McAfee, Inc. , the global leader in Intrusion Prevention and Security Risk Management, today released key findings from McAfee Avert Labs demonstrating that malware attacks targeting Mac OS X are on the rise. According to McAfee Avert Labs, one of the top-ranked security threat and research organizations in the world, Macintosh platform vulnerability discovery rates have increased by 228 percent in the past three years alone, from 45 found in 2003 to 143 in 2005.
“Many believe that using an Apple operating system is a form of security in itself, believing that they are far less susceptible to malware than Windows users,” said Stuart McClure, senior vice president, global threats at McAfee. “And while the threats targeting the Mac operating system are low in volume, the use of Apple products does not provide an invisibility cloak from malware, and users need to be more vigilant about security as adoption rates soar and attacks on Apple operating systems increase.”
Geoff Coats, a graphic designer at New Orleans design firm Zande Newman, admits that he chose Apple and its Mac OS X because he believed it to be more secure than the Windows operating system. “My experience, and that of many other small-to-medium sized business owners, has taught me that Apple delivers a much more secure computing environment. However, I’ve recently realized that it might be time to re-evaluate that assumption and begin protecting my Mac from outside threats.”
Key research findings:
— From 2003 to 2005, the annual rate of vulnerability discovery on Apple’s Mac OS platform has increased by 228 percent, compared to Microsoft’s products which only saw a 73 percent increase.
— As demonstrated with their recent patches, Apple’s Mac OS platform is just as vulnerable to targeted malware attacks as other operating systems.
— Apple’s success with consumer products and its resulting higher profile will entice security researchers and hackers to target Mac OS and other Apple products, such as iTunes and iPods.
Rising Popularity Makes Apple a Target.
Though Microsoft’s massive market share makes its platform the preferred path to hacker stardom, and Apple’s customer base does not yet provide an overwhelmingly attractive target for profit-motivated malware professionals, McAfee warns that Apple users should not be complacent about their security. Apple’s recent shift to using Intel microprocessors in new Macs only raises Apple’s profile further and increases its customers’ exposure, and as Apple’s Macintosh computers gain ground in the PC market on the coattails of its popular iPod and iTunes consumer products, McAfee believes that hackers will increasingly point their digital “lock picks” toward Mac OS X and other products.
Availability of Exploit Code Problematic.
Apple appears to be in the earlier stages of malware evolution, where exploits are written and spread as proofs-of-concept to demonstrate authors’ technical prowess and to garner notoriety. McAfee believes that this incentive, coupled with the easy availability of Mac exploit code on the Internet, will make the Mac an open target for malware. Although the number of OS X-targeted viruses has been relatively low in total volume since January 2004, McAfee Avert Labs predicts that the growing number of Macintosh vulnerabilities will attract more and more talented hackers over the course of the next year and beyond.
For a copy of the McAfee Avert Labs whitepaper entitled “The New Apple of Malware’s Eye: Is Mac OS X the Next Windows?” please visit: http://www.mcafee.com/us/threat_center/default.asp .
