October 23, 2010

Apple's Mac moment of truth arriving? Or just the silver bullet salesman?

Mac's moment of truth is arriving:

"We are approaching a tipping point, where it will soon be financially viable for cybercriminals to target their efforts at Mac users," says Ivan Fermon, senior vice president of product management, Panda Security. "When Apple reaches 15 percent market share worldwide, which Panda expects will happen very soon, we predict that hackers will begin to aggressively target attacks against this platform. The rapid increase in use of Apple-powered devices--iPhones, iPods, iPads--is also making the Mac platform a much more attractive target."

Not just any tipping point, the one where crooks target the platform. It is an interesting phenomena when such a large user base as Macs aren't an appealing target, but what can one say? It's a theory... More numbers:

"We receive an average of 55,000 new threats every day at PandaLabs. .... Panda has identified approximately 5,000 malware variants that specifically target Apple systems, and claims to see an average of 500 new samples each month. The Mac has been getting more security research and attention as well. There were only 34 vulnerabilities identified for the Mac in 2009, but with two months to go that number is already at 175 for 2010.

I'm not sure what to make of 55,000 new threats per day, does that mean PandaLabs has a factory of 1000 people with targets to qualify 55 threats per day? Outstanding productivity! But I know what to make of this:

So, the short answer to the question of whether or not your Mac needs malware protection is "Yes". Or, at least, it will soon need malware protection if the Apple platform continues to grow as a lucrative target. Consider it a badge of honor in recognition of gaining enough market share for cyber criminals to care. That is why Panda Security is launching Panda Antivirus for Macintosh.


Ahhh... So all the rest is in support of a sales call from our friendly silver bullet salesman. Well, of course :)

Posted by iang at October 23, 2010 05:15 AM | TrackBack
Comments

@ Iang,

As has been posted on another blog Apple appears to have taken a moderatly secure OS (BSD) and weakened the security with every single application they add.

And just to make everybody laugh look at the security issue Apple have just had with "FaceTime" ( http://arstechnica.com/apple/news/2010/10/facetime-for-mac-opens-giant-apple-id-security-hole.ars ). The first day of use shows a security issue on a live service that should have been dealt with in the system design stage, and failing that caught by the internal security team long long long before the service went public.

But it effects not just this service from Apple, it also effects other services (iTunes) such are the issues with all Single Sign On or other Shared Authentication Services which use a common backend database for the users credentials.

Posted by: Clive Robinson at October 23, 2010 08:20 PM

http://www.zdnet.com/blog/bott/microsoft-vs-apple-whos-winning-the-numbers-dont-lie/2504?tag=nl.e539

I suppose the facts speak for themselves ;-)

Posted by: Twan (the numbers don't like...) at October 25, 2010 04:35 PM

Hi Twan,

interesting article. Seems like Mac continues to inhabit the 5% market share point!

The facts speak for themselves, but what are they saying ;)

Posted by: Iang (Numerology) at October 25, 2010 04:37 PM

There's actually two factors affecting Apple's effective security, the first, as you say, is Apple's market share, the second is the fact that the global cybercrime industry has massive experience in creating Windows malware and very little at creating OS X malware. So I think malware targeting OS X (beyond simple targets of opportunity) will be more like the chances of mainstream apps targeting OS X than "it flips at 15%", you'd have to see a pretty big market opportunity to suspend current Windows development and spend several years getting up to speed on OS X. At most what we'll see is malware-VM platforms like Acrobat and Java being used for platform-neutral attacks, but otherwise I think Apple's safe for awhile yet. There may be boutique malware vendors targeting them, but the big guys have too much invested in Windows to switch easily.

Posted by: Peter Gutmann at October 27, 2010 03:41 AM

A new version of the infamous Koobface worm designed to attack Mac OS X computers is spreading through Facebook and other social networking sites, security experts warn.

Security software maker Intego says this Mac OS X version of the Koobface worm is being served as part of a multi-platform attack that uses a malicious Java applet to attack users. According to Intego, the applet includes a prompt to install the malicious software:

Intego notes that if the download is allowed, “it runs a