Google makes malware microscope Mac mod
Cupertino wants intel on Apple VXer plays
Google has upgraded its popular VirusTotal analysis tool by adding an Mac OS malware uploader in a bid to better understand increasing attacks against Cupertino's fruity 'puters.
The tool has been made available for OS X 10.8 and 10.9.
Malware and suspicious URL samples uploaded to VirusTotal are checked against 52 anti-malware products to test for malicious components. Google sent samples to anti-virus outfits that failed to detect known malicious wares.
Technical account manager Karl Hiramoto said the popular security and research tool acquired in September 2012 would give security bods better intel into the Mac malware scene.
“Hopefully this will lead to VirusTotal receiving more Mac applications, diving deeper into an increasingly targeted OS by attackers and allowing anti-virus companies and researchers making use of VirusTotal’s backend to build stronger defenses against these threats," Hiramoto said in a post.
Like many white hat security tools VirusTotal was popular with VXers who used the service to test the effectiveness of their malware obfuscation techniques before commencing large-scale attacks.
The double edge of the new uploader meant it could allow crooks to test detection rates for their Mac malware which at present would likely be low.
The first most significant Mac malware outbreak to date occured in 1998 with AutoStart 9805 worm, which emerged in Hong Kong and spread throughout the world. In 2006 the first virus, dubbed Leap-A, hit Mac OS X.
A year later the financially-driven RSPlug Mac malware was discovered. Since then Mac VXers had developed more sophisticated malware such as FlashBack which at its peak had infected 600,000 Macs.
Those incidents all made it plain that the Mac is not invulnerable. Just why Google has decided now is the time to subject Mac OS to wider investigation is not known, but it is not hard to suspect someone, somewhere, feels Apple's platform now needs extra attention. ®
Sponsored: Network DDoS protection