Most archeologists now accept that the city of Troy existed in the 11th or 12th century BC. What is unknown is whether the Trojan War also had basis in fact. As you may know, Greek mythology tells us of Eris’ Apple of Discord, given to Paris to be presented to fairest of the goddesses, Athena, Hera or Aphrodite. All attempted to bribe Paris, but he ultimately chose Aphrodite who promised him the love of the most beautiful woman in the world, Helen of Sparta.
Paris went to Sparta and Helen fell in love with him, helpfully coerced by one of Cupid’s arrows. The pair eloped to Troy, after which the city was besieged by the Spartans. After 10 years and many battles, the attackers rolled a great wooden horse inscribed as a “gift to Athena” to the gates of Troy and departed in their ships. The defenders, thinking the battle won and the war ended, wheeled the horse inside the gates of the city and proceeded with a night of drunken revelry and celebration. That night, soldiers emerged from the horse, overwhelmed the city’s defenders, and won final victory. This is the etymology of the term “Trojan Horse.”
In the computer world, we use the term in a similar fashion which is to say that a “Trojan Horse” is a program or bit of software that seems benign but is actually malevolent. Mac OS X experienced its first wide-spread Trojan Horse this month with a program called Mac Defender.
It’s worth noting that Mac Defender requires that the user (you!) both download and install the program before it is capable of doing anything. That is to say, like the Trojan Horse of antiquity, one must be fooled in order for it to work. This “social engineering”—email phishing is another example—is probably the biggest security threat to Mac users. The number one thing you can do to prevent this type of thing: Do not download or install any software if you don’t know where it’s from or if you didn’t explicitly choose to download it.
If you’ve already installed Mac Defender, don’t feel badly. This is the first widespread malware of its kind for the Mac, and human history is replete with people falling for the tricks of others. Revel, if you will, in your humanity. Also, feel free to celebrate the lesson learned, because Mac Defender doesn’t do a whole lot. It’s easily removed (Google “Remove Mac Defender” or see the links in my Twitter feed for explicit instructions) and it does not harm or compromise your computer.
If you’ve gone so far as to “buy” Mac Defender—the program wants you to purchase it with a credit card—I would strongly advise you to cancel that card as soon as possible.
This is unlikely to be the last Mac Trojan Horse we see, but if you follow the steps outlined above and stay connected to the Apple community, you have little to fear.