The legend is called a legend because it believe. Legends don't collapse overnight. There are intermediate legends, half consisting of completely reliable facts.

Everyone who is somehow involved in the IT world has heard the legend about the absence of malicious software under Mac. Accepting the truth for yourself - and the truth is that such software exists - is at least not easy. We have already set foot on this path, but it promises to be long. In particular, it runs through those very intermediate legends. Let now there are not so many of those who are confident in the total invulnerability of the desktop platform from Apple. However, here's a common statement for you: "since this is UNIX, the virus will not do anything until you enter the administrator password." Whether this is true depends on the virus. Some of the viruses are indeed activated by entering a password, but some of them work autonomously. Therefore, it is, though partial, but still a legend. The ability not to enter your password anywhere is not a panacea in the fight against intruders.

At the end of last week, I visited Monte Carlo, where specialists Kaspersky Labs held a presentation for me and my colleagues Kaspersky internet security under Mac. First, I would like to talk about the most interesting thing I heard, and then I will go directly to the product.

Issues

Senior Virus Analyst of the Laboratory
Kaspersky Vicente Diaz Something interesting is not necessarily something new. On the pages of the site, we wrote more than once about vulnerabilities OS X. we and about flashback(aka Flashfake). This Trojan was first discovered in September 2011, but it wasn't really talked about until six months later. In the spring of 2012, there were already more than 600,000 infected Macs, according to one source. Then they began to talk about 700 thousand, and this is exactly the number that was announced last weekend by a senior virus analyst at Kaspersky Lab. How was Maxim Selikhanovich, a resident of Saransk, able to form a botnet for 700,000 machines? By pre-infecting 30 to 100 thousand sites - of which most are based on the WordPress platform, just like a site. The user visited the site, after which a hidden Java applet with an exploit was launched in his browser. Here is a map of the distribution of Flashback, as you can see, the attacker was aiming at the States:

Clickable

The described case is the best example of how you can "climb" through a vulnerability in the Java virtual machine. The best - but not the only one. In 2011 and 2012, five vulnerabilities in Java were actively exploited, two in the long-suffering Flash Player, and one in Adobe Reader. Adobe and Oracle are doing what they can, but they have two problems. First, releasing a patch does not mean protecting the whole world at once. In the 10 weeks after the discovery of one of the vulnerabilities in 2012, the number of users at risk decreased by only 15%. Those. a hacker has a chance to infect your computer even some time after they start fighting with it! Well, and secondly, in the pursuit of security, you can completely abandon the same Java (losing functionality at the same time).

Oracle now explains how to turn off Java via plugin settings and how not to run any applet by mistake. Those. even the company itself implicitly promotes not using Java as the only way to avoid infection...which is pretty funny in itself.

No less resonance than in the case of Flashback, the history of pseudo-antivirus Mac Defender and its many varieties. Mac Defender, let me remind you, was distributed through specially advanced Google links. The link revealed a window a la antivirus, through which you were informed about supposedly found threats and offered to install a security application. Having settled in the system (the latest versions just did not require a password), the program immediately began to engage you to purchase " full version". In reality, a much larger amount was withdrawn from a credit card at once, the data on it became the property of intruders, and porn sites opened by themselves in the browser. At the presentation, Vicente showed Mac Defender in action - I confess, earlier I only had to write about it.

With attacks on the masses, everything is clear, but what about targeted, targeted attacks? Here it is important to understand this:

If you have your own company and you have been targeted by an attack, you will never talk about it publicly. Searching for such information is not an easy task.

However, Kaspersky Lab was able to track down several such attacks. One of them, being directed at the fighters for the independence of Tibet, began in the same ill-fated spring of 2012. What does the Mac have to do with it, you ask? The fact is that the Dalai Lama prefers the platform from Apple, and, as a result, the same can be said about many of his followers. They receive emails with an attached Word document called "10th March Statement". It is not surprising that they boldly open it - after all, one of the statements of the Dalai Lama once came out under exactly the same heading. Once opened, malicious code is executed and hackers get remote access to files on the victim's computer. I am writing in the present tense because this particular attack continues to this day (!). Similar methods were used this year against the Uyghur people, and Vicente showed us another kind of targeted backdoor - which creates and sends screenshots to a specific address. This variety is quite fresh - it was already aimed at activists from Africa, it was just a couple of weeks ago. And not a single policy! Apple computers are popular among high-profile businessmen, making them equally easy targets for targeted attacks. Do you know why attacking OS X is in some ways easier than Windows? because awareness OS X users about threats is comparable to that of game console owners. According to Forrester Technographics, only 17% of Mac enthusiasts think about this kind of thing.

