Mac OS X no longer a safe haven

Mac OS X users are no longer "safe from attacks" on a platform that is "no different from others".

That was the underlying message put across by Rowan Trollope, senior vice president of Symantec Hosted Services. Speaking to ZDNet Asia at a recent interview, the executive said it was a matter of time before a major attack on the Mac operating system occurred.

"There's a common belief that because you have a Mac, you're safe. That's certainly not the case [anymore]. It's just that that are far fewer attacks as the bad guys don't see the need to invest in 'playing' with Apple, as there are 10 or 20 times more PCs than Mac computers," said Trollope.

Ariel Avitan, consulting analyst for network security technologies at Frost & Sullivan, concurred.

"Attackers focus on platforms that can generate information or funds, and since most financial institutes and home users do not use the Mac OS, it is less attractive to hackers, so these users are [relatively] safer," explained Avitan.

While security experts agree that it is its comparatively smaller market share that is keeping Mac users away from large-scale attacks, security vendors are taking no chances, with some having developed antivirus products even before the operating system gained widespread adoption.

Trollope said: "We have had a Mac antivirus product for years. We don't do it just for fun, it is because there are [real] threats on the Mac."

More malware to come
Similarly, security vendor Sophos recently launched a free product for consumers "in response to growing concern about Mac malware". In a survey of 640 people, it discovered that 95 percent of respondents expected the Mac to be increasingly targeted by malware in the future.

"While most businesses recognize the importance of protecting their Mac computers from malware threats, most home users do not," said Jim Dowling, managing director for Asia at Sophos. "By offering free industrial-strength security to home users, we aim to protect Mac users against…threats."

Earlier, it was revealed that Sophos embedded a code into Mac's 10.6.4 Snow Leopard OS X, a fix that was able to detect an attack called Pinhead-B, though one critic labeled it as "not really an effective attack deterrent". Pinhead-B tricked users into using an "infected" version of iPhoto that installs a Trojan horse on the computer.

A Yahoo News article noted that there were many more threats that the Mac OS was not protected against, and the fact that Apple did not disclose the update of the Sophos code could mean the vendor was "embarrassed" that its system was less secure than what it claimed to be. A new update 10.6.5 has since been released.

Some of the past attacks on Mac OS X have included Web sites masquerading as software vendor sites laced with Mac malicious codes; malware disguised as pirated software downloadable from P2P file-sharing; as well as online video links urging users to install a plug-in to view adult content, which would then infect machines with a Mac Trojan horse.

Social networking sites have also been employed to launch attacks.

SecureMac noted that "trojan.osx.boonana.a", a virus disguised as a video that appeared on sites such as Facebook, when clicked, would activate a Java applet that downloads multiple files, including an installer that runs automatically without the user's knowledge. "The malware also bypasses the usual password verification OS X requires for installation," SecureMac said.

The security firm also cautioned: "The Trojan will launch automatically on startup, communicate with command and control servers, and can also crack user accounts on other sites to continue infecting others". It revealed that the virus could spread itself to both Mac OS X and Windows.

"Most people don't know that Apple acknowledged the malware problem by integrating rudimentary protection against a handful of Mac Trojans in Snow Leopard," explained Graham Cluley, senior technology consultant at Sophos. "But, 95 percent of those surveyed were convinced more are on the way."

Avitan acknowledged that while there will be an increase in the number of Mac attacks, this figure will remain low in comparison to those against the PC.

"The Mac OS is safer than Windows and SymbOS, but vendors understand [the need to stay protected] and to try to profit from it by issuing [Mac] solutions to very small problems," he said.

Mac users whom ZDNet Asia spoke to said they are aware of the threats and do keep their computers updated.

For instance, New Media collaborative planner Scott Teng believes that while malware targeting Mac computers is increasing, phishing attacks are fewer compared with those aimed at PCs.

Writer Jennifer Neo also noted that while she may not download every single patch, she is "very mindful of what I click, and avoid those spam-looking and dodgy links".