ANTenna Blog -- Apple

Tweets from a respected Macintosh evangelist inadvertently contained links to a Trojan horse aimed at Macintosh computers. The incident should serve as a warning to Mac-using SMBs that while their Macs aren't nearly as subject to malware attacks as Windows machines are, that's not a guarantee that nothing bad can happen.

One of the better reasons for basing your business on Mac computers is that there has never been as much malware, adware, spyware, and so on for Macs as our Windows-using brethren have to contend with. That not only simplifies your IT tasks, it provides a better level of information security.

But that doesn't mean your Macs are immune. Several proof-of-concepts have demonstrated that someone can hack into a Mac, and recently Mac malware has started to show up in the wild. The debate continues over whether the reason there isn't more is OS X's inherently better resistance or just the fact that compared to Windows machines, the Mac doesn't afford a target-rich environment. Unfortunately, more Mac means more targets.

The recent case involves a Trojan called OSX/Jahlav-C. First reported in early June, this bit of nastiness comes disguised as software required to watch a pornographic video. It identifies itself as a Video ActiveX Object, which should set off alarm bells in savvy Mac users' head already, as ActiveX is a Windows technology.

Downloading the file opens what looked like a standard Mac installer for a tool called MacCinema. But what the program really installs is an "AdobeFlash" shell script which in turn contains a Perl script. The Perl script can communicate with a remote website and download more code, though it's not clear whether that's actually happened to anyone.

Earlier this week, Guy Kawasaki's Twitter feed invited viewers to download a "Leighton Meester sex tape video free." (Venture capitalist Kawasaki was part of the original Mac marketing effort and has almost 140,000 Twitter followers.) Anyone who followed the link and the instructions would have installed OSX/Jahlav-C on their machine. Kawasaki had nothing to do with the process--his Twitter account automatically retweets material posted to the NowPublic user-contributed news site, and that was the source of the bogus Meester story.

The point of all this is not to slam Kawasaki or make fun of Twitter. It's to serve as a reminder to you and your staff that smugness (however justified) is not in itself a defense. Windows users have learned the hard way that no business can afford to be cavalier about security. The smart Mac SMB will pay attention to incidents like this week's and learn that lesson the easy way.