Kaspersky: Mac market share means more malware
Summary: Kaspersky says the growing market share of Apple Macs means basically two things: antivirus software is now a necessity for Mac users and "Mac OS X invulnerability is a myth."
The Flashback Trojan that infected over 600,000 Apple Macs earlier this month was quickly followed by the discovery of two other Mac-specific Trojans: one that also exploited Java and another that exploited Microsoft Word. The resulting hubbub was deafening. Everyone with a Mac wanted to know how vulnerable their computer was, and everyone else wanted to weigh in on the Mac malware debate. For its part, Kaspersky confirmed today what many have been saying for years: as Macs are becoming more popular, malware writers are increasingly targeting them.
In a post titled "OS X Mass Exploitation - Why Now?" the security firm answers the question with "Market share!" Here are the details:
In 2011, Apple was estimated to account for over 5% of worldwide desktop/laptop market share. This barrier was a significant one to break - Linux maintains under 2% market share and Google ChromeOS even less. This 15 year peak coincided with the first exploration by the aggressive FakeAv/Rogueware market targeting Apple computers, which we discovered and posted in April 2011 and later in May 2011, which no longer seem to be such an odd coincidence. Also, the delay in Apple malware until now most likely was not because Apple exploits were unavailable, or because the Mac OS X system is especially hardened. The 2007 "Month of Apple Bugs" demonstrated that the Mac OS X and supporting code is full of exploitable flaws. Safari, Quicktime, and other software on Apple devices is regularly exploited during pwnage contests, but widespread cybercrime attention hadn't caught on until this past year.
There's more. In addition to that blog post (read it in full for more information about the current state of Mac security), Kaspersky held a press conference this morning during which the company basically tried to get across two things: antivirus software is now a necessity for Mac users and "Mac OS X invulnerability is a myth."
"Market share brings attacker motivation," the firm told members of the press in its presentation, according to Ars Technica. "Expect more drive-by downloads, more Mac OS X mass-malware. Expect cross-platform exploit kits with Mac-specific exploits."
See also:
- New version of Mac OS X Trojan exploits Word, not Java
- New targeted Mac OS X Trojan requires no user interaction
- Apple releases Flashback removal tool, infections drop to 270,000
- Over 600,000 Macs infected with Flashback Trojan
- Has Flashback malware made you consider installing antivirus on your Mac?
- How big a security risk is Java? Can you really quit using it?
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Well, they would say that.
That's the acid test - and thus far they've all failed.
True, dat!
EDIT: What Jeremy said is true. I can verify that. I've been fully patched before the AV guys get around to it. These 'minus' votes must be coming from some very bitter people.
Kaspersky's looking for new customers
Partly true...
OS X was a lot stronger than Windows XP, but Windows Vista and Windows 7 have raised the game and made it hard to exploit. OS X wasn't targetted, so exploitable holes weren't patched quickly. Apple has been caught napping, now that malware writers are looking for easier pickings.
Don't get me wrong, OS X isn't in the woeful state that XP found itself in, but it is also a long way from perect and Apple seem to have bought their own marketing, that they are safe from attack.
Is anti-malware software on OS X necessary at this stage? Probably not. Should users be vigilant and learn about social engineered exploits? Yes.
OS X was no better than Windows XP wrt security.
You're right - Kaspersky's looking for new customers
That is so [b]SO[/b] true. And yet you get voted down because too many idi0ts and Apple-haters around here would rather believe Russian sources than the truth.
The last ones I would ever believe are the Russians since Russia is the world's capitol of malware.
You get voted down because you are silly!
Why don't you shaddup
AV software would have done absolutely nothing to prevent
Supporting reference please.
You could have done this yourself in ten seconds
But you didn't want me to be right. Standing by to watch you start parsing what "hose" really means.
Of course it would've
I think it was f-secure who trotted out that defective item
Kaspersky: Mac market share means more malware
Did they use the term "malware" or something else like
Pagan jim
you truely are
Whatever, virus, malware etc. the point is as many have stated in the past, the market leader will always be targeted.
It's Apple's turn in the dunk tank
Do you care if you're being shot at by a rifle or a hand gun?
Apple is far from the market leader....
Pagan jim
Depends on the range.....
A rifle at a couple hundred years would be a possible problem depending on the skill of the shooter. A hand gun on the other hand would be a joke. Besides I tend to shoot back:) As for killing I don't think even the latest attack did all that much to the victim certainly not in the same league as a kill would be. Since it only turned your computer into a bot right? You could still use your computer and I don't think it stole your personal information at least I had not read that right?
Pagan jim
Don't have to be the market leader to make an attractive target
By virtue of their rising market share and so-called claims of "invulnerability" to any attacks, Apple's OS X is now becoming a "high-value" target, where the notoriety of a successful attack is out of proportion to the likelihood of the average user being vulnerable to it.