AAPL Stock: 125.14 ( + 1.89 )

Printed from

F-Secure: 'Several dozen' malware threats to Mac in 2011

updated 01:40 am EST, Thu January 19, 2012

More than before, but not consummate with growth

The Mac platform saw a modest increase in malware outbreaks in 2011 over years past, but still "a small fraction" when compared to Windows, said security firm F-Secure. It added that while malware attacks were increasing, the rate of increase was not commensurate with the growth of the platform, suggesting that most exploits tend to come from programs rather than flaws in the OS itself. In all, the company identified 58 separate threats in 2011, most stemming from a handful of vulnerabilities.

According to the report, trojans were the most popular form of attack with 28 variants, with backdoor exploits comprising another 15. The company did not say how many malware attacks had been seen in previous years, nor did it specify the exact number of Windows malware attacks for comparison.

Threats to the Mac appeared most frequently in June and October, and fell off to nearly none in late summer. This year was notable for the more extensive coverage given to malware threats, including the MacDefender "anti-virus" malware that made headlines over its fairly successful "social engineering" trick of masquerading as a preventative to threats.

The MacDefender malware prompted Apple to begin putting automatic malware protection definitions into OS X (which are silently updated on a routine basis). The malware was "killed off" when Russian authorities raided the Russian online payment processor ChronoPay that was apparently the home of the attack.

Other malwares have been spotted hiding inside pirated Mac apps, including illegal copies of GraphicConverter 7.4 and iWork. A backdoor threat was found in other pirated Mac software, which called itself a virus but ultimately was unable to do much harm.

This fall, a fake "Flash Installer" offered by some sites tried to steal passwords and take screenshots that were sent to a remote server in hopes of obtaining personal data. A later variant tried to actively disable the built-in Apple malware protections, but like most other malware was largely unsuccessful at accomplishing its programmed goals.

F-Secure, which also sells anti-"virus" and malware software and thus has some self-interest in promoting Mac security, said that it expects "more of the same" pattern of malware attacks in 2012, as hacker try to discover programs with exploits and inject code into them -- the same principle used by jailbreaking software for iOS, though so far the mobile OS has not been affected by any serious threats, unlike its rival Android.

The WebKit engine that powers Safari and other browsers, along with JavaScript and Java, have been identified by researchers like Charlie Miller as a source of such exploits, but recent moves by Apple to "sandbox" apps and processes within apps will make the process of exploiting vulnerabilities harder, experts say.

by MacNN Staff





  1. jonbwfc1

    Joined: Dec 1969



    Company with vested interest in spreading perception of an increase in malware publishes press release claiming an increase in malware.

  1. facebook_Aryu

    Via Facebook

    Joined: Jan 2012


    FUD Breeders

    FUD - Fear, Uncertainty and Doubt - the intentional insidious weapon of advertising for "security" software manufacturers and of politicians. FUD is a form of domestic terrorism. It is allowed to remain legal because politicians need it to survive. It is used by any entity that is void of any intrinsic value; morally wrong by intentionally praying on the weak, and should be banned. I am all for freedom of speech, but this is more akin to yelling fire in a theatre. It is the moral equivalent of placing a bomb in a church. At the very least, our children should be taught how to protect themselves by identifying FUD in text and advertising.

  1. Mr. Strat

    Joined: Dec 1969


    FUD time again

    A company that sells anti-virus software warning about Mac malware...

    Go sell your c*** to the Windows crowd.

  1. macnscott

    Joined: Dec 1969


    Appropriate for some users

    You folks are going off the deep end. Most of us who read MacNN, are advanced users who are wired to understand technology and understand how trojans attacks happen as well knowing how to identify when something is wrong or even smells a little bit fishy. We know exactly (in most cases) what a phishing attack looks like and whether or not a message about not have the right plugin is legit or a trojan waiting to happen. We also know to turn off "Open "safe" files after downloading" within Safari to further protect our Macs.

    But you know what folks? We are the top 10% (or less!) of all users of Macs. The great majority of that other 90% are not wired like us and/or as informed and up-to-date about trojan issues on the Mac platform. It is these users who just might need anti-malware software to help them not get caught up in a trojan attack or other type of scam that can be prevented through use of anti-malware. Some users want to know that it safe to forward an email they received to a non-Mac user and not have to be concerned about whether or not they are forwarding an email that is infected with a PC virus to their friend. I do part-time Mac IT work and have had a couple of clients (home users in these cases) who have been conned into downloading a trojan and installing it. They did realize too late they had been tricked when the video they were trying to watch (and told they didn't have the right plugin) STILL wouldn't play after they downloaded and ran the installer. That's why they called me all in a panic insisting I come over right away and clean up their mistake. :-)

    So, just because you are Internet savvy, don't let that cloud your judgement that some Mac users do in fact need anti-malware software.

  1. Flying Meat

    Joined: Dec 1969


    I wouldn't call this FUD

    since they back it up with real information. I vaguely recall about 8 malware issues under OS 9.x. They have documented 58, so what is FUD about that?

    Whether or not it becomes common for malware to be found on the Mac (MS products aside ;) tomorrow, or in year 2038 or whenever, is not the time to consider whether you want to take some sort of preventive action.

  1. msuper69

    Joined: Dec 1969


    All are social engineering....

    exploits which are platform neutral.
    Where are the virii like in the Windows world?
    No news here.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines


Most Popular


Recent Reviews

Seagate Wireless

It seems like no matter how much internal storage is included today's mobile devices, we, as users, will always find a way to fill th ...

Brother HL-L8250CDN Color Laser Printer

When it comes to selecting a printer, the process is not exactly something most people put a lot of thought into. Printers are often t ...

Moshi iVisor AG and XT for iPad Air 2

Have you ever tried to put in a screen protector that relies on static to cling to the screen? How many bubbles and wrinkles does it h ...


Most Commented