Apple and threats and the futureOne of the most significant developments of 2007 was the rise of malware for Apple Mac computers. Although malware for Apple Macs, and even the Mac OS X operating system, has been seen before23 it has not encountered anything like the number of viruses, Trojans and worms that run on Microsoft Windows. This is largely because malware writers have not felt it necessary to infect the computers of Apple Mac owners when there have been so many poorly protected Windows users available.
Now, however, financially motivated gangs have begun to think that there is a viable reason to infect Macs alongside Windows PCs.
In November 2007, Mac OS X malware made the headlines. The functionality of the malicious program, known as OSX/RSPlug24, was fairly simple. It modified settings to redirect DNS requests to a server under the hacker control, allowing hackers to serve up fake websites requiring usernames and passwords, display adverts and so on.
OSX/RSPlug is connected to a widespread family of Windows malware called Zlob25, which promises to display pornographic material when the user loads a new codec (a program that allows internet users to watch video content).
Clicking on malicious email or web links takes the unwitting computer user to a site hosting malware. The malicious website examines the request made by the user’s web browser and responds appropriately, depending on whether the computer visiting the site is a Mac or Windows PC. Apple Mac computers receive the OSX/RSPlug-Gen file, which is not able to infect the Windows platform. A Windows PC, however, receives the Zlobar-Fam Trojan.
This approach means that the malware authors can target a much wider range of users with a single set of links – while the Trojans themselves are not cross-platform, the delivery mechanism is. Sophos has seen Mac malware planted on a large number of websites, with many variants of the Trojan being distributed.
Although Macintoshes have a long way to go before they overtake PCs in popularity, particularly in the office environment, analysts are reporting that an increasing number of consumers are open to considering purchasing a Mac computer rather than a PC in future. This may drive the emergence of more financially motivated malware for this platform.
It is concerning that the Mac has become the focus of at least one malware gang. Ultimately, future Mac malware attacks will be driven by how effective the attackers are at infecting Apple Mac users. The criminal hacking gangs are in business to make money, so if they do not see a return on their investment, they will not invest more effort.
For this reason, it is essential that Apple Mac users ensure they are properly defended - and stay clued-up about the various attack mechanisms that cybercriminals can use to break into their computers.
No comments:
Post a Comment