According to a senior product manager at Kaspersky Lab Vartan Minasyan:

Every second Windows user, at least knows that there are threats somewhere on the Internet, and that it is worth defending against them. […] Most Mac owners think that there are no threats to their computers at all. With that fact in mind, Mac users are an even more interesting target, as it's much easier to attack someone who isn't ready to attack. Of course, such a user will not want to acquire protection means.

Senior Lab Product Manager
Kaspersky Vartan Minasyan Such protections, in theory, should be provided by Apple itself. But in Cupertino they go their own way - the way closeness platforms. In the ideal (from Apple's point of view) case, you should install software exclusively from Mac App Store, where there is allegedly the strictest censorship, which will not allow malicious software to appear there. Here we should recall the famous hacker Charlie Miller and his experiments with mobile App Store - such a parallel is correct, since censorship is almost the same here and there. Charlie, after all, is to deceive the censors and “drag” the Instastock client program into the virtual store. It didn't have banned snippets - but it did have the means to download them from Charlie's server! Like every example in this article, this one would not make sense if there were no other example. Please: Find and Call. A harmless-looking program that spams your entire contact list. Proven censors.

If even in the Mac App Store you can find something malicious, then what can we say about the natural Klondike outside the virtual store. Okay, let OS X Mountain Lion have Gatekeeper, which by default prohibits the installation of unsigned software. However, the already mentioned backdoor for taking screenshots of macs.app was just signed!

It is not necessary to change censorship or tighten the issuance of certificates, Apple. You can simply intelligibly tell the public about how these mechanisms actually work (say, censorship is very superficial check). You can also quickly implement modern security systems in OS X. Why wasn't a technology like ASLR implemented until four years after it was introduced to Windows? Why Buffer Overflow Protection Was Too Late six years?

We should also speed up in terms of patches. The same Flashback (or rather, a vulnerability in Java) Apple “cured” only by the time hundreds of thousands of Macs were infected.

Product

Previously, the only solution for Mac from Kaspersky Lab was the package kaspersky security. At the beginning of the summer it will be expanded to Internet Security, thereby protecting users from the troubles of the first part of the article.

• Secure web surfing and shopping. Each page you visit is checked against an extended anti-phishing database, and its content is checked for malicious code. Links are also checked - next to the most suspicious ones you will see a red icon (support for Safari, Chrome and Firefox is declared). Everything is clear with file and mail antiviruses: the first scans the contents of disks, the second is responsible for incoming mail and attachments.

Clickable. Pay attention to icons next to links

• Protection of personal information. In addition to standard anti-phishing technologies, KIS for Mac includes on-screen keyboard, which cannot be registered by any keyloggers.

• Advanced parental controls. It contains four components: web control (blocking sites and downloads by categories, filtering search results), time control (what time of day and how long a child can be on the Internet), control of all the same personal data (so that they cannot be thoughtlessly entered ), as well as control of social networks (for blocking correspondence, it is not known with whom).

Regarding the topic of consumed resources, beloved by many (including me).

With representatives of Kaspersky Lab, timed to coincide with the launch of a new product for OS X - Kaspersky Internet Security for Mac. Of course, we could not get by with the speeches of officials, and therefore it was decided to personally test the product in practice.

Let's start from afar. There are a lot of different infections on Windows: viruses, trojans and other "malware". Last but not least, the situation remains and will definitely remain so for some time due to the popularity of the platform. In this regard, Windows is far ahead of Apple's operating system, although the latter is gradually increasing its market share, which in turn will sooner or later attract the attention of people with unclean thoughts and a thirst for profit over a harmless Mac user.

However, today we can only remember the FlashBack Trojan epidemic, which still seems to many to be imaginary and not unreasonable. The Java plugin, which is used on many platforms, including OS X, is also not particularly “armor-piercing” and suffers from the fact that attackers find holes in it from time to time. In any case, there is reason to think. But for now, just think about it, since we have not yet seen viral epidemics.

Why do we need Kaspersky Internet Security on Mac? Based on the name, it can be understood that the product is not positioned as a purebred antivirus, rather it is a product that can provide different levels of user security while on the Web. Naturally, the program also has an anti-virus module. In general, the program can be conditionally divided into three components: file antivirus, web antivirus and parental control. The screenshot below shows that they are all enabled.

The program can scan HDD not only for Mac threats, but also for Windows, which can be installed on your computer using Bootcamp. Moreover, I will give an example from my personal experience.

Viewing new comments left by group members AndroidInsider.ru on the VKontakte social network, I became interested in one specific comment containing a link to the installation file of the program for the OS. As it turned out, after two clicks of the trackpad, the interest was very useful - the Android Trojan was stored in the apk file, sending paid SMS. Kaspersky Internet Security for Mac helped to find and beat the villain. True, this was the only case when the program did something, all the other days of surfing the Web passed in the “quiet and smooth” mode, except perhaps antivirus program updated the database from time to time.

