Macs under attack?

Features
By Davey Winder
published

It's arguable that the recent Flashback Trojan episode has been the tipping point when it comes to changing the face of the Mac security threatscape. But who is targeting OS X and iOS devices, how are they doing it and should the average business user be worried? Davey Winder investigates...

security threats

As many as one in five Mac computers harbours some kind of malware infestation, according to research by security giant Sophos. That includes Mac-specific threats as well as the more usually thought of Windows malware hitching a ride on any computer that will transport it.

At present, its cool and trendy image outweighs the security concerns for the individual but not for the businesses that are trying to manage BYOD.

Some 100,000 Macs running its own anti-virus software were analyse by Sophos, which found that around one in five were carrying some kind of Windows Trojan waiting to spread somewhere they could execute and cause damage. However, more worryingly for Mac users was the revelation that one in 36 were also found to be carrying Mac OS X-specific malware infections.

Sophos' Graham Cluley isn't wrong when he suggests that Mac users "need a loud wake up call about the growing malware problem."

There has, for far too long, been something of the ostrich effect in play when it comes to security problems and Apple devices: bury your head in the sand and the problem will not impact upon you seems to be the order of the day, even from Apple itself. Indeed, visit the Apple Store website and prospective purchasers are assured that they can "Safeguard your data. By doing nothing" and explain that it's "thanks to built-in defences in Mac OS X that keep you safe, without any work on your part." But is that accurate? The evidence would seem to be mounting that no, Apple, it is not. Not any more, in any case.

Take the recent Flashback Trojan infection which spread to more than 600,000 Apple computers running Mac OS X, for example. According to Russian AV outfit Dr Web this spread disguised as an Adobe Flash Player installer, with 56 per cent of the infected machines being based in the US and around 13 per cent in the UK. Upon execution it asks for an admin password an attempts to infect the system, whether that password was given determines the route to infection taken.

A successful infection ends up with users modifying web content displayed by the browser, redirecting users to malware or scamware sites. The FlashBack Trojan accounted for some 75.1 per cent of the infections spotted by Sophos.

Davey Winder
Davey Winder

Davey is a three-decade veteran technology journalist specialising in cybersecurity and privacy matters and has been a Contributing Editor at PC Pro magazine since the first issue was published in 1994. He's also a Senior Contributor at Forbes, and co-founder of the Forbes Straight Talking Cyber video project that won the ‘Most Educational Content’ category at the 2021 European Cybersecurity Blogger Awards.

Davey has also picked up many other awards over the years, including the Security Serious ‘Cyber Writer of the Year’ title in 2020. As well as being the only three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) Davey was also named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro Magazine called ‘Threats to the Internet.’ In 2011 he was honoured with the Enigma Award for a lifetime contribution to IT security journalism which, thankfully, didn’t end his ongoing contributions - or his life for that matter.

You can follow Davey on Twitter @happygeek, or email him at davey@happygeek.com.