Analyst: More attacks to come for Macs

Apple releases patch Thursday to curb Flashback malware, but one analyst says platform likely to come under "deep scrutiny" by cybercriminals and this could lead to more attacks in future.
Written by Ellyne Phneah, Contributor

Apple launched its software remover to tackle the Flashback malware issue on Thursday, but one analyst thinks that while this will address security concerns for now, the Mac operating system will likely be under close scrutiny from cybercriminals with more attacks expected.

Cupertino stated on its Web site Thursday that the Flashback malware exploits a security flaw in Java to install itself on Macs. In addition, the malware relies on computer servers hosted by the malware authors to perform many of its critical functions, it added.

As such, the company said it released a software update for systems running OS X Lion and Mac OS X v10.6 that will update Java to fix the security flaw, and remove the Flashback malware if it is present.

It is also working with Internet service providers worldwide to disable Flashback's command-and-control network, the advisory stated.

To this, Andrew Kellett, senior analyst of IT solutions at Ovum, noted that Apple's response to fix the vulnerability may be enough in this instance since exploiting a security flaw is a common enough attack approach.

However, following this successful exploit, the Mac platform will come under "deep scrutiny" from other malware writers, and further attacks are "likely to come", he warned.

The analyst also pointed out that Mac users tend to be "high-worth individuals" such as middle managers and above, as well as corporate professionals. As such, they are likely to be of value from both the identity theft or business information perspective, he surmised.

"The longstanding myth that Macs are safe from malware attacks was just a myth," he said.

"Any computer with communication facilities is vulnerable to attack and the Mac is no exception."

Last week, Russian antivirus company, Dr. Web, reported that 550,000 Macs were controlled by the Flashback malware.

However, a Symantec blog post on Thursday stated that the number of computers infected with the malware in the last 24 hours had been reduced to 270,000, from 380,000 the day before.

Editorial standards