Quote of the week: Malware Explosion for Mac OS X

Quote of the week: Malware Explosion for Mac OS X

Marco Preuß, Head of the Global Research and Analysis Team, Germany, Kaspersky Lab:

“The amount of virus samples has grown over the last few years, in line with Apple's increasing market share.

Since Apple's switch to the Intel platform, the cybercriminals have begun to create and distribute malicious software far more aggressively. Nowadays there are over one thousand threats targeting the Mac platform alone, not to mention a vast number of scripts and multi-platform threats.

Over the last few years we’ve seen several attempts by the cybercriminals to gain ground in the Apple market. Most of their attempts involved social engineering methods designed to drop Rogue AVs, Spyware and Backdoors. The year 2009 saw the formation of a botnet designed to launch DDoS attacks and consisting of approximately 20,000 infected Macs. Malware attacks were not the only problem either, phishing attacks targeting Apple services like iTunes were also noted.

However, last week we tracked a really enormous attempt to spread Rogueware targeting Macs. The cybercriminals used black hat SEO techniques to poison search results in popular search engines. For instance, they tried to use searches focusing on the killing of Osama Bin Laden as a vehicle for distributing Rogue AVs such as MACDefender. These threats try to scare users by informing them that their systems are infected and then try to extort money on the pretext of offering antivirus programs supposedly able to disinfect the targeted machine. We’ve spotted several different threats of this kind, which is also popular on Windows systems.

A second critical development is the recently spotted underground announcement of a crimeware kit for the Mac platform, as reported by Peter Kruse from CSIS. The cybercriminals seem to be building automated, easy to use tools to target Macs just as they already have for Windows systems. This kind of threat will lead to more widespread attacks and the possible use of exploit techniques on Macs.

It’s very important that Apple users make themselves aware of this situation and protect their Macs - as Macs can be infected too! “

Please follow these links to get more information about latest Mac OS threats:
“Mac Protector: Register your copy now!”
“Mac Protector: Register your copy now! Part 2”
“An unlikely couple: 64-bit rootkit and rogue AV for MacOS”
“More fakeAV for MAC. This time it’s massive”

23 May 2011