Mac OS malware threat still low

Popularity of iPhone and iPad may draw more attention from cybercriminals, but still small market share of Mac OS makes it unattractive target, say security experts.
Written by Vivian Yeo, Contributor

The popularity of Apple's iPhone and initial enthusiastic demand for the iPad may attract greater attention from malware writers, but the Mac OS platform still pales in comparison as a target compared with its Windows counterpart due to low penetration, security experts say.

According to Chia Wing Fei, F-Secure's senior security response manager, the Mac platform currently does seem to "have a financially interesting enough market share to be exploited". Devices such as the iPhone, iPad and iPod Touch run a stripped-down version of Mac OS X and make use of the Safari browser, he noted in an e-mail.

iPhone sales were credited for the boost in Apple's second quarter 2010 earnings released last month. Sales of the smartphone was up 131 percent from the same period a year ago, while Mac systems saw a 33-percent jump in units sold.

Reception to Apple's tablet device has also been warm--Apple reported on May 3 that it sold the first millionth iPad since the device's debut in early April.

However, for cybercriminals the "money is still good targeting Windows users", and there is little need to diversify, said Chia.

Avast CEO Vincent Steckler concurred, pointing out that Mac users still have not reached a critical mass for cybercriminals to find the OS worthwhile to target.

According to Web statistics company Net Applications, the Mac OS currently has a market share of 5.32 percent. Microsoft Windows retains the lion's share at 91.46 percent. Similarly, figures from StatCounter showed the May 2010 market share for the Mac OS X platform hovering at around 5 percent.

"No one is really focusing attacks on Mac and Linux, namely because there're not enough users," Steckler said in an interview. "Viruses, just like [those] in humans, need lots of hosts to propagate. Since there are very few Mac and Linux machines in the ecosystem, it's very difficult to propagate [and] to target."

The Mac platform seemingly appears more secure because only a few hackers write attacks against the OS, and not because it is inherently safer, he added.

"If you're a hacker and you want to infect a Web site, if you can get 93 out of 100 computers by writing an attack focused on Windows versus seven [or fewer] out of 100 visitors… [you'd] write an attack for 93 [systems]," said Steckler.

Laurent Marteau, CEO of Mac security specialist Intego, told ZDNet Asia in an e-mail interview that it is difficult to determine an actual tipping point--in terms of market share--before cybercriminals will want to attack the Mac platform more consistently.

"Malware writers aren't following Apple's sales figures to determine when they should launch their new malware," he pointed out. "It's been a gradual shift as Macs become not only more prevalent, but also as Web traffic from Macs increases.

"As malware writers test the water with their malware, if they find that their results are satisfactory--which [has been] the case--they'd continue writing more malware for the Mac."

Ultimately, the platform--whether Windows, Mac or Linux--may not matter very much in the context of today's threats. Avast's Steckler said most malware found on infected Web sites attack vulnerabilities in applications such as Internet Explorer and Adobe Flash, which may not be unique to Windows-based machines.

Editorial standards