2011: The year Mac malware got interesting

Last year, the amount of malicious programs written for Mac OS X went from negligible to a little bit more than that. Still, signs point to more Mac security issues on the horizon

For years, security professionals have argued that Mac OS X is just as prone to digital attack as the latest Windows system. Yet, Mac users have felt safer because, let's face it, few attackers focus on Macs.

Two recent surveys of 2011's most significant incidents in Mac security reinforce that the malware threat is still nascent, yet getting more serious.

By the numbers, the vast majority of attacks target Windows users. Only about five dozen different malicious programs targeting Mac OS X were released this year, according to recent analysis posted by security firm F-Secure, which used a conservative approach to counting, focusing on "families" of malware. On Windows, antivirus firms typically cite numbers in the millions, but they usually count malware variants, of which many can belong to a single family.

Mac malware continues to be "nothing when compared to Windows malware -- but it's definitely something when compared to the number of Mac threats seen prior to 2011," says F-Secure's threat research team in the brief analysis.

Macs have also caught the collective eye of cyber criminals. A second report focuses on the quality, not the quantity, of malware that has targeted Mac users. The survey, released by security firm Intego, found that a handful of threats against Mac OS X had lasting impacts.

In particular, one threat -- a series of rogue security programs released under various names, including Mac Defender and MacGuard -- likely infected thousands of Mac users after its release in early May. The group behind Mac Defender seeded images and search results with links that lead to malicious download sites. When a user clicked on the link, the program would be downloaded and attempt to install itself. While installation normally requires user permission, that differs little from the modern crop of Windows malware. People who installed the program would get a warning that their machine was infected and would have to pay for "security software" to solve the problem.

The company argued that Mac Defender demonstrated that Macs can be effectively targeted by cybercriminals. "After that day ... the Mac community realized that the malware threat had become much more serious," the company states in the report.

The group behind Mac Defender released a version that did not require the administrator password to infect the system, and then created another version that evaded an Apple update designed to seek out and destroy the malware.

The lesson of 2011 is that Mac users should worry about security threats, just not necessarily about "viruses," says Intego. "The majority of Mac malware, as shown above, comes as Trojan horses, tricking un-savvy users into installing them, making them think they are something they are not," the company writes.

This story, "2011: The year Mac malware got interesting," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.

Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies