F-Secure: More than 100-150 malware variants targeting Macs

F-Secure: More than 100-150 malware variants targeting Macs

Summary: The idea that Macs and the Mac OS would somehow remain invisible to hackers despite enjoying huge influx of new users was just too good to be true.


The idea that Macs and the Mac OS would somehow remain invisible to hackers despite enjoying huge influx of new users was just too good to be true.  To be honest, the only people who really believed that hackers wouldn't start targeting the Mac platform were Mac users looking for some false hope to cling to.  According to security experts at F-Secure, Fortress Mac is under attack.

"Over the past two years, we had found one or two pieces of malware targeting Macs," said Patrik Runald, an F-Secure security researcher. "Since October, we've found 100-150 variants."

And these hackers aren't counting of flaws in the OS either:

Mr Runald said the jump in attacks against Apple appeared to be the work of a single gang of professional hackers. The group, known in security circles as the "Zlob gang", makes programs that infect PCs by tricking users into thinking they are installing software needed to view copyrighted video files.

As with other attacks against Apple, the Zlob gang relies on tricking users to install its malicious software, rather than on exploiting any inherent software vulnerability.

The issue here is the type of people who are making the switch to the Mac OS, or more specifically, the kinds of people who the hackers believe are switching to Macs.  Given the fact that we're seeing old Windows trick such as fake codecs now being used on Mac users, the hackers obviously see the "Windows to Mac OS switchers" as the gullible, click on anything type of user who made the switch to Mac because they'd trashed their old systems.  They trashed their Windows machines, now the hackers are giving them the opportunity to do the same to their Mac systems.



Topics: Security, Apple, Hardware, Malware

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Sorry, F-Secure is wrong

    Let's list the Apple apologies!

    1. F-Secure is lying to sell more anti-virus software. Of course, if F-Secure said there were 100,000 malware variants attacking Windows, I would take that as gospel!

    2. Malware doesn't count unless it is a drive-by without any user interaction. Oh, and UAC asking to Cancel or Allow doesn't count as user interaction but OS X asking to Cancel or Allow does count as user interaction.

    3. There must be some mistake because I've never gotten any malware on my Mac but this guy I know got one on his PC.

    4. [b]IMPOSSIBLE!11!!!1one1!!1[/b] OS X is unix certified and everyone knows that unix is secure.

    5. No one said OS X was perfect, only that it was better. That being said, this article is wrong because everyone knows that there has never been anything wrong with OS X, there is nothing wrong with OS X, and there never will be anything wrong with OS X and any article that suggests otherwise is a lie written by an M$ $hill. But don't get me wrong, OS X isn't perfect.

    6. F-Secure says there are 150. Apple's ads say there are none. I choose to believe Apple's ads as a more reliable source of factual information than security researchers.

    snicker, smirk :)
    • 9.0

      lost a point for the snicker smirk, otherwise, dead on!

      good one.
      • We've read it all so many times before

        NZ is a one trick pony. We read the same posts from it over and over again and STILL we all seem to reply as if its post actually mean something.

        Please don't feed its ego...
        • That's OK.

          Even 15-year old pimple faced overweight boys need to feel loved.
    • MAC viruses/malware

      The First Virus for macs came out before the first virus for Windows. There are quite a few mac users not every single one of them will get malware/viruses etc. Just because you havnt got one doesnt mean they arent out there.
      • ProDOS

        I Don't think it was a virus for Mac...It was a virus for ProDOS, which was used by all Apples. Honestly, anyone who thinks anything is save just because its <insert OS here> is delusional. Viruses would have come out for BEOS if it had the market share...or Warp2, or OSX, or Windows if it was the little guy. All an OS needs is a market share...people don't give hackers enough credit...these aren't all cheese-face slackers living in mom's basement. Some of them are very well educated, very clever, and very motivated.
    • I don't get you wrong

      OS X is far then perfect, and as more brainless drones start using it, its countless flaws will surface and in the end it will have as many problems as other platform as.

      If all OS X users think like you, the day hackers will find a hole the in OS's Golden Prison all Mac will be doomed... (come to think of it.. that could be a good thing, as then OS X users will stop suffering of "i am better then you because i own a Mac" syndrome).

      Apple as been know to have lie countless numbers of time and that is good enough reason NOT to believe any things apple say, especially in a AD.

      Peoples had to actually sue Apple over the years to force Apple to fix the numerous bugs affecting crappy os. Apple is know for relesing defective products and/or very poor quality products (ask anyone who own a iPod).
    • F-yousecure: I don't think so

      OSX always gives you a choice to run an untrustworthy app you've just downloaded
      (knowingly or otherwise) from the Web and if you're dumb enough to let your
      system run it and it causes your box to crash...

      oops! I can't say it's not your fault, because it is.

      I've been all over the web (except the porn sites, maybe that's why I haven't gotten
      a virus) and I've never gotten a digital infection. I think OSX is quite a solid system
      because I've never had any problems neither have any of my many Mac using
  • Let's see now. 114,000 viruses on Windows. 150 on Mac...

    With "150", the Mac still has a very long way to go to catch up with Windows and 114,000 viruses and spyware.

