Mac OS X faces hacker threats: Symantec

Mac OS X faces hacker threats: Symantec

Summary: Security vendor Symantec is warning that Apple's OS X operating system is increasingly becoming a target for hackers and malware authors. In its seventh bi-annual Internet Security Threat Report, Symantec said over the past year, security researchers had discovered at least 37 serious vulnerabilities in the Mac OS X system.

Security vendor Symantec is warning that Apple's OS X operating system is increasingly becoming a target for hackers and malware authors.

In its seventh bi-annual Internet Security Threat Report, Symantec said over the past year, security researchers had discovered at least 37 serious vulnerabilities in the Mac OS X system. According to Symantec, as Apple increases its market share--with new low cost products such as the Mac mini--its userbase is likely to come under increasing attack.

"Contrary to popular belief, the Macintosh operating system has not always been a safe haven from malicious code," Symantec said. "Out of the public eye for some time, it is now clear that the Mac OS is increasingly becoming a target for the malicious activity that is more commonly associated with Microsoft and various Unix-based operating systems," the report said.

"Apple Computer has become a target for new attacks... The appearance of a rootkit109 called Opener in October 2004, serves to illustrate the growth in vulnerability research on the OS X platform... The various OS X vulnerabilities allow attackers to carry out information disclosure, authentication bypass, code execution, privilege escalation, and DoS attacks. Symantec believes that as the popularity of Apple's new platform continues to grow, so too will the number of attacks directed at it," the report said.

Symantec's concerns were echoed by James Turner, security analyst at Frost & Sullivan Australia, who said many of the people who bought Apple products were not concerned about security, which left them wide open to attack.

"The iPod, PowerBooks and mini Macs are cool products," Turner said. "The byproduct is that people are buying these products for form over function. They say it looks pretty and then buy it but don't secure it. As Apple increases its market share, it will be a legitimate target".

Trend Micro senior systems engineer Adam Biviano said all complex operating systems had security flaws and the more popular the platform, the more likely it would be attacked.

"All sophisticated platforms -- Mac, Linux, Solaris or anything else -- will have vulnerabilities," Biviano said. "The only reason Windows has had mass exploits written for it is the sheer number of connected devices that are present on most networks. As soon as you start seeing mass deployment of any technology you are going to see exploits".

According to Biviano, while there have not been any mass outbreaks of viruses targeting the Mac, the potential does exist.

"You don't see Macintosh viruses in mass outbreaks but you do see them in the labs as proof of concepts. There aren't any outbreaks because there are simply are not enough [Macs] out there. For a virus to be successful it needs a combination of an exploit and a large target audience," said Biviano, who nominated the mobile phone market as an example of malware writers targeting the most popular platform, not Microsoft's platform.

"Look at where mobile viruses are going and they are not targeting Microsoft - they are targeting the market leader, which is Symbian," he said.

The Symantec report found in the second half of last year, an increasing proportion of malware was designed to expose confidential information. The report also found that phishing attacks increased by 366 percent while the number of Windows-based worms and viruses increased by 64 percent, when compared with the first half of 2004.

Topics: Apple, Hardware, Malware, Operating Systems, Security, Symantec

Munir Kotadia

About Munir Kotadia

Munir first became involved with online publishing in 1998 when he joined ZDNet UK and later moved into print publishing as Chief Reporter for IT Week, part of ZDNet UK, a weekly trade newspaper targeted at Enterprise IT managers. He later moved back into online publishing as Senior News Reporter for ZDNet UK.

Munir was recognised as Australia's Best Technology Columnist at the 5th Annual Sun Microsystems IT Journalism Awards 2007. In the previous year he was named Best News Journalist at the Consensus IT Writers Awards.

He no longer uses his Commodore 64.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • symantec microsoft os market saturated. wants to sell osx users its crappy virus software. no thanks ...
  • "The only reason Windows has had m**** exploits written for it is the sheer number of connected devices that are present on most networks."

    Does anyone actually believe this? 68,000 odd viruses are just the result of popularity? Bad software concepts (ActiveX) have nothing to do with it? Bad software implementation (Office macros) have nothing to do with it?

    "The byproduct is that people are buying these products for form over function."

    Thank you. We are just so bubble-headed, we Mac users. Wouldn't know a security issue from a carrot. Just pure, dumb luck that we use an OS in which we are virtually never logged in as root. Just a coincidence that installing new items requires a p****word. Yup. We Mac users just pay too much for too little. Just as long as it looks sexy.

