There are fewer malware threats for Mac OS X than Windows or Android, but they do exist and now Mac users have a new tool to send suspicious files to Google’s antivirus engine scanning aggregator, VirusTotal.
Google’s malware scanning service VirusTotal released its Mac OS X uploader tool on Monday, offering a shortcut for Mac users to upload suspicious files to VirusTotal. Once uploaded, the service shares files with antivirus companies, helping them provide more current protection.
“Hopefully this will lead to VirusTotal receiving more Mac applications, diving deeper into an increasingly targeted OS by attackers and allowing antivirus companies and researchers making use of VirusTotal's backend to build stronger defenses against these threats,” VirusTotal said in a blog post.
PC users can submit a suspicious file or URL to VirusTotal, which then scans them against malware databases from dozens of antivirus vendors. It doesn’t offer protection for a device but can be used to check whether antivirus vendors have judged a file to be malicious. Antivirus vendors can use the service to discover new files that should be on their blacklist while others, such as, Facebook’s threat researchers use its data to solve security problems.
The Mac OS X Uploader can be installed from VirusTotal for OS X 10.7 and upwards, but the Google subsidiary notes it’s only tested it on OS X 10.8 and 10.9.
Some of the tool’s features include:
- Drag and drop a file to the VirusTotal Uploader in order to scan it with over 50 antivirus solutions.
- Drag and drop a folder to the VirusTotal Uploader and schedule the analysis of its content.
- Drag and drop a Mac application to the VirusTotal Uploader.
- Allow you to "Open With" in finder the VirusTotal Uploader to scan a file.
Mac owners could previously submit a file directly to VirusTotal’s homepage, but the process wasn't simple as the uploader tool that's been available for Windows files for several years.
There’s also a VirusTotal Android uploader app that was published on Google Play in 2012, shortly before Google acquired the company. The app scans Android apps installed on devices against over 40 Android antivirus products but hasn't been updated since the acquisition and recent reviews note issues with it running on Android (4.4.2) KitKat.
The bigger focus for Google, it would seem, is in-built malware scanning features on Android, such as last month's update to "Verify apps", which now continually assesses an installed app's behaviour on top of the previously available check that was done at the time of installation.
Meanwhile, Mac users are yet to see a repeat of the Flashback malware outbreak in 2012 that infected around 600,000 Apple desktops and laptops. There hasn't been a repeat on that scale since, but, as security vendor Sophos notes in its 2014 security threat report, in 2013 there were numerous instances of Mac malware being used in targeted attacks.
This article is brought to you by Enex TestLab, content directors for CSO Australia.