    Mac users are far safer than the vast majority of Windows users. But, Apple should make nice with the "security researchers". Mac users should not be cocky. And, they should be vigilant because I think more malware is coming to visit them in the future than they have seen in the past.


    • Hmm most of the planet vs a vanishingly small naive user group

      Essentially going after Mac users is like shooting sitting ducks. To most hackers it wasn't even a challenge considering the small user base. The more Apple raises its profile (and shows off its creaky software development problems) the more malware writers are going to target them.

      Welcome to the real world...
      • Shooting sitting ducks?

        Like shooting sitting ducks? I don't think so, I think it'd be challenging for "most
        hackers" to go after a Mac user who uses even the security built-in to OSX, Safari and
    • Defend defend

      How many are on windows is irrelevant. I wish people would stop using the 'but somebody else sucks more!' line. Frankly, it makes all of us look stupid. Viruses WILL come to OS X, just like they are present on unix. The more marketshare we capture, the more appetizing we are to thieves and script kiddies.

      The difference here is that those 150 on every unsecured mac (I'm the only person I know who bothers having antivirus applications on mine) will wreak quite a bit of havok in comparison with the vast majority of pcs that is running both antivirus and antispyware apps. (Btw, contrary to popular opinion, if you can get it, you should get symantec antivirus corporate and not macafee, the definition database is substantially more complete, as are the fixes).
      • Viruses WILL come to OS X, just like they are present on unix

        Got a list of those?


        Probably doesn't quite amount to 114, let alone 114,000....
        • Oh the arrogance...

          Just because there aren't thousands of malware on your lov, I mean, preferred OS platform doesn't make you any safer and/or doesn't mean your OS is more secure.

          Read here: http://www.viruslist.com/en/analysis?pubid=204791925#plat

          It just takes one. I wish some people could drill that on their little heads.

          Be safe, common sense is the key.
    • and it will not be long TechExec2 that the list will be growing for macosx

      and it will not be long TechExec2 that the list will be growing for mac osx. you can jump up and down and yell and just bury your head in the sand but it's a fact the more market share mac osx gets the more nasties will come out for it.

      thats a fact of life you hate windows so anything you post about windows should subject to scrutiny.

      and links are a dime a dozen for everyone post to prove mac or linux is better i can find the same amount to say it's not. ;)
      SO.CAL Guy
    • Only the beginning

      150, sure, it pales in comparison to the thousands of viri that are targeting Microsoft, but it is only the beginning.
      In the past, Mac and Linux have occupied such a small percentage of computer users that they never were a large target.
      As the popularity of Mac and Linux grows, you will find more and more malware issues and viri come up, written to attack them. It does happen, and will happen. Expect it.
      Where the danger lies, is that though Linux and Mac have "Antivirus programs," they are not completely prepared for what is to come.
      Understand, I am not saying the Operating Systems aren't good. it's just that at the moment, they are just as, if not more vulnerable than windows because they haven't had the number of attacks.
      The real point is that the malware problem for Microsoft has been going on with Windows for a while, for Mac, it is just begun, but it will get worse as long as Mac gains popularity. Be prepared, and learn to love the firewalls and antivirus.
    • Mostly agree

      but I think the key is that they detected a 75x increase in attacks. I'd also say that if your windows number is accurate (and I have no idea one way or the other), that it's worth saying that there are close to 200x more windows users than Mac users.

      IOW, the attacks are at a minimum proportional to the number of users.

      That said, I agree that for now, mac users are safer, simply because the syndicates don't think there's enough money to make there yet (or are just starting to think there is and are only now starting to research attacks).

      Moving to a mac for security is a short term solution. THe long term solution is for the users to become more educated about computers and best practices for security.

      I think most of us reading ZDnet wouldn't fall for virtually any of the attacks on a mac or windows. I was always surprised how many got suckered by the email viruses in the late 90's, but they did (and that included lots of people at the telecom company I worked at.
  • And native Mac users aren't gullible?

    "the hackers obviously see the ???Windows to Mac OS switchers??? as the gullible"

    And native Mac users aren't gullible? If anything, they're probably less conditioned to this sort of thing making them more gullible.
    • I'm noticing a trend

      There is no doubt that Apple has taken a PR beating over the last little while. From bricking iPhones to Leopard woes to malware, Apple needs to find some way to deflect the criticism onto Microsoft. Enter the "Microsoft Switcher" and we have the perfect scapegoat. Increased malware? It is because Microsoft Switchers are dumb. Leopard sucks? [url=http://blogs.zdnet.com/Apple/?p=1085] Blame Microsoft Switchers. [/url]
    • Less Gullible because of less exposure

      Windows users have become used to being prompted to install some new piece of software every time they visit a website, so it's a lot easier to fool a Windows user since this type of operation is status quo. Most existing Mac users are aware of the truths behind installing software and are therefore less gullible to these kinds of "trick installs" that the malware depends on. Plus, when you visit sites with a Mac, almost all types of media are properly recognized and you're not prompted to install the CODEC du jour.

      Oh, and can't we come up with a user setting for blocking nonzealot? The user obviously doesn't have a life since their posts are even more prolific (and less useful) than all of the ZD staff combined.