Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Monday, 10 January 2011 17:18

2011 tipped as the year of Mac malware (again)


If you keep betting on the same number of a roulette table, you're sure to win eventually - right? But the behaviour of malware merchants is not a random process.

It seems as if security companies have for years been predicting a significant uptick in malware for Mac OS X, but each year passes with no significant outbreaks, despite the number of security patches needed by the operating system (and in some cases significant delays between a vulnerability being reported and Apple delivering a fix).

I must admit to being in the camp that says "yes, it could happen one day," and that's why I've been running antivirus software on my Macs for at least a decade. (Let's not get bogged down in semantic arguments about viruses vs Trojans vs whatever - we all know what we're talking about, and the Mac AV products I've looked at do detect Trojans.)

It seems to me that if there is a significant outbreak of Mac malware, I have more chance of avoiding it if I already have AV software running with frequent checks for updates than I would if I waited for news of an outbreak and then took action. Cost doesn't come into the argument, as there is a choice of free AV programs from major vendors.

But here's what McAfee officials said today:

"Apple: No longer flying under the radar
"Historically, the Mac OS platform has remained relatively unscathed by malicious attackers, but McAfee Labs warns that Mac-targeted malware will continue to increase in sophistication in 2011. The popularity of iPads and iPhones in business environments, combined with the lack of user understanding of proper security for these devices, will increase the risk for data and identity exposure, and will make Apple botnets and Trojans a common occurrence."

So what's changed in the last year or so? Please read on.

As far as the Mac is concerned, not a lot has changed since this time last year. Sure, sales have increased, but it's hard to claim that a threshold has or soon will be reached that suddenly makes it financially worthwhile to develop Mac malware.

And given the general shift from old-school viruses that spread via infected files or removable media, the idea that the Mac population isn't sufficiently dense for malware to spread is no longer relevant.

So I talked to Michael Sentonas, McAfee's Chief Technology Officer for the Asia-Pacific region. "We are seeing more Mac OS X malware coming through [McAfee Labs]," he said., specifically code that co-opts systems into botnets, fake antivirus software, and banking Trojans (as well as more general password-stealing Trojans).

"Slowly we're seeing ports of the common malware" to Mac OS X and mobile platforms, he explained.

"It's so easy to port any code across to [iOS devices] so the risk exposure will become a lot greater over the next 18 months," added Sentonas. Jailbroken iOS devices present more fertile ground for attackers, but if there weren't any vulnerabilities in the platform jailbreaking wouldn't be possible.

He also suggested that the growing number of application stores for various platforms will have an effect. "We will start to see more malware that will target [specific] apps," he said, suggesting that users need to be less trusting.


However, it is worth noting that Apple carries out a degree of screening of applications submitted to the App Store and the Mac App Store, but some other stores such as the Android Marketplace are not curated.

Sentonas also suggested that people should show more concern for the privacy of their personal information. While it isn't usually too difficult  to clean up an infected computer or other device (as long as an adequate backup regime is in place), recovering from a case of identity theft or fraud is more of a problem.


WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.



Recent Comments