Apple 'easier to infect than Windows'?
One of the key benefits of owning a Mac has always been the relative immunity from viruses but that benefit is now in doubt following a reported jump in Mac malware infections.
Apple discussion forums have seen a marked rise in posts about malware threats while an AppleCare support representative has reported an explosion in malware-related support calls. One security expert has gone as far as saying that Apple devices were now easier to infect that Windows machines.
A new "scareware" program called Mac Defender - and various other names including Mac Protector - infects users via a web pop-up or bogus Google Images result that convinces victims their machines are infected by a virus and that they must install anti-virus software to fix it.
In many browsers the pop up will download the malicious fake anti-virus program on to the users' machine automatically.
If the user then installs the software it causes porn pop-ups to appear every few minutes and the program also asks users to pay in order to have fake infections removed. The user is continuously bothered with pop-ups and threat alerts until they pay up.
Ty Miller, CTO of security firm Pure Hacking, said Mac users still believed they were safe from malware but in reality Apple devices were "far easier to infect than a Windows machine these days".
It's a big call considering there have been few other examples of Mac malware in the wild but Miller explained that while Microsoft had put a lot of effort into security, and anti-virus software was common on Windows machines, similar security software is almost non-existent on Apple devices. Miller said this left unsuspecting Apple users open to being compromised.
"99% of malware is still developed for the Windows platform since malware writers want to get the biggest bang for their buck when they release their malicious software," Miller told Fairfax Media.
"As both Mac laptops and Apple devices (iPhones/iPads) increase in popularity, we will be seeing a continued increase in malware targeting Mac users."
HOW TO REMOVE MAC DEFENDER FROM YOUR MACHINE
In an anonymous interview with ZDNet.com blogger Ed Bott, an AppleCare support rep said call volumes to AppleCare were four or five times higher than normal and most of the calls were about Mac Defender.
"It started with one call a day two weeks ago, now it's every other call. It's getting worse. And quick," they said.
The support rep said Apple managers had instructed customer service staff not to help customers remove malware from their machines.
"The reason for the rule, they say, is that even though Mac Defender is easy to remove, we can't set the expectation to customers that we will be able to remove all malware in the future. That's what antivirus is for," the rep said.
On Apple's discussion board, discussions.apple.com, there are hundreds of posts from people who have unwittingly been infected by the malware.
Security firm Intego said the design of the Mac Defender malware was slick and users could be easily fooled. It said the application was very well designed, looks professional and the spelling and grammar are correct.
The fact that the virus continuously throws up porn pop-ups is designed to further convince the user that their computer is infected with viruses.
Prominent Mac watcher John Gruber has taken issue with reports that there has been a rise in malware targeting Macs, saying security researchers had been warning of a rise in Mac malware for years but they were just crying wolf.
ArsTechnica tried to test the claims by interviewing 14 Mac support specialists and concluded that while there had been an uptick in Mac security threats, it was far from an epidemic.
However, there have been enough Mac malware threat reports recently to lead some to believe that anti-virus software on Macs is now essential.
Sophos is one of a handful of security firms that sell anti-virus software for Macs. Others include McAfee and Symantec, while Apple already includes basic anti-virus software as part of MacOS X.
Danish security firm CSIS has reported the appearance of the first "crimeware kit" targeting Apple's MacOS X. It warns that the release of the kit could lead to an increase in password-stealing malware targeting Mac users.
"CSIS finds this crimekit to be quite disturbing news since MacOS previously to some degree has been spared from the increasing amount of malware which has haunted Windows-based systems for years," CSIS partner Peter Kruse said.
"This could have resulted in a false sense of security that might make Mac OS user especially vulnerable to a sudden and highly sophisticated attack."
But while malicious software writers are now targeting Macs with increasing intensity, the security threat is nowhere near as significant as that afflicting Windows machines. Microsoft recently pointed out that one in 14 downloads on Windows are malicious.
Anthony Agius, founder of the Australian Apple community site MacTalk, pointed out that while there has been an increase in Mac malware, the Apple userbase has also been growing exponentially.
The latest MAC Defender trojan has been more 'successful' than previous attempts. People seem to be falling for it and allowing it to be installed on their computers much easier than in the past," said Agius.
"The amount and seriousness of malware is still exponentially lower than on Windows."
Matthew Powell, editor of MacTheMag.com, said Mac users should be no more or less complacent about security than any other computer users.
"Its market share may well have reached the "critical mass" where it's worth the effort to target the Mac specifically, but the fact remains most attacks these days are phishing and social-engineering scams that are platform-agnostic," said Powell.
"Security software and common sense are handy things to have."
Sydney Morning Herald