It has to be said that there are far fewer viruses, worms and Trojan horses affecting Macs than Windows PCs, but the risk is real, and it's getting worse. In fact, the complacency of Mac users, who have almost been led to believe that their platform is germ-free, may lead to more serious outbreaks should virulent malware target the Mac. Most Mac users simply don't know how to react in the event of a malware attack.
If we look at the past year, 2009, we can see that malware writers are increasingly targeting the Mac. In January, shortly after Apple announced a new version of their iWork suite of productivity software, malware writers took advantage of it. Mac users who downloaded the software (a whopping 450MB) via BitTorrent were also treated to the iServices Trojan horse, hidden inside the iWork installer.
The iServices Trojan opened a backdoor on infected Macs, and it connected to remote servers to download new code. It was actively used as part of a botnet that was involved in distributed denial of service attacks and more.
Shortly thereafter, seeing the success of the first version of the iServices Trojan, the same cyber-criminals planted the next version of their malware with copies of Adobe Photoshop CS4 for Mac found on BitTorrent trackers. The actual Photoshop installer was clean, but the Trojan horse was found in a crack application used to serialise the software. Functioning in a similar manner as the first version, the iServices.B Trojan horse allowed remote users to perform actions on infected Macs.
The RSPlug Trojan horse, which Intego first discovered in October 2007, exists now in more than a dozen variants. There were six new variants in 2009, some masquerading as video codecs, and some which claimed to be games, MP3 files and others. Several other types of malware targetting the Mac were spotted during the year.
Phishing attacks targeting Mac users were on the rise as well, with well-crafted phishing e-mails, purportedly from Apple, sent to entice subscribers of the company's MobileMe online service to surrender their credit card numbers. Other phishing emails specifically target users of other Apple products, such as the iPhone, and the forthcoming iPad.
Malware is not the only security threat to Macs. Operating system and third-party software vulnerabilities can be chinks in computers' armour, allowing remote exploits to take advantage of unpatched weaknesses. Apple issued 34 security updates in 2009, to patch Mac OS X, its software and its hardware, and popular third-party software (such as programs from Microsoft and Adobe) saw a number of updates during the year.
One of the new ways that attackers can target Macs is by taking advantage of these vulnerabilities and attacking computers from web pages and over a network. A number of exploits are available that can gain access to Macs easily, if a user simply visits a web page. (One noted Mac security researcher won a Mac hacking contest by exploiting a bug in Apple's Safari web browser; all he needed to do was point the computer to a booby-trapped web page and he took control of it.)
For this reason, it is no longer sufficient to protect Macs from malware with a simple anti-virus program. The only way to ensure that Macs are safe from the many dangers of the internet is to use combined protection, where anti-virus software works in concert with a two-way firewall, and software that protects from web threats, phishing, spyware, Trojan horses and more.
Apple's market share is on the rise, and malware writers are sensitive to the fact that Mac users are generally in a higher income range, and have less experience dealing with security issues. While Trojan horses can fool gullible users, most Windows users are aware of this risk, but Mac users are unfamiliar with it. And with targeted attacks from poisoned web pages, cyber-criminals can take advantage of vulnerabilities in web browsers and Mac OS X itself to take control of Macs when users simply visit web pages.
