Trying to work out how malware is spread globally, including among users of other security products and/or those with no antivirus – that’s both a thankless and very approximate task based on extrapolations from data from different sources. But before analyzing the numbers, first, an important disclaimer: these data come exclusively from users of our products.
#malware for OS X you’ve never heard about (but might find on your Mac) TweetĪt this point a logical deduction may be: ok, ok, there’s some malware for Macs these days, but is it really a significant threat to users? How likely is an infection on an unprotected Mac? And which is the most prevalent malicious program?
What it really does is install a malicious browser extension and/or a patched version of bitcoin-qt (an open source utility for mining bitcoins). Disguises itself as a few open source bitcoin utilities. CoinStealer– the first bitcoin-stealing malware for OS X. FileCoder– the first file encryptor for OS X. IOSinfector – installer of the mobile version of (OSX/Crisis) – yup, it infects iPhones. It contains a keylogger based on open sourced logkext driver. Ventir – a multi-modular Trojan-spy with hidden remote control. It looks like the virus writers were planning on uploading it to the App Store. It was signed with a trusted certificate of the developer. Laoshu – it takes screenshots once a minute. At the same time it steals contact lists, apparently to search for new victims. This gives the attacker remote access to the system. Callme – spreads in the body of a specially crafted MS Word document, which when launched installs a backdoor in the system via a vulnerability. Well, in the first eight months of this year we detected nearly a thousand unique attacks on Macs, grouped into 25 major families. It shows the number of malicious files for OS X we’ve discovered over the years.Īs you can see from the graph, just four years ago the year’s ‘catch’ of maliciousness was just 50, but then in 2011 there was a sudden surge, and ever since the annual cull has been counted in the hundreds – almost thousands. So what’s been going on in the Mac-threat world in recent years? I’ll start off with the following graph. And if you’re on for impartial, passionless discussion in the comments – please, be my guests! Mac-threats have evolved, the perception of security among Mac users has changed (but not too much), and the main question is what can we expect in the future? So here we go, without emotion, with just numbers and facts, for some unprejudiced analysis. Now, if you dig deeper and look at the situation from the inside, from the point of view of a malware expert, the picture is much less rosy… In 2013 alone detected ~1700 malware samples for OS X Tweet
Quite a way behind it is Android – a relatively new kid on the block. Sure, if you compare the threat levels of picking up some malware on different platforms, at the top of the table, by a long way, as ever, is the most widely used platform – Microsoft Windows. The security industry made quite a bit of noise about it (and quickly disabled the Flashback botnet), but since then – mostly silence… It might seem to some that ever since there’s been a complete lull on the Mac-malware front and not one bit of iMalware has disturbed Apple Bay’s calm waters… Yes, that’s how long it’s been since the global Flashback worm outbreak that infected 700 thousand Macs worldwide.
The last time was two and a half years ago. But for some odd reason I haven’t said anything interesting on this topic for quite a while… Is there any (Mac) OS X-specific malware around?