Worms in Your Apple
Mac users have long behaved as if they are completely immune to the never-ending stream of viruses and other malware that frequently target their Windows-using friends. Up until this year, there was very little to shake their blithe sense of security. But with Mac OS X rapidly maturing from the platform of choice for quirky creative types to a popular operating system for businesses and consumers, hackers are honing in.
“As Mac is now around 10% market share, hackers are starting to target the operating system,” explains Peter Baxter, vice-president of Business Development at anti-virus company AVG. “Cyber criminals see the same research reports from Gartner that we see, and they are looking at Mac users like the fat kids around the cookie jar.”
In May, a fake antivirus (AV) program called Mac Defender began to appear on the svelte screens of Mac users, and was described as the first major malware threat to the Mac platform. The cleverly designed Mac-like app posed as an antivirus program, and asked users for their credit card numbers in order to “purge” viruses on their machines and protect them from new ones.
Says Timothy Armstrong, a virus researcher for the Global Research and Analysis Team at Kaspersky Lab: “These fake AV attacks for Mac OS X were found to be the highest in developed countries or regions (the US, Canada, the UK), as cybercriminals realised that the maximum potential for earnings was by spreading the fake AVs in these regions.”
He adds: “Typically the fake AVs were designed to trick users into thinking that they were infected and then they would offer a charge of $50 to $100 (between about R390 and about R790) to clean the computer. Feeding off of Mac users’ naivety when it comes to malware not only allowed potential for quick money, it also allowed cybercriminals to collect users’ credit card information.”
In its 2011 Threat Predictions Report, McAfee stated: “McAfee Labs saw malware of increasing sophistication that targeted Mac this year; we expect this trend to increase in 2011.The popularity of iPads and iPhones in business environments and the easy portability of malicious code between them could put many users and businesses at risk next year and beyond.”
Armstrong warns: “Apple’s security architecture is inherently insecure because it relies on a signature scanner, which is a low technology method of detecting malicious programs.”
Karel Rode, principal consultant of the RSA security division of EMC Southern Africa, says: “The threat space or landscape (available platforms to use as targets) is significant, and available stats indicate it’s growing aggressively. While people tend to be fixated on viruses, I am more concerned about Trojans. They set out to capture credentials and many other pieces of information. Imagine a Trojan that captures your marital status, age, weight, and health information (such as being a diabetic). That information could live in a database for years to be harvested by an email scammer keen to sell you some discount pharmaceuticals.”
The good news is that Apple’s engineering brigade has made advances in the past year.
Dominic White, a consultant at Sense¬Post, explains: “OS X Lion has finally brought OS X’s security in line with ‘modern’ standards.” It could do with some improvement to get it up to Windows level, but it has been a big improvement. Snow Leopard (the previous version of the Mac OS) still lacked several technical defences, and the versions before that were even worse.
“All computer owners should try to use a properly configured and updated antivirus product, Mac users included. While fewer viruses target the Mac, some do, such as the notorious Zeus crimeware kit that uses fairly advanced techniques to gain access to bank accounts. Antivirus is unfortunately only – very roughly – 80% effective against new viruses, but being left to only deal with the 20% is possibly worth it,” White says.
The message is clear: Cyber criminals are out to get you, and if you are not careful, you might soon discover a worm in your Apple.
Copy courtesy of Finweek. Call 086 010 3911 to subscribe.
Story by Jessica Hubbard
