac malware scene.

“Hopefully this will lead to VirusTotal receiving more Mac applications, diving deeper into an increasingly targeted OS by attackers and allowing anti-virus companies and researchers making use of VirusTotal’s backend to build stronger defenses against these threats," Hiramoto said in a post.

Like many white hat security tools VirusTotal was popular with VXers who used the service to test the effectiveness of their malware obfuscation techniques before commencing large-scale attacks.

The double edge of the new uploader meant it could allow crooks to test detection rates for their Mac malware which at present would likely be low.

The first most significant Mac malware outbreak to date occured in 1998 with AutoStart 9805 worm, which emerged in Hong Kong and spread throughout the world. In 2006 the first virus, dubbed Leap-A, hit Mac OS X.

A year later the financially-driven RSPlug Mac malware was discovered. Since then Mac VXers had developed more sophisticated malware such as FlashBack which at its peak had infected 600,000 Macs.

Those incidents all made it plain that the Mac is not invulnerable. Just why Google has decided now is the time to subject Mac OS to wider investigation is not known, but it is not hard to suspect someone, somewhere, feels Apple's platform now needs extra attention. ®

Next gen security for virtualised datacentres

More from The Register

next story
Ice cream headache as black hat hacks sack Dairy Queen
I scream, you scream, we all scream 'DATA BREACH'!
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
Oz fed police in PDF redaction SNAFU
Give us your metadata, we'll publish your data
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?