How to Infect a Mac with a Virus or Other Malware

It's not as easy as you might think to infect a Mac with a virus or other malware program.

I became curious about the fact that while there are malware programs for OS X, I hadn't ever seen any. I wondered if it would be possible to find out how to get infected so I could pass on to you, dear reader, how to avoid the scourge of virii/viruses and Trojans that are lurking out there just waiting for an innocent Apple user.

I did what any good Net user would do: I asked Google, "How do I get infected with a Mac virus or Trojan?"

This is what I found out.

Malware for Macs

According to one website, a Trojan was discovered maybe a year ago that is theoretically capable of infecting applications on an OS X computer. In order to have your Mac infected by this "Oompa-Loompa" Trojan, you have to (quoting now):

1. Are somehow sent (via email, iChat, etc.) or download the "latestpics.tgz" file
2. Double-click on the file to decompress it
3. Double-click on the resulting file to "open" it
   ...and then for non-Admin users, it fails to infect most applications."

The writer goes on to say that he refuses to send the casual reader (that would be me) a copy of the Trojan to play with, because we are not (obviously!) computer security professionals. I suppose I could lie, try a little social engineering, and see what happens, but I guess I would be caught at it pretty easily.

Here's another resource. This document hasn't been updated since the year 2000. This one's a little more interesting; it leads (among other places) to the Viruses and the Mac FAQ>, which purports to have a virus "test file" that will allow you to test your virus scanning software. It will register as a false positive (showing a virus infection), but the file itself is nothing more than a header set to trigger virus scanners.

Scanning for Viruses

Before I try something like that, it's time to run Norton Anti-Virus. I had to find it with Spotlight, because I can't remember the last time I opened the program. Then get a virus definition update. The latest update is from January 1, 2007. Apparently the last time I ran the program according to the log was sometime in August 2006; I really don't recall running it.

While I'm waiting for the scan to complete, I go back to Google: The next hit is about "opener", which I gather from a quick read is some sort of startup script requiring physical access to the computer or someone who is using the same password for email as for login on the machine. (Here's a tip: don't do that!)

The scan's complete: I'm apparently clear of Mac and PC viruses, and I surf the Web every day.

The next hit's about a virus that only attacks phones, and the next one is about how McDonald's gave away some sort of spyware-infected toy. The last one on the first page deals with AIM viruses, and the link leads to a page where the term "Mac" doesn't even appear.

You Have to Install Them Yourself

It seems that if you were aggressive about it on a non-production machine, you could find a couple of OS X Trojans to infect yourself with primarily by asking someone to email them to you. I couldn't find any Mac malware that is self-propagating. Maybe they exist, but none come up in my search.

You can also work hard at disabling all the security built in to OS X by doing things like always logging in as root (something the average user doesn't know how to do in the first place) or by using machine passwords that are identical to your clear-text email passwords. Or maybe you could set your Mac up in a busy shopping mall (with a Kensington security cable, of course) with a big INFECT ME sign and the password printed on the screen in magic marker.

I don't mean to be too flippant about security. After all, it's a huge issue for the general computer user, and no one deserves to have valuable work or files deleted (backup backup backup) by some virus or spyware or malware. My point is that it's pretty hard to get your Mac infected in January 2007 even if you go looking for your personal Typhoid Mary.

At work, my employer uses a virus scanner on all incoming email, and there are usually 5 or 6 infected files in my mailbox that would infect a PC if I insisted on overriding the security software's recommendation. I expect that some the stuff sitting in my Junk mail folder has viruses and other malware attached, but I haven't actively downloaded the files - and I'll erase them eventually.

Getting infected on a Mac is kind of hard. It's not impossible, though. And overconfidence will someday be the downfall of Mac users so smug they completely ignore security issues.

It's still good etiquette to get yourself a copy of a virus scanner, if for no other reason than to prevent the spread of PC viruses.

I think most PC users are probably having more issues with spyware and adware slowing down systems than out-and-out viruses these days. Still, that doesn't change my tried-and-true response to anyone who ever asks me how to fix the malware problem on their PC: "Get a Mac."