Apple growth will draw malware attacks

As Apple continues to grow its worldwide market share and the company's products find their way into more business environments, attackers are certain to follow and create greater volumes of exploits aimed at vulnerabilities in the company's software, security experts contend.

According to industry analyst firm Gartner, Apple shipped just over 1 million Mac OS X-based computers during the fourth quarter of 2007, a gain of 227,000 over the fourth quarter of 2006. The analyst firm reported that Apple's U.S. market share for 2007 jumped by 28 percent compared to 2006, rising to just over 6 percent.

And with Apple CEO Steve Jobs stating at last week's Macworld Expo and Conference that the company has already sold 4 million iPhones and 5 million copies of Leopard (Mac OS X 10.5), its latest OS, since launching the products last year, the company's prospects look stronger than ever.

However, malware researchers and industry analysts warn that as the sheer number of Apple end-point devices in use worldwide rise, so will the security concerns tied to the company's products.

"It's hard to get around market share. At the end of the day, malware writers don't care what operating system you are using; it's about whether or not you have valuable information on your machine and whether there is an opportunity to take advantage of it," said David Marcus, security research manager for McAfee's Avert Labs group.

"Microsoft Windows has been targeted so aggressively because it has a much broader deployment than the Mac OS," he said. "But the malware authors watch trends just like everyone else, and they know more people are considering a move to Apple, including government institutions and businesses; if it makes financial sense to go after that opportunity at some point, they will move in that direction."

The Mac's vulnerabilities

In some cases, attackers will seek to exploit vulnerabilities such as currently unpatched flaws in Apple's QuickTime multimedia player application. In other cases, malware writers will use threats based more on social engineering, such as with the MacSweeper rogue cleanup tool that appeared during Macworld Expo, the researcher said.

MacSweeper serves as evidence that developers -- both credible and not -- have already begin to turn more of their attention to Apple platforms, anticipating Mac users' security fears, Marcus said. Although MacSweeper is pitched by its creators as a utility for cleaning malware programs and other unwanted software off of Mac OS computers, it has proven to do almost nothing of the sort, despite its $40 asking price.

David Maynor, chief technology officer of research and consulting firm Errata Security, said that one area where attackers may seek to assail the Mac OS is via flaws found in some of the older open source libraries of software code used in the platform.

Apple also typically lags in patching issues found in those code libraries, such as with the Samba networking protocol used in the company's Mac OS X.