Software security company ESET reports that hackers have successfully ported older Linux-targeting malware to Mac OS X. OSX/Tsnunami.A is a new variant of Linux/Tsunami, a malicious piece of software that commandeers your computer and uses its network connection to attack other websites.
Like its Linux-based predecessors, Tsunami works by communicating via Internet Relay Chat, or IRC. The malware listens to a hardcoded list of IRC channels on specific servers, and responds to specific commands entered by others in those chatrooms. When triggered, infected computers can be instructed to attack individual websites, by sending large numbers of simultaneous requests. This is known as a Distributed Denial of Service attack (or a live Apple event); the huge number of simultaneous requests to a single website can cause it to crash or go offline.
Even worse, ESET says that Tsunami can force your computer to download additional malware or other software. The company also says that its antivirus software, ESET Cybersecurity for Mac, can detect and remove the malware.
… here's the thing.
This Trojan — like many other "security" "problems" on Mac — require the end user to, essentially, do something stupid. Say they're on a porn site, and a pop up window appears telling them their Mac has malware on it, and it can be fixed by clicking this link. They then download something and install it. The people who do this deserve the problems they get. Mac software is super easy to get, and Apple even set up a wholly legit online store where you can get what you're looking for. Unless you're surfing for part of a cracked Photshop .rar or trusting something crazy, there's so little chance that this could affect users that it almost insults the intelligence.
Know where your software is, back up like it's a religion and — despite its popularity — Mac users can continue to enjoy some pretty great security, despite these scare tactics due to the platform's enhanced popularity.