Did the Mac malware wake-up call fall on deaf ears?

Many Mac users still refuse to understand what the successful Flashback attack really means. Here's a rational response to their objections

Last week, in light of the Flashback threat, I offered my assessment of the historic rise in Mac malware and how its prevalence amounts to a wake-up call for Mac users. The gist of my post was that the Mac is a victim of its own success. The bigger the market share, the bigger the target -- and the Mac is not immune to exploits.

I wasn't surprised that my assessment drew a few critics. Here're my synopses of the objections to my post, along with my responses.

[ For tips and tools for managing an enterprise Mac fleet, download InfoWorld's free "Business Mac" Deep Dive PDF special report today. | See InfoWorld's slideshow tour of Mac OS X Lion's top 20 features, and test your OS X smarts with our OS X Lion IQ test. | Keep up with key security issues with the Security Central newsletter. ]

No one, Apple included, ever said that OS X was immune
Maybe not "immune," but Apple has run ads over the last decade strongly implying that Macs lack the malware and security problems of Windows. In fact, some of the comments I received reiterated that very notion. Mac users are still resisting the idea that their platform has become a popular attack target and that those attacks are succeeding.

Apple is taking down the botnet -- unlike what Microsoft does
This one is pretty laughable, since it's Apple's first large botnet takedown. The big antimalware companies that tried to contact Apple for assistance early on in the interest of limiting the damage were ignored -- and at one point was attacked by Apple.

Microsoft has been taking down large botnets for years and has official and unofficial partnerships that lead the antimalware industry. (See "Botnet whack-a-mole might just work" and Microsoft's TechNet blog for examples.) This is no surprise. After all, Microsoft has been dealing with big malware problems for decades. Ask any independent security researcher about who is more open about security problems or works more aggressively to put down security threats. The answer won't be Apple.

It wasn't OS X that was at fault with the Flashback Trojan, but Java
True -- but also true of Windows. Most of the successful exploits on Windows are not related to the Windows operating system. (There are exceptions, of course, such as the Conficker worm.) The most popular exploits on the Windows platform are Java exploits, Adobe Acrobat PDF exploits, Adobe Flash exploits, and socially engineered Trojans that fool users rather than exploit software vulnerabilities.

Most of the people I know personally who have been infected were exploited through unpatched versions of Java. The only difference this time is that my Mac friends got hit.

OS X wasn't at fault; it was a Trojan that people accidentally installed
The Flashback malware program isn't accidentally installed like most socially engineered Trojans. It uses a Java vulnerability to "silently" install itself on unpatched versions of OS X running vulnerable versions of Java.

1 2 Page
From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies