AAPL Stock: 117.81 ( -0.22 )

Printed from

F-Secure: 'Several dozen' malware threats to Mac in 2011

updated 01:40 am EST, Thu January 19, 2012

More than before, but not consummate with growth

The Mac platform saw a modest increase in malware outbreaks in 2011 over years past, but still "a small fraction" when compared to Windows, said security firm F-Secure. It added that while malware attacks were increasing, the rate of increase was not commensurate with the growth of the platform, suggesting that most exploits tend to come from programs rather than flaws in the OS itself. In all, the company identified 58 separate threats in 2011, most stemming from a handful of vulnerabilities.

According to the report, trojans were the most popular form of attack with 28 variants, with backdoor exploits comprising another 15. The company did not say how many malware attacks had been seen in previous years, nor did it specify the exact number of Windows malware attacks for comparison.

Threats to the Mac appeared most frequently in June and October, and fell off to nearly none in late summer. This year was notable for the more extensive coverage given to malware threats, including the MacDefender "anti-virus" malware that made headlines over its fairly successful "social engineering" trick of masquerading as a preventative to threats.

The MacDefender malware prompted Apple to begin putting automatic malware protection definitions into OS X (which are silently updated on a routine basis). The malware was "killed off" when Russian authorities raided the Russian online payment processor ChronoPay that was apparently the home of the attack.

Other malwares have been spotted hiding inside pirated Mac apps, including illegal copies of GraphicConverter 7.4 and iWork. A backdoor threat was found in other pirated Mac software, which called itself a virus but ultimately was unable to do much harm.

This fall, a fake "Flash Installer" offered by some sites tried to steal passwords and take screenshots that were sent to a remote server in hopes of obtaining personal data. A later variant tried to actively disable the built-in Apple malware protections, but like most other malware was largely unsuccessful at accomplishing its programmed goals.

F-Secure, which also sells anti-"virus" and malware software and thus has some self-interest in promoting Mac security, said that it expects "more of the same" pattern of malware attacks in 2012, as hacker try to discover programs with exploits and inject code into them -- the same principle used by jailbreaking software for iOS, though so far the mobile OS has not been affected by any serious threats, unlike its rival Android.

The WebKit engine that powers Safari and other browsers, along with JavaScript and Java, have been identified by researchers like Charlie Miller as a source of such exploits, but recent moves by Apple to "sandbox" apps and processes within apps will make the process of exploiting vulnerabilities harder, experts say.

by MacNN Staff



  1. jonbwfc1

    Joined: Dec 1969



    Company with vested interest in spreading perception of an increase in malware publishes press release claiming an increase in malware.

  1. facebook_Aryu

    Via Facebook

    Joined: Jan 2012


    FUD Breeders

    FUD - Fear, Uncertainty and Doubt - the intentional insidious weapon of advertising for "security" software manufacturers and of politicians. FUD is a form of domestic terrorism. It is allowed to remain legal because politicians need it to survive. It is used by any entity that is void of any intrinsic value; morally wrong by intentionally praying on the weak, and should be banned. I am all for freedom of speech, but this is more akin to yelling fire in a theatre. It is the moral equivalent of placing a bomb in a church. At the very least, our children should be taught how to protect themselves by identifying FUD in text and advertising.

  1. Mr. Strat

    Joined: Dec 1969


    FUD time again

    A company that sells anti-virus software warning about Mac malware...

    Go sell your c*** to the Windows crowd.

  1. macnscott

    Joined: Dec 1969


    Appropriate for some users

    You folks are going off the deep end. Most of us who read MacNN, are advanced users who are wired to understand technology and understand how trojans attacks happen as well knowing how to identify when something is wrong or even smells a little bit fishy. We know exactly (in most cases) what a phishing attack looks like and whether or not a message about not have the right plugin is legit or a trojan waiting to happen. We also know to turn off "Open "safe" files after downloading" within Safari to further protect our Macs.

    But you know what folks? We are the top 10% (or less!) of all users of Macs. The great majority of that other 90% are not wired like us and/or as informed and up-to-date about trojan issues on the Mac platform. It is these users who just might need anti-malware software to help them not get caught up in a trojan attack or other type of scam that can be prevented through use of anti-malware. Some users want to know that it safe to forward an email they received to a non-Mac user and not have to be concerned about whether or not they are forwarding an email that is infected with a PC virus to their friend. I do part-time Mac IT work and have had a couple of clients (home users in these cases) who have been conned into downloading a trojan and installing it. They did realize too late they had been tricked when the video they were trying to watch (and told they didn't have the right plugin) STILL wouldn't play after they downloaded and ran the installer. That's why they called me all in a panic insisting I come over right away and clean up their mistake. :-)

    So, just because you are Internet savvy, don't let that cloud your judgement that some Mac users do in fact need anti-malware software.

  1. Flying Meat

    Joined: Dec 1969


    I wouldn't call this FUD

    since they back it up with real information. I vaguely recall about 8 malware issues under OS 9.x. They have documented 58, so what is FUD about that?

    Whether or not it becomes common for malware to be found on the Mac (MS products aside ;) tomorrow, or in year 2038 or whenever, is not the time to consider whether you want to take some sort of preventive action.

  1. msuper69

    Joined: Dec 1969


    All are social engineering....

    exploits which are platform neutral.
    Where are the virii like in the Windows world?
    No news here.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented