Following recent cases of malware that targeted Mac OS users – including “Fakeflash” and “Flashback’ – many security experts now warn that these widespread malware attacks prove that Macs are no longer safe from hackers.
Recent highly-publicized Mac malware outbreaks may seem like something new, but experts have predicted for years that Mac owners would inevitably face a growing security threat:
“At some point, assuming Apple continues to make appealing products, we Mac users will become bigger targets and face a higher level of risk. [According to] Adam J. O’Donnell, Ph.D., Director of Emerging Technologies at Cloudmark, ‘…[A]n inflection point will come when the rate at which a malware author can reliably compromise a PC rivals that of the Mac market share. It is at this time you will see monetized, profitable Mac malware start popping up.’”
(reported by Rich Mogull, tidbits.com 2008)
In other words, as Macs have become more popular with consumers, they have become more attractive to hackers as well. Another factor in the increased attacks on the Mac platform is the changing architecture of malware.
Malware grows more sophisticated, complex
The old-fashioned computer virus was a piece of software that could attach itself to “healthy” application, then replicate its code to infect additional programs and systems. Historically, Mac owners did not face significant real-world danger from this type of threat. In the past, Apple even promoted the Mac OS as virus-free: for example, in its long-running Get A Mac television commercials, and (until recently) on its website.
Mac Defender was a rogue security program discovered in May 2001 that relied upon social engineering to fool users, causing much frustration for the Mac owners who unwittingly installed it on their computers.
In September 2011, Flashback malware began infecting Macs by masquerading as a legitimate software update, thereby tricking Mac users into installing malicious code. This type of exploit is technically a Trojan rather than a virus – but for the user the result is much the same.
Later Flashback variations used an un-patched Java vulnerability against Macs that visited poisoned websites – a “drive by” download that installed silently without user permission. Flashback and its descendants eventually infected over 600,000 Macs, mostly in the U.S.
Looking forward, malware that bypasses the OS or gains entry via un-patched and vulnerable third-party software will be sa ecurity concern for Mac and Windows users alike. Future malware could target not only the Mac’s OS — but also Apple’s bundled software, third-party applications, and especially browser plugins and extensions — so potential vulnerabilities can exist in many areas.
The Good News
Fortunately Mac Users do have a number of new security tools to assist them. One of the most popular is also free: avast! Free Antivirus for Mac (completely free for home users). According to the publisher: “Three days after its release avast! Free Antivirus for Mac shot to first position in the ‘Most Popular Mac Downloads’ section of CNET’s Download.com surpassing Mac security products from other vendors as well as all music, video, browsing, or other Mac apps in general.”
- Andrew Nusca . “Half a million Macs infected (a dream, dashed)” ZDNet.com | April 5, 2012.
- Nicole Perlroth. “A New Variant of Malware Takes Aim at Mac Users” nytimes.com | April 23, 2012
- Topher Kessler. “How to protect your Mac from recent malware” CNET.com | May 17, 2011.
- Topher Kessler. “Mac malware infection rates remaining constant” CNET.com | May 7, 2011.
Image credit: Felix Triller (via flickr)