Google’s VirusTotal now analyzes Mac Malware in sandbox playground

Apple’s OS X-based malware is on the rise, and so Google-owned VirusTotal is adding support for malware detection in files used by this operating system.

The service, acquired by Google in 2012, offers free utilities for researchers — and black hat malware creators — to test files and URLs for suspicious code. VirusTotal detects malicious code ranging from Trojans to worms and viruses, supporting the submission of approximately 1,500,000 files in November alone.

On Tuesday, Karl Hiramoto, Technical Solutions Consultant at VirusTotal, said in a blog post that Mach-O executables, DMG files or ZIP files containing a Mac app can now be scanned for malicious code in the VirusTotal sandbox environment.

The announcement follows the addition of support for Windows PE files in 2012 and Google’s mobile browser Android in 2013.

More security news

Apple-based iOS and OS X malware are not as common as Windows-based threats, but there is an uptick in detected infections and malware customized for these operating systems. According to a report issued by Sophos (.PDF), while there were no large attacks levied against the operating system, 2014 was a year of small and novel attacks.

The main threat vector against Apple users were zero-day vulnerabilities found within software such as Java or through fraudulent certificates — and users must take responsibility for keeping their systems up-to-date and cannot believe themselves to be invincible when it comes to online attacks. Apple issues frequent security updates in the same way as Microsoft, but malware is unlikely to go away as a threat to your privacy and security.

While adding support for Mac-based files can help researchers and antivirus firms document and combat malicious code tailored to compromise Apple’s operating system, there is also a downside — as black hat hackers can also use the free service to determine if antivirus software can discover their creations. There is also another facet to consider: some advanced forms of malware do not reveal themselves in sandbox environments when executed.

Users who wish to scan files for any hidden threat can do so on the company’s website, with an app or via the API.

Read on: Top picks