New malware uses old tricks
It can be a tricky business keeping an internet connected PC or Mac safe from viruses and malware. Yes, I said PC or Mac; the days when Mac users could happily promote the idea that Mac OS was free from any kind of rogue applications are long gone, although it is fair to say that the vast majority of exploits target the Windows environment. That’s largely a numbers game. While Apple has done well in recent years in terms of expanding its overall market share, it’s still simply dwarfed by the number of Windows PCs connected to the Internet. If you were a bad guy wanting to infect computers and there were a thousand of one type and ten million of the other type, you’d hit the ten million first, every time.
However, as I stated at the outset, not even Mac users are automatically secure any more. That’s why having a decent AV package is a very good idea, simply because they can save you from what’s so very often the actual weak link that allows viruses and malware to spread. It’s not always the case of so-called “zero-day” exploits (problems within code that aren’t known about) or for that matter known exploits that get hit because people don’t run security updates in a timely fashion.
After all, if you were writing dodgy software, you couldn’t be assured that a system hadn’t been patched, or that it was running the right version of the software for which a zero-day existed or worked reliably. No, the most reliable way to gain access to computers, whether you’re after malicious damage, encryption of systems for blackmail purposes or simple identity theft is to go for the weakest link in the security chain. All too often, that’s you or me.
As an example, a recent attack on Macs used, of all things, Word Macros to attack potentially vulnerable machines. Macros are simple chunks of code designed within the Microsoft Office environment to allow automation of tasks, and they can be very powerful productivity boosters. Equally, though, they can allow for some very bad things to happen, which is why on the PC side of the fence they’re almost an archaic form of attack.
A recent malware attempt was sent around via a Microsoft Word For Mac document entitled “U.S. Allies and Rivals Digest Trump’s Victory – Carnegie Endowment for International Peace.” Which doesn’t sound that thrilling to me, but maybe your tastes vary.
If you opened it, and you had allowed Macros to run, it would run a check to see if a particular Mac firewall was running, and if it wasn’t, download and try to execute an encrypted file from the Internet. The file itself (thankfully) didn’t work, but the whole enterprise relied on the idea that you’d either allow Macros by default (terribly dangerous behaviour) or, more likely, that you’d blithely click through allowing Macros in order to read the document.
You’ve probably hit those warnings on PC or Mac about files or applications making changes to your computer, especially when installing any new app. Chances are decent you’ve blithely clicked through them, thinking of them as a mere annoyance. Next time you hit one, stop and think. Because if the weakest security link on your PC is you, the way you strengthen that link is by using your brain.