Criminals set sights on growing army of Mac users

Summary:If Mac users fall for scams that PC users have faced for years, it will be an invitation for money-hungry crime gangs to exploit them, say security experts.

If Mac users fall for scams that PC users have faced for years, it wont be long before money-hungry crime gangs exploit them, say security experts.

In the world of desktop security, there are two sides to the equation: criminal ambition versus the number of exploitable users on a platform.

Until recently, the relatively small number of Mac users had been kept safe because they were not considered worthy of attention by professional crime gangs.

While Mac penetration remain relatively low in the enterprise, the increasing popularity of OS X in the consumer market has resulted in crime gangs finally paying attention to the Apple collective, according to security firm, Sophos.

The security challenge for Mac users centres on the development of more intelligent malware-delivery mechanisms, which detect the platform being used by a Web surfer and then deliver an appropriate threat.

One such example, called OSX/RSPlug, was discovered last year. It contained a fake codec that manipulated a Mac's domain name server (DNS) settings to hijack which sites an infected computer could visit, according to Sophos's head of technology, Paul Ducklin.

"We have seen at least 20 different variants for this trojan for Mac. We can't say that ... Macs are the place to be, but it's clear there is a market experiment going on," Ducklin told ZDNet Australia.

A serious threat to all computer systems comes from Web sites that have been planted with malicious code, which exploit flaws in applications such as Internet Explorer, and Apple's Quicktime. Multiple flaws were discovered for each of these applications last year, which opportunistic malware distributors are expected to try and exploit.

According Ducklin, around 6,000 malicious Web pages are created every day -- one every 14 seconds -- of which 83 percent reside on Web sites belonging to legitimate companies and individuals, who are unaware their sites have been compromised.

However, Ducklin said he doesn't want to give the impression that Mac users are doomed by the increasing interest in attacking the Apple platform.

"We've tried to couch our words sensitively in this security report. But it is essential that Mac users stay up to date with attack mechanisms used against PC users.

"What we're saying is that if you actually recognise the dangers and take precautionary measures, cybercriminals will probably take their threats elsewhere. If [Mac users] learn what happened to PC users over the last few years, it maybe an opportunity to poke cybercriminals in the eye by having them write malware for no effect," he added.

Topics: Apple, Hardware, Malware, Operating Systems, Security

About

Liam Tung is an Australian business technology journalist living a few too many Swedish miles north of Stockholm for his liking. He gained a bachelors degree in economics and arts (cultural studies) at Sydney's Macquarie University, but hacked (without Norse or malicious code for that matter) his way into a career as an enterprise tech, s... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.