    Yeah. Right.
  • Symantec predicts a dark future if Mac increases market share. Fear! Panic! Stalling tactics like this bit of doom from Symantec try to stem the natural tide of people yearning to be free of the mor**** of mediocrity that is Windows. Stay on our frustrating platform, and buy tons of our security products. If you buy a Mac, the world goes black.

    Somehow, I don't think so. Unless half the Symantec boys are writing malicious code to attack, while the other half write "protection" code to fend off those attacks. Like the Mafia - pay them for protection. From whom? From the Mafia.

    Isn't it odd that a "security" company like Symantec warns against the growth of a platform with no security problems?
  • This is just such a load of self-serving crap ...

    Just last night my fianc
  • Typical story by an uninformed reporter looking to use scare tactics to generate readership. Malicious code writers do not target specific platforms, but scan for any machine that they can exploit: Linux, Windows, UNIX or Mac. If they can own a box by exploiting a common function, say SSH, then why care what platform it is. Remember an owned box means money for the malicious code writers. This idea that most virus writers are just being malicious for fun and reputation is antiquated, it's about the money.

    Can Macs be exploited, yes, but it's not easy. There are many protections in place to protect the user from themselves and others. First of which is not making users Root by default, unlike M$. Remember Root = Admin in the Windows world.

    "many of the people who bought Apple products were not concerned about security, which left them wide open to attack." Not true, Macs come in a configuration that is considered secure out of the box, so that people without an IT department can also be secure. A strategy the entire industry should adopt. The software update tool is shipped in auto mode and if the user accepts the updates they should be fine.

    "security researchers had discovered at least 37 serious vulnerabilities in the Mac OS X system." Which are all currently patched, a fact that is conveniently left out of this scare story.

    In the future please do some research and ask questions of people who are not on the company payroll. Analyst will say anything for money and should not be used when conducting serious research.
  • This is pathetic self serving nonsense

    Firstly, it's highly suspicious that these comments come from security product developers, all of whom stand to gain from alarming Mac users about the possibility of malicious software on their computers.

    Secondly it's very debatable whether Biviano's comment that the only reason Macs don't have viruses is because there are less of them around is at all supportable.

    One thing that is most definitely is NOT debatable, but is plain fact, is that the level of security offered by MacOS X in a default installation is MUCH greater than offered by Windows XP.

    While logged on to Windows XP as a default user type, any application can install itself without constraint - this is not true for MacOS X, where at the very least a user has to type in a p****word before an application that could do anything malicious to the operating system can be installed.

    It is possible to change the user type to a less privileged mode, but most people don't know how to do this and much software will not run properly, or at all, if you do.

    There are other ways in which MacOS X is inherently more secure than WIndows XP (even with SP2), but this is not the right forum to outline them at length.

    Please can we see more journalistic rigour in reporting these self-serving claims from interested parties - where is the insight and perspective on this issue? Surely someone should at the very least question these claims before printing them?

    I believe that this article deserves a follow-up that examines the reality of these misleading claims in more depth.
  • you do need to make clear there HAVE BEEN NO actual attacks on the Mac - you can hypothesise as much as you want, but you're making it sound as though proof of concepts (now patched) are actual live viruses and Macs have been attacked - which is patently inaccurate to the point of lying.

    Give ONE solid example of someone runnning OS X and has been attacked.

    maybe you're looking to increase your page hits :)
  • What a load of self-serving crap!

    Symantec, seeing that that the Mac platform is set up to gain significant marketshare this year, is simply spreading more FUD and fear to boost their own product line.

  • Gee, who would have thought that Symantec, a company which creates anti-virus software would say that danger is imminent and people need to purchase their offerings to save themselves? This is pure puffery. In-lab "proof of concept" exploits mean that the software companies are writing their own viruses, just as "tests." But in the four years that the Mac OS X has been available, not ONE real virus has been found "in the wild" for the system. To repeat: NOT ONE. And not one actual exploit has been successfully implemented-- although firms like Symantec and others keep claiming the threat is nigh. One would think that even with a supposed 4-5% of market-share, someone would have been able to come up with even a teensy piece of mal-ware for the Mac. Especially since the system was less secure when it first was introduced than it is now.

    This is, in a word "FUD" (Fear, Uncertainty and Doubt) -- the refuge of technology companies when they want to sell you their bag of goods by playing off of users' lack of sophistication.

