Apple malware became more sophisticated in 2011
Rogue antivirus targets Macs for first time
By John E Dunn | Techworld | Published: 16:12, 25 January 2012
Malware aimed at Macs is still insignificant compared to Windows but Apple users should to pay careful attention to the growing threat from social engineering attacks, a report has found.
The Year in Mac Security by Apple security company Intego divides 2011 into two halves before and after the day, 2 May, when the fake antivirus scam Mac Defender was discovered.
Before that point, the threat to Macs was much the same as it had always been, which is to say a clutch of interesting but low-level threats, including one earlier in the year based on the notorious Blackhole exploit kit well known in the Windows world.
Related Articles on Techworld
The appearance of OSX/MacDefender.A changed the equation. As well as being the first significant rogue antivirus product to attempt to scam Apple users, it was designed using Java as a multi-platform attack that could also target Windows and Linux PCs too.
In the following days, more versions of the scam appeared under different programs names including Mac Protector and Mac Guard and MacShield, as Apple fielded a rising number of support calls from users fooled into installing the useless software.
Later in the year, Intego reports the appearance of further apps such as the Flashback Trojan, a bogus but convincing-looking Flash player.
In short, criminals are suddenly willing to write bogus apps (or ones re-purposed in Java) that seek the path of least resistance by attempting to trick Mac users into agreeing to install bad software.
“The year 2011 was the most active year for Mac malware since Mac OS X was released,” said Intego’s blog. ”Not only did Intego find more unique samples this year, but the Mac Defender fake antivirus brought Mac malware to the masses.”
The company even discovered a tool designed to bot Macs for use in DDoS attacks, something unthinkable only a year ago.
About the only good news during 2011 was the arrest of the Estonian gang accused of being behind the DNSChanger search redirection malware that has been a major nuisance to PC and Mac users for years.
