French security firm bashes Microsoft for talking up Mac malware

Threat from Mac 'backdoor' just isn't credible enough to mention, says Intego

A Mac security firm today criticized Microsoft for warning Mac users of new malware, saying that the threat simply wasn't worth mentioning.

Late Monday, the Microsoft Malware Protection Center (MMPC), the group that researches malware and crafts signatures for the company's antivirus products, alerted users of a new Mac "backdoor," a program that, once installed, downloads additional attack code or lets hackers steal files from the compromised computer.

In a blog post, Microsoft malware engineer Meths Ferrer said that MMPC had found the backdoor, dubbed "Backdoor:MacOS X/Olyx.A," in an archived file that also contained a Windows backdoor called "Wolyx.A."

According to Ferrer, Olyx.A disguises itself as a Google application support file when run by the user, then establishes a remote connection to an IP address hosted in Seoul, South Korea.

But Intego, a French antivirus company that focuses exclusively on the Mac, took exception to Ferrer's blog post.

"They're making it out like this is something serious, but it's not in the wild at all and not being installed," said Peter James, a spokesman for Intego. "This is no big deal."

A backdoor must either be manually installed by a user -- perhaps after being tricked into running the file -- or packaged with other malware that exploits a vulnerability or uses social engineering tricks to get the victim to run the program, said James.

There's no evidence that Olyx is in wide circulation or being used by other malware, such as Mac-specific "scareware," the phony antivirus software that fools people into installing it after faking security alerts.

"It could so stuff if it was in the wild, but it's not," argued James.

It's rare to see one antivirus firm bash another for issuing a warning or alerting customers to a possible threat. But that didn't stop Intego, which saw Ferrer's blog as counterproductive.

"We get criticized every time we issue a security alert," said James, adding that people accuse it of crying wolf about threats to the Mac, which has historically been relatively immune to attacks because of its small market share.

Cyber criminals with profit in mind are much more likely to target Windows simply because Microsoft's operating system powers nearly 90% of the world's personal computers.

"When something is a real threat, we'll say something," said James. "If it's not, we don't publicize [the malware] by issuing an alert. We've got other things to do."

Intego created an Olyx definition for its VirusBarrier product on June 30.

"It's kind of interesting that Microsoft took a month [to mention Olyx] after it started circulating," James said, taking another swipe at the Redmond, Wash developer. "Maybe this is a sign that they're going to be analyzing more Mac malware in the future."

Other security companies have also made mention of Olyx, including Kaspersky Lab, which highlighted the backdoor in a malware report for June 2011.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed. His e-mail address is gkeizer@computerworld.com.

See more articles by Gregg Keizer.

Read more about security in Computerworld's Security Topic Center.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags Mac OSGoogleMicrosoftsecurityIntegosoftwareMalware and Vulnerabilitiesoperating systems

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Gregg Keizer

Computerworld (US)
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?