Network Security

20% of Macs Carry Windows Malware; 2.7% Have OS X Infections

20% of Macs Carry Windows Malware; 2.7% Have OS X Infections
April 24, 2012 11:45AM

Bookmark and Share
The security firm Sophos said that, while some Mac users are beginning to realize that their platform is increasingly being targeted, cyber-criminals look at Macs as a "soft target" for malware because many owners don't have anti-virus software and often have higher levels of disposable income than typical Windows users.

Neustar, Inc. (NYSE: NSR) is a trusted, neutral provider of real-time information and analysis to the Internet, telecommunications, information services, financial services, retail, media and advertising sectors. Neustar applies its advanced, secure technologies in location, identification, and evaluation to help its customers promote and protect their businesses. More information is available at www.neustar.biz.

One in five Macs are carrying malware -- that is designed for Windows machines. That's a key finding of a new study of 100,000 Macs, which also found that 2.7 percent of Macs had malware designed for Apple's OS X platform.

The study by security firm Sophos was based on computers running its free anti-virus software. Graham Cluley, senior technology consultant at Sophos, said in a statement that "some Mac users may be relieved that they are seven times more likely to have Windows viruses, spyware and Trojans" than Mac ones, but "Mac users need a wake-up call about the growing malware problem."

Top Malware

Windows malware on a Mac cannot do harm on that platform, but it can cause damage if the user runs Windows as a secondary operating system, or if the infected files are shared with a Windows machine.

The top Mac OS X-based malware found by Sophos in a seven-day snapshot of the surveyed Macs were, in order of occurrence, OSX/Fishplyr, OSX/FakeAV, OSX/RSPlug and OSX/Jahlav.

Seventy-five percent of the Macs that had OS X malware had the Flashback Trojan, which Sophos refers to as OSX/Flshplyr. Late last week, the Russian security firm that first reported the Flashback malware said that the number of infected Macs was still about 650,000, and growing.

OSX/FakeAV is the name Sophos gives to attacking software that includes Mac Defender, which started infecting computers in spring of last year. Sophos said it was present on 18 percent of Macs with OS X malware.

Sophos said that Bredo malware, which accounts for 12.2 percent of malware on the surveyed Macs, is usually sent via spam, and was first detected in 2009.

The top Windows malware were Mal/Bredo, Mal/Phish, Mal/FakeAV, Troj/ObfJS, Mal/ASFDldr, Troj/Invo, Troj/Wimad, Mal/Iframe, and Mal/JavaGen.

Macs a 'Soft Target'

The company noted that Mac malware is spread by USB stick, e-mail attachments, downloads from Web sites, or a "silent drive-by installation where the user doesn't realize their Mac's security has been subverted" by visiting a Web site.

The security firm said that, while some Mac users are beginning to realize that their platform is increasingly being targeted, cyber-criminals look at Macs as a "soft target," because many owners don't have anti-virus software and often have higher levels of disposable income than typical Windows users.

In a Tuesday posting on his company's blog, Cluley made the interesting comparison that the percentage of Macs with Windows malware was approximately the same as the percentage of young people estimated to have the sexually transmitted disease, Chlamydia.

"If it isn't too tacky to make a parallel," he wrote, both are easy to treat.

For the software problem, Sophos recommends an up-to-date anti-virus program, up-to-date OS and application security patches, and caution about which programs are installed, which links are clicked, and which attachments are open.

Another security firm, Kaspersky Labs, recommends creating a non-administrator account for everyday activities, using a sandboxed-Web browser such as Chrome, uninstalling the standalone Flash Player, uninstalling Java or at least disabling it in browsers, and using Office 2011 instead of 2008.

Kaspersky also recommends using Mac's built-in Keychain password manager, enabling full disk encryption or FileVault, and upgrading to Adobe Reader 10 or later.

Tell Us What You Think
Comment:

Name:

Bj:

Posted: 2012-05-12 @ 10:23am PT
Get Eset Cybersecurity for the Mac. Detects both Mac and Windows malware while running in Mac OSX.



 Network Security
1. Juniper DDoS for High-IQ Networks
2. Big DDoS Attacks Hit Record in 2014
3. U.N.: Nations Hide Digital Snooping
4. Can Google Stop Zero Day Flaws?
5. Google Hacker Team to Hunt Bugs




 Most Popular Articles
1. IBM Earmarks $3B for Next-Gen Cloud Computing Chips
2. Microsoft Targets CRM in Government Cloud
3. Amazon Unveils Zocalo for Cloud-Based Collaboration
4. Google CEO: Is the 40-Hour Workweek Really Necessary?
5. More Than Half of Networks Not Ready for Internet of Things




 Random Bytes
U.K. To Probe Facebook Experiment Facebook Buys Video Ad Biz LiveRail
Opera Software To Buy AdColony Spy Case Threatens German-U.S. Ties

Have an informed opinion on this story?
Send a Letter to the Editor.
We want to know what you think.
Send us your Feedback.

 Related Topics  Latest News & Special Reports

  Lenovo Still in Small Windows Tablets
  How Chrome Eats Your Battery Life
  Cisco Woos More Devs with DevNet
  Investor Wants EMC To Spin Off VMware
  Schools Buy Million Chromebooks in Q2

 Technology Marketplace
Big Data
Unlock your enterprise data's potential. Learn how in the research report.
Are you getting everything you can out of your business data?
 
Business Intelligence
Get real-time, cloud-based information services with Neustar.
 
CIO Issues
Secure and retain skilled technology professionals. Learn how.
 
Cloud Computing
Are you getting everything you can out of your business data?
 
Data Storage
Unlock your enterprise data's potential. Learn how in the research report.
 
Enterprise Hardware
Protect your network with APC Smart-UPS battery backup
Cisco UCS Invicta Series flash memory systems
 
Enterprise I.T.
Register for an upcoming ISACA® certification exam today
Secure and retain skilled technology professionals. Learn how.
 
Enterprise Software
Unlock your enterprise data's potential. Learn how in the research report.
 
Hardware
Protect your network with APC Smart-UPS battery backup
Ferocious productivity. A fearless team of pros. Find Out More
Cisco UCS Invicta Series flash memory systems
 
Network Security
Protect your network with APC Smart-UPS battery backup
 
Small Business
Ferocious productivity. A fearless team of pros. Find Out More