Why Mac users should care about Windows malware

Although Macs are more likely to carry Windows malware than Mac malware, Mac users need to keep their systems clean

A Sophos researcher stirred up the Mac masses this week when he reported that 20 percent of Mac computers carry Windows malware. The good news is that even though Macs are capable of harboring Windows-targeting viruses and Trojans, those machines can't be harmed by the malware in all but exceptional cases. The bad news, though, is that Mac users can still spread that malware to Windows machines in a number of ways.

Sophos senior technology consultant Graham Cluley reported earlier this week on a Sophos study that found that one in five Macs carries one or more instances of Windows malware and that one in 36 Macs are infected with Mac malware.

Some critics of Cluley's article have taken issue with his view that "although most of the malware we're currently seeing on Macs is designed to infect Windows, you should still be a responsible member of society and ensure that you're keeping your Mac squeaky clean."

Again, Windows malware won't hurt a Mac, but a Mac user can inadvertently pass along that malware to a colleague's or friend's Windows machine in a number of ways. Cluely provided InfoWorld with the following examples:

  • Forwarding malware-infected emails to Windows-using friends and colleagues
  • Sharing files with Windows colleagues and friends (using USB sticks, Dropbox, or the like)
  • If Web development is done on a Mac, infected files (be they executable or HTML/JS infections) can end up being transferred to a Web server and shared with the world

What's more, Mac machines aren't entirely immune to Windows malware if they're, say, running Parallels. "When you run Parallels, or any virtual machine software that runs a full copy of Windows, it's just like you're running Windows when you're in that VM, and all the same rules apply," InfoWorld security expert Roger Grimes said via email.

Unless you run Windows on your Mac, the notion of loading resource-intensive antivirus software simply for the sake of protecting a peer or friend's Windows machine may not sit well. Bill Cole, a system admin, thoughtfully weighed in on the subject in his blog:

One of the reasons Mac users have been reluctant to adopt AV software is that it is perceived as bloatware that does nothing of direct value for a Mac user. Is it worth the AV overhead for the average Mac user to know when he has surfed past a page that has IE-specific evil JavaScript in it or when the latest blatant phish in his Junk folder is recognized specifically as containing a Windows attack vector? Not really. Flashback and PubSab change that analysis significantly, but not enough for a lot of Mac users. Maybe if the major AV vendors could claim to have prevented infections before Apple's sluggish fix for the Java hole they would be more convincing.

As both Cole and Cluley noted, the emergence of Mac malware like Flashback points to the fact that Macs are becoming increasingly targeted by malware as the Mac platform continues to gain popularity. "Clearly, the Windows malware on Macs isn't as big a problem as Mac malware actually running on Macs, but the fact that some of the Windows malware we found on Macs was five years old underlines that many Mac users simply aren't taking security seriously at all," Cluely told InfoWorld.

In other words, it would behoove Mac users to start taking necessary precaution to better protect their machines, just as it would suit vendors (hey, how about Apple?) to develop the sort of security software that Mac users will want to use. Mac malware will only increase, and down the road, we might start seeing instances of malware capable of infecting both Macs and Windows.

"There are very, very few examples of malware that have payloads that work on both Mac and Windows. The ones that do exist aren't common in the wild," said Grimes. "As our Web standards become more standard (with Web services, HTML5, and so on), we can expect payloads to become cross-platform, because the bad guy can at least infect and exploit within the hosting browser environment. I expect a future headline within a year or two to announce the arrival of popular cross-platform malware."

This story, "Why Mac users should care about Windows malware," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.

Copyright © 2012 IDG Communications, Inc.

How to choose a low-code development platform