The Flashback Trojan that infected over 600,000 Apple Macs earlier this month was quickly followed by the discovery of two other Mac-specific Trojans: one that also exploited Java and another that exploited Microsoft Word. The resulting hubbub was deafening. Everyone with a Mac wanted to know how vulnerable their computer was, and everyone else wanted to weigh in on the Mac malware debate. For its part, Kaspersky confirmed today what many have been saying for years: as Macs are becoming more popular, malware writers are increasingly targeting them.
In a post titled "OS X Mass Exploitation - Why Now?" the security firm answers the question with "Market share!" Here are the details:
In 2011, Apple was estimated to account for over 5% of worldwide desktop/laptop market share. This barrier was a significant one to break - Linux maintains under 2% market share and Google ChromeOS even less. This 15 year peak coincided with the first exploration by the aggressive FakeAv/Rogueware market targeting Apple computers, which we discovered and posted in April 2011 and later in May 2011, which no longer seem to be such an odd coincidence. Also, the delay in Apple malware until now most likely was not because Apple exploits were unavailable, or because the Mac OS X system is especially hardened. The 2007 "Month of Apple Bugs" demonstrated that the Mac OS X and supporting code is full of exploitable flaws. Safari, Quicktime, and other software on Apple devices is regularly exploited during pwnage contests, but widespread cybercrime attention hadn't caught on until this past year.
There's more. In addition to that blog post (read it in full for more information about the current state of Mac security), Kaspersky held a press conference this morning during which the company basically tried to get across two things: antivirus software is now a necessity for Mac users and "Mac OS X invulnerability is a myth."
"Market share brings attacker motivation," the firm told members of the press in its presentation, according to Ars Technica. "Expect more drive-by downloads, more Mac OS X mass-malware. Expect cross-platform exploit kits with Mac-specific exploits."
- New version of Mac OS X Trojan exploits Word, not Java
- New targeted Mac OS X Trojan requires no user interaction
- Apple releases Flashback removal tool, infections drop to 270,000
- Over 600,000 Macs infected with Flashback Trojan
- Has Flashback malware made you consider installing antivirus on your Mac?
- How big a security risk is Java? Can you really quit using it?