Oh My, a Mac Botnet!

Some of you may have recently read of researchers discovering a botnet that is using Mac computers. Are you surprised? Well, perhaps if you drink the Apple flavored Kool-Aid you are, but if you understand operating systems at all then this is really not at all surprising.

Operating systems are designed to run programs. A general purpose operating system is designed to run lots of different types of programs. To say that a Mac can’t get malware is like saying that the Mac OS, a general purpose operating system, is dysfunctional. Of course it isn’t dysfunctional and that is why it can, and does run malware.

For those who are too young to remember, missed it when it was news, or have simply forgotten history, in 1988 a young Robert Morris unleashed a worm on the internet that wreaked havoc. By some estimates, nearly 10% of the computers on the internet were infected. This may surprise you, but Windows was not around at that time. The worm only ran on some versions of UNIX. The only reason the worm was not more widespread is that many computers on the internet at that time ran other versions of UNIX that the worm could not run on. There were some people with a compatible version of UNIX who did not get infected because they did things like use good passwords and patched their operating system. Some things never change!

A modern Mac computer runs a UNIX based operating system. Due to how UNIX is designed, viruses don’t generally spread as well on UNIX, but they certainly can. Today viruses are a small percentage of the malicious software infecting Windows computers. Viruses replicate. Most of the malware we see today is not self-replicating. Most malware requires user interaction and the most common way to get the malware onto a computer is to trick the user into running it. Macs offer no more protection than Windows when it comes to tricking users. The only really effective defense is education.

The reported botnet appears to have been distributed in pirated software. Pirated software gets users to install software by appealing to greed. There are many other human emotions that can be manipulated to trick people into running bad programs, and we will see more of this trickery used in the Mac world as the Apple marketing department does their job of selling Macs.

The only remarkable or surprising thing about the Mac botnet is that anyone was surprised at all.

Randy Abrams
Director of Technical Education

Author , ESET

  • Randy,

    The OS on the iphone (actually, any smart devices made today) is pretty complex. Have you noticed any malware attacks on the iphone or other smart devices?

    Would love to see a post on what your team is seeing outside of the standard laptop configuration. Would definitely not like to see someone taking control of my mobile. I would consider that really bad news.


    • The most targeted smartphone OS is Symbian OS, and has been for a long time. There has been at least one iPhone Trojan, of sorts, but it’s not a big issue, right now. It could be, though: as you suggest, there’s not a lot separating smartphones from low-end laptops these days, and only social engineering and the will to push the envelope saving Apple users from seriously malicious attention.

Follow us

Copyright © 2017 ESET, All Rights Reserved.