Feeds

Google makes malware microscope Mac mod

Cupertino wants intel on Apple VXer plays

Reducing security risks from open source software

Google has upgraded its popular VirusTotal analysis tool by adding an Mac OS malware uploader in a bid to better understand increasing attacks against Cupertino's fruity 'puters.

The tool has been made available for OS X 10.8 and 10.9.

Malware and suspicious URL samples uploaded to VirusTotal are checked against 52 anti-malware products to test for malicious components. Google sent samples to anti-virus outfits that failed to detect known malicious wares.

Technical account manager Karl Hiramoto said the popular security and research tool acquired in September 2012 would give security bods better intel into the Mac malware scene.

“Hopefully this will lead to VirusTotal receiving more Mac applications, diving deeper into an increasingly targeted OS by attackers and allowing anti-virus companies and researchers making use of VirusTotal’s backend to build stronger defenses against these threats," Hiramoto said in a post.

Like many white hat security tools VirusTotal was popular with VXers who used the service to test the effectiveness of their malware obfuscation techniques before commencing large-scale attacks.

The double edge of the new uploader meant it could allow crooks to test detection rates for their Mac malware which at present would likely be low.

The first most significant Mac malware outbreak to date occured in 1998 with AutoStart 9805 worm, which emerged in Hong Kong and spread throughout the world. In 2006 the first virus, dubbed Leap-A, hit Mac OS X.

A year later the financially-driven RSPlug Mac malware was discovered. Since then Mac VXers had developed more sophisticated malware such as FlashBack which at its peak had infected 600,000 Macs.

Those incidents all made it plain that the Mac is not invulnerable. Just why Google has decided now is the time to subject Mac OS to wider investigation is not known, but it is not hard to suspect someone, somewhere, feels Apple's platform now needs extra attention. ®

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Microsoft: You NEED bad passwords and should re-use them a lot
Dirty QWERTY a perfect P@ssword1 for garbage websites
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
NIST told to grow a pair and kick NSA to the curb
Lrn2crypto, oversight panel tells US govt's algorithm bods
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.