Home > News > Security > Lack of Mac malware baffles experts

Lack of Mac malware baffles experts

By Shaun Nichols
22 March 2007 10:55AM
Tags: lack | mac | malware | baffles | experts

Exploit authors continue to ignore OS X.

Apple's Mac OS X remains almost completely free of any sort of malware threat despite several years of availability, a significant market share, and even an entire month dedicated to pointing out its flaws.

And security experts are not exactly sure why. In an article for the McAfee Avert Labs blog, security researcher Marius van Oers pointed out that Mac malware is "pretty much non-existent at the moment".

The researcher said that out of 236,000 known pieces of malicious software, only seven affect Mac OS X.

"With an estimated OS X market share of about five per cent on desktop systems we would expect to see more malware for OS X," said van Oers.

The Mac OS X system is not inherently more secure than other operating systems, according to the researcher.

The Unix/BSD code on which OS X is based is fairly well known, and van Oers noted that there are more than 700 pieces of malware targeting various Unix and Linux platforms.

Vulnerabilities in OS X are also plentiful. Apple's most recent update patched more than 30 security flaws.

But van Oers pointed out that many malware authors simply prefer to target the low-hanging fruit of a poorly maintained Windows system.

"Microsoft's Windows is dominant in the desktop market and it is clear why most malware is written for it," said van Oers.

"Also, prior to Vista, the various Windows versions were pretty much wide open, full access, making it relatively easy for malware to abuse."

The researcher warned, however, that the days of widespread attacks seeking to infect as many PCs as possible are over.

Old virus-style malware has been replaced by newer programs that aim to covertly infect specific groups of machines and build money-making botnets.

"Nowadays malware writers do not go for massive attacks but tend to focus on targeted attacks," explained van Oers.

"This is more worrisome then the poor malicious demonstrators that the OS X threats of Leap and Macarena really represent. Nevertheless it is clear that OS X malware is not taking off yet."

Ads by Google

Thoughts on this article? Add a comment below.

Comments: 5

McAfee paid for a "report" on Mac viruses? So, what's new? McAfee has a history of releasing malware "warnings" for Mac OS X to frighten the unwitting into buying anti-virus software. This looks like a more veiled approach. Also, Mac users love their Macs. Why would a Mac user do something to harm the platform? I doubt you'd find many people who love Windows, or Microsoft or the generic boxes Windows runs on. Quite the opposite, I'd suspect.

Posted by Mr. Reeee, Nov 9, 2008 1:01 AM

Report

Mr. Reeee hit the nail on the head, Mac users LOVE their Macs. When we have something minor like a Kernal Panic we pick up and coddle our MacBooks like it's a child with a cold. When the HDD takes tanking, even though everything is backed up with Time Machine, we feel like our old friend just had a near death experience. And in the cases where the actual machine dies, well you get the point. A true Mac programmer will not write a malicious code that could hurt him and most PC writers don't want to take the time to learn an Apple/UNIX system.

Posted by KindredMac, Nov 9, 2008 3:33 AM

Report

//The Mac OS X system is not inherently more secure than other operating systems, according to the researcher.// But surely this is the only conclusion that can be reached from the data? Certainly the other posters have a point — Mac users certainly tend to be committed to the platform — but this isn't enough to account for the extremely low level of malware for it. The researcher is an employee of McAfee, and they don't want to admit that they're unnecessary.

Posted by Roccondil, Nov 9, 2008 9:46 AM

Report

It seems to me that just the simple fact that you need to provide your admin password for any software install is a major deterrent to the malware writers.

Posted by Cubert, Nov 10, 2008 3:07 AM

Report

Perhaps Malware authors are aware of Apple's legal team's real capabilities. As soon as a malware author is identified and it's a full moon, Apple lawyers grow hairy and get long teeth... the rest is well documented in Michael Jackson's Thriller.

Posted by Rundell, Nov 10, 2008 11:23 AM

Report

Report this comment as offensive:

* Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.

Name:

Email:

(will not be displayed)

Comment:

(HTML not permitted)

Validation

Enter the code you see below:

Product Reviews

	Lieberman Software Enterprise Random PM The Lieberman Software Enterprise Random Password Manager is a full-on password manager and randomiser for...

	Proginet Corporation SecurForce Proginet SecurForce is a little bit of a horse of a different color for this month's Group Test.

	Siber Systems RoboForm Enterprise On the surface, RoboForm Enterprise starts out looking like a single sign-on product, but that is just on the...

	Symark International PowerBroker The Symark PowerBroker is a policy-driven, privileged access control application.

	Symark International PowerKeeper The Symark PowerKeeper is a hardened appliance. It comes with a sealed operating system that provides a...