Monitoring Internet traffic and timely fending off a few threats for Mac and more malware for other platforms is not the only thing that Kaspersky Security for Mac can do. One of the most interesting features of the program is the "Parental Control" function, which speaks for itself.

It has a lot of settings - the user can choose what content sites to restrict the rights of an individual Mac user to (read: account your child). There are plenty to choose from: you can limit the type of content on the Web if you do not want your child to be interested in weapons, drugs and pornography, in which case when you try to go to a potentially dangerous site, Kaspersky Internet Security will simply stop all attempts to go to the wrong place, where you can go. As you know, some social networks are repositories of very different content, sometimes such that not only children do not need to be shown, but especially impressionable adults, so access to social networks can be flexibly configured. As well as the time spent on the Web.

In an interview, representatives of Kaspersky Lab claimed that the program is undemanding to computer resources and minimally affects system performance - the figure was 0.5% of processor time. In general, this statement is very close to reality if the program does not check your media for viruses and other evil spirits. Indeed, the average consumption of processor resources in my case fluctuated around this mark. Naturally, when checking KIS, it will be much less modest in terms of computer resources, however, no negative impact on computer operation was noticed.

Why do you need or don't need Kaspersky Internet Security for Mac at all? Of course, virus analysts will predict the imminent collapse of all systems under the onslaught of viruses, but we, ordinary users, who first need to prove the need to purchase and install extra program, most likely we will wait for the moment when the number of epidemics of Trojans and other viruses exceeds the number 1 (at least). While OS X for us remains one of the most safe systems, where the user is protected from external threats without third-party solutions. On the other hand, particularly emotional individuals will like to feel even more secure, and attentive parents will be sure that the child does not go to the Internet where it is not necessary.

Kaspersky Internet Security for Mac- will make your Macintosh computer truly invulnerable. Protect not only yourself, but also your family, friends and colleagues by sharing only trusted, secure files and links. Malicious programs are not only created for Windows these days. The number of Mac users is now large enough to attract the attention of "virus writers". Their interest in this platform will only grow over time. But it is in your power to stay completely safe by providing your Mac with reliable protection. The free trial version lasts 30 days. To extend its validity, it can be purchased for 1200 rubles / year, it's up to you.

As the Mac maker assures us, OS X uses powerful, advanced technologies to continually scan, encrypt, and update your Mac to make it more secure. For example, the system provides protection against hackers using a method called "sandboxing" - it limits what malicious applications can do on your Mac, access your files and run other applications. Sandboxing is one of the many ways OS X uses to protect your data. Other automatic security features include random relocation of system libraries to prevent malicious commands from reaching their target, and an execution disable feature that protects your Mac's memory from attacks.
But additional protection should not be neglected., since Kaspersky Security for Mac has many protection features that are not available in the Mac system, thanks to which you can protect yourself as much as possible.

So what do we get by downloading and installing Kaspersky Security for Mac?

• Innovative hybrid protection
• File antivirus
• Web antivirus
• Parental control

Key features of Kaspersky Security for Mac:

Innovative hybrid protection

File antivirus
Kaspersky Security for Mac checks all files that are launched and saved for malicious code. When scanning, both local anti-virus databases and information from the "cloud" are used, so you can be sure of reliable protection your computer. For maximum performance, only new and changed files are scanned.
Web antivirus
Before you visit a particular web page, Kaspersky Security for Mac checks its address against a database of phishing and malicious sites, and also analyzes the web page itself for malicious code. In addition, the Link Checker informs you about the reputation of each link by adding a color indicator to it.
Parental control
With the help of the Parental Control module, you can limit the time that your children spend
on the Internet, block their access to "adult" sites and prevent the transfer of confidential information. You can also control the communication of the child in in social networks- view correspondence and limit communication with certain contacts.
Virtual keyboard
Mac users can now securely enter personal and financial information using virtual keyboard. In this case, to enter characters, you need to press the mouse cursor on the buttons located on the screen. These actions cannot be captured by keyloggers and malware that creates screenshots.