    One thing the articles and fear-mongers like Symantec fail to point out is that the underpining of Mac OS X-- called Darwin-- is freely available to be viewed, downloaded and played with. If someone could find a virus-hook to exploit, they would have. It's based on BSD-Unix, so it's hardly a "minor" OS at its core. The same issues that affect many UNIX distributions could likewise affect the Mac. But guess what: all the supposed holes are closed through constant and vigilant security updates.

    The threat Mac OS faces isn't from hackers-- but from companies which want to scare consumers into buying their products.
  • Symantec makes some of the worst software for Macintosh that has every been written

    It might be nice for Symantec to make their software solve problems instead of create more problems for users

    and then, they might have some credibility to talk

    but this whole topic is nothing but scare mongoring about a situation that simply does not exist for Mac OS X
  • What crap! Many Mac people I know are aware of security and what to do to ensure that their machines are safe. Unless I am mistaken, and missed the news reports that aliens had landed from Mars creating a whole new computer market, the growing Mac share described by Symantec would be Windows switchers (like myself) who are so paranoid that the first thing they do is buy virus software and lock down the firewalls on their machines. So I find the notion of the illiterate Mac user unconcerned about security to be ridiculous!
  • Whenever I read this stuff I can't help but to think that Symantec is probably just as busy creating viruses as it is creating vacines...
  • Oh please! This is just so much fear, uncertainty and doubt sowing by ..hmmm...I wonder who would gain from such outrageous inferences and lies? The fact is, you have no proof of such threats, because they do not exist! I've never been attacked! No one on a Mac that I know personally or through user groups has ever been attacked! Linux, well documented. Windoze...duh. By the way, Windoze problems are not due to ubiquity. They are due to really lousy code that offers open doors to enterprising 12 year olds.
  • The article seems to have left out this part of the report:

    "However, it should be stated that while the number of vulnerabilities in Macintosh operating systems is expected to increase, they will likely be outnumbered by vulnerabilities in other operating systems for some time to come. "
  • My Mac is being under attack 100 times a day but all those attacks are Microsoft-Windows Viruses/Worms and they don't do anything (beside causing taffic) to my system :)
  • I'm afraid you have been misled by Symantec's marketing material. Let's look at the statistics:

    Microsoft Windows:
    Viruses and Worms = 70,000+ (
    Spyware programs = 78,000 (
    Burrowers = 40 (
    80% of PCs infected with spyware (
    Last year alone (
    500 new Trojans
    500 new keyloggers
    1,287 new adware apps
    40 burrowers

    Mac OS X:
    Viruses and Worms = 0
    Spyware programs = 0
    Adware = 0
    Keyloggers = 0
    Burrowers = 0
    Trojans = 3
    Rootkit = 1

    Note that Trojans can't spread by themselves - they are bits of code that pretend they are something else and need to be downloaded and opened by a user.

    Note also the Rootkit discovered on a couple of OS X machines is a set of scripts that requires root access to be turned on (turned off by default on all Macs). The hacker also needs to know the root p****word and the malware has no mechanism of spreading and infecting other computers by itself.

    Symantec's espousal of the theory of "Security through Obscurity" fails to explain the fact that the number 1 web server, open source Apache with around 69% marketshare has far fewer attacks (including viruses and worms) than Microsoft's IIS which comes in at only 21% marketshare ( It also does not explain why the many flavours of Linux suffer from so many instances of malware despite having a small marketshare (similar to OS X I fact).

    31 vulnerabilities (mostly in open source components of Mac OS X) which were promptly patched by Apple does not constitute "increased attacks on OS X" as no attacks using any of these now closed vulnerabilities have been recorded.

    John Gruber has a useful article on why Windows suffers so much malware:

    However, no software can be perfect and it would be foolish to say there won't eventually appear some malware targeting the 10 million+ OS X users out there - however, today is not that day. Mac OS X has been sitting untouched for 4 years now without blemish which speaks to a very impressive security story which would be a much more constructive issue to be writing about.

    Martin Hill
    Information Management Services
    Curtin University of Technology
    Western Australia
  • Theoretically mac's and Linux boxes can get viruses but the virus would have to know the root p****word. Windows doesn't have a root p****word as NT,2000 and XP can have but often the user doesn't know how to put one in place.
    Even if the network manager sets up a management account (root) a guest account is set up by default and any effective cracker can get to root.
  • Symantec Funny story

    We run a Voice over I.P. business called Mytel Voice & Data Pty Ltd ( (we do call connections for business and residential customers from their voip handsets). Our freecall number is almost the same as Norton Antivirus / Symantec in Australia, it's 1300 360089 and Norton