A visit to the Apple store will give any consumer a false sense of security, you will be told that by buying a Mac you are safe from threats and malware. I have even been told this even after I explain what I do for a career. A vast majority of Mac users still believe that they are safe from the threat of malware because of this, even though the magic myth of Mac immunity has long been disproven and really exploited in the past years with such concepts of Thunderstrike and root privilege exploits. However, most of the malware that we come across for Mac has been adware. The annoying pop ups or redirects that try to get you to spend money or download shady software.
Variants of VSearch and Genieo have been on top of the list for most downloaded Mac malware. Most people’s cure for this would be to install an ad blocker such as AdBlock Plus. I can’t blame them for this as I also run an ad blocker on my personal Mac. The downfall to this is that these adware companies have figured this out and added code to their program to allow their ads even with your blocker running. This is why the Mac community needs a strong security software on their machines. Researching one of these variants, we came across code that will search for your ad blocking program, download an exception text file and insert it into the settings of your ad blocker. Here is a sample of the exception text it downloaded.
[Adblock Plus 2.0] @@||search.yahoo.com^$document @@||bing.com^$document @@||genieo.com^$document @@||strtpoint.com^$document
This code allows their ads to run and the user is none the wiser. The adware creates its own rules for your security plugin. This is just the beginning of what could be a crucial change in the malware found on Macs. Malware may only be using exploits like this for advertisements currently but what is stopping it from using this same kind of exploit to send personal data out in the future? Putting your security in the hands of a software that only protects you from one type of malware simply isn’t enough anymore. It is easy to find articles that claim Apple computers are invincible but the fact is malware for Mac is real and it is getting increasingly better at ensuring its survival.