Advantages Antivirus Kaspersky Security for Mac:

There is a completely free competitor for Kaspersky antivirus for Mac, this is.
Improved! Real-time malware protection for Mac OS, Windows and Linux
Thanks to the combination of traditional and cloud-based protection technologies, you are not afraid of known and new threats: viruses, Trojans, spyware, and others.
New! Protection of personal data
Kaspersky Security for Mac blocks rogue websites and malicious objects that threaten your valuable data, and protects against spyware and identity theft.
New! Parental control
Control the activity of children on the Internet. Block access to unwanted sites and prevent the spread of sensitive information such as addresses, phone numbers, numbers bank cards etc.
Enhanced! Familiar Mac-style interface
With an intuitive Mac-style interface, using Kaspersky Security for Mac is easy and convenient. Key Features and information about the protection status of your Mac are available in the main program window. Kaspersky Security for Mac supports latest versions MacOS.
Minimal resource usage of your Mac
Kaspersky Security for Mac makes optimal use of computer resources and has minimal impact on its performance. To improve performance, the check speed varies depending on user activity.

Kaspersky Internet Security for Mac - free download 2018 and 2015

What's new in the latest version 18.0.1.35

• Temporarily disabled Safe Money notifications
• We fixed an issue where Kaspersky Internet Security 2018 for Mac OS required a constant restart of the computer after installing patch A.
• Patch B is installed with updates databases Kaspersky Internet Security 2018 for Mac OS.

Useful links and other information:

Supported Operating Systems MacOS:

• operating room Mac system OS X 10.6 or higher

Minimum system requirements:

• About 350 MB of free hard disk space (depending on the size of anti-virus databases).
• Internet connection to activate the product and receive regular updates.

In Macradar, we are quite active in covering Mac OS X security issues (you can follow the publications by the tag). They also wrote about trojans that need to be “independently” installed, and about vulnerabilities in third-party applications, and about the first botnet. Antivirus developers are preparing Mac versions of their products, arguing that although there are no viruses for Mac OS X now, but “in the future, as Apple’s share grows, everything can change.” In the summer, for example, Dr. Web released an antivirus for Mac OS X, and the other day it was competed with by Kaspersky Lab.

The distribution kit of Kaspersky Anti-Virus weighs just over 50 MB, and you can download it from the official website of the developer. After installation (which, by the way, does not require a system reboot), the user needs to get a trial key valid for 30 days. This should be enough to assess the need for an antivirus (or lack of it). At the next stage, you will need to update the signatures (anti-virus database).

The interface causes frankly not unambiguous feelings. It seems that two teams of UI designers were engaged in its creation at once, independently of each other. One of them had Windows XP with classic style turned on, and the other was given a poppy. As a result, the main window looks like a seven-year-old Winamp skin, and the application options window is well done:

In LC, by the way, the interface is considered a great advantage: “Knowing that a convenient and attractive interface is very important for Mac applications, Kaspersky Lab has provided new product with brand new animated interface. It is very easy to use, both for novice users and for professionals” (emphasis mine).

Kaspersky Anti-Virus for Mac OS X uses the global anti-virus database. With its help, protection against "20 million malicious programs" is provided (according to the LC). It is a question of mainly screw infection. The antivirus works well. The developers themselves claim that the application requires only 1% of the processor power. In reality, the figure is often lower - according to the Activity Monitor, about 0.9%. So the antivirus does not have a tangible effect.

Process full scan a 60 GB disk took just over an hour. No viruses were naturally found. I had to go to the Eicar website to download a test (fake) virus and evaluate Kaspersky's reaction:

You need an antivirus for a poppy or not - it's up to you. The LC emphasizes that the application will not only protect Mac OS X, which has no special problems, but will ensure the security of mixed networks and shared folders virtual machines. Those. it all comes down to windows holes again ;-)

Kaspersky Internet Security for Mac provides protection against Internet threats that target computers and laptops running macOS. Comprehensive antivirus includes web antivirus, parental controls, privacy protection, secure payments and VPN

New in Kaspersky Internet Security 2020 for Mac

What's new

• Now Kaspersky Internet Security for Mac offers a scan of external drives immediately after they are connected. If on external drive there is a malicious file, this will allow you to detect it faster.
• We have added support for a dark theme that reduces eye strain. Appearance program adapts to your macOS settings.
• New security reports are now available in the program.
• We have improved the performance of the program. Now it has even less impact on your operating system.
• Now, instead of the Parental Control component, the application includes Kaspersky Safe Kids, a multiplatform application for parental control, which will help protect the child from adult content, find out the location of the child and the battery level on his device.
• We have updated the interface of the program to make it more convenient to work with.

Known limitations

• Dark theme may not work properly with extensions for Chrome browsers and Firefox due to their lack of browser support.
• A recommendation to install Kaspersky Password Manager may appear even if a password manager from another manufacturer is installed on your computer.
• The timing of license-related events (such as the end of a subscription) may differ in the interface of Kaspersky Internet Security for Mac and in My Kaspersky due to the difference in time zones. We recommend focusing on the time indicated in the program.