Follow The Safe Mac on Twitter to stay advised of the latest Mac security news!
Posted on July 5th, 2013 at 7:23 AM EDT
I see this all the time in Mac-related forums. When a person expresses a concern about viruses, someone (often someone identified by the forum as an expert) will invariably respond with, “There are no Mac viruses.” Usually, no additional information is given. This always annoys me to no end, because that is a partial truth that hides and denies the greater reality. So what is the truth, then?
First, a lot of people don’t understand basic malware terminology. The technical definition of a “virus” is a malicious program that installs by itself, embedding itself inside another program or file, and spreads itself to other computers. The word “malware,” on the other hand, refers to all classes of malicious software: viruses, worms, trojans, etc. The average user refers to all malware as “viruses,” without an understanding of the strict definition of the word. There’s nothing wrong with that, and it should be the job of those with more tech knowledge to educate those with less, not to play word games with them or belittle them for a minor misuse of terminology.
Second, it is only mostly true that there are no Mac viruses. People claiming that there are no Mac viruses are conveniently forgetting about Word macro viruses. Those do fit the technical definition, but nobody counts them anymore, since they are mostly just an annoyance on the Mac, if you still encounter them at all.
There are also a number of cases of proof-of-concept viruses in the history of Mac OS X. The Inqtana and Macarena viruses, for example, were never actually seen “in the wild,” but they were created as proof that viruses could be created that would affect Mac OS X. Even recently, there have been proof-of-concept viruses announced, such as the Clapzok virus that was created by a security researcher and announced last month. It’s true that none of these have actually been used maliciously, to anyone’s knowledge, but they still exist and should not be so quickly dismissed.
Finally, it’s important to understand that the most important aspect of the definition of the word “virus” is the capability to install itself. In other words, unlike a trojan, which relies on fooling you into opening something you shouldn’t and can therefore be avoided through cautious behavior, a virus can infect you without your doing anything that you might consider risky. All the other details, like injecting itself inside other applications, are just fluff. There is actually quite a bit of malware for the Mac that would fit that criterion. Flashback, for example, is the most well-known case, in which all that was needed to become infected was to visit a hacked web site with Java enabled in the web browser. Technically speaking, Flashback (and all the more recent malware that uses similar tricks) is not a virus. Practically speaking, I certainly would call it one!
In other words, if you have found this page after having been told that “there are no Mac viruses,” you have basically been lied to. Probably not on purpose, as many Mac experts have a rather poor understanding of malware; but in the end, the results are the same. That lie could give you a false sense of security, and could end up causing you to become infected more easily, and that is a very bad thing. To learn how to protect yourself against Mac malware, regardless of what you decide to call it, see my Mac Malware Guide.