To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://software.silicon.com/malware/0,3800003100,39169771,00.htm

Macs no longer safe from cyberattacks
Crims now poisoning Apples too, warns Sophos

By Liam Tung

Published: Wednesday 23 January 2008

If Mac users fall for scams that PC users have faced for years, it won't be long before criminal gangs exploit them, say security experts.

Minority Report

Always looking out for the underdog… click here for Seb Janacek's chat on all things Apple and other alternatives to dominant technologies…

In the world of desktop security, there are two sides to the equation: criminal ambition versus the number of exploitable users on a platform.

Until recently, the relatively small number of Mac users had been safe because they were not considered worthy of attention by professional gangs.

While Mac penetration remain relatively low in the enterprise, the increasing popularity of OS X in the consumer market has resulted in criminal gangs starting to pay attention to the Apple collective, according to security firm, Sophos.

The security challenge for Mac users centres on the development of more intelligent malware-delivery mechanisms, which detect the platform being used by a web surfer and then deliver an appropriate threat.

One such example, called OSX/RSPlug, was discovered last year. It contained a fake codec that manipulated a Mac's domain name server settings to hijack which sites an infected computer could visit, according to Sophos's head of technology, Paul Ducklin.

Ducklin told silicon.com sister site ZDNet Australia: "We have seen at least 20 different variants for this trojan for Mac. We can't say that … Macs are the place to be but it's clear there is a market experiment going on."

A serious threat to all computer systems comes from websites that have been planted with malicious code, which exploit flaws in applications such as Internet Explorer, and Apple's Quicktime. Multiple flaws were discovered for each of these applications last year, which opportunistic malware distributors are expected to try and exploit.

According to Ducklin, around 6,000 malicious web pages are created every day - one every 14 seconds - of which 83 per cent reside on websites belonging to legitimate companies and individuals, who are unaware their sites have been compromised.

However, Ducklin said he doesn't want to give the impression Mac users are doomed by the increasing interest in attacking the Apple platform.

He said: "We've tried to couch our words sensitively in this security report. But it is essential that Mac users stay up to date with attack mechanisms used against PC users."

Ducklin added: "What we're saying is that if you actually recognise the dangers and take precautionary measures, cybercriminals will probably take their threats elsewhere. If [Mac users] learn what happened to PC users over the last few years, it may be an opportunity to poke cybercriminals in the eye by having them write malware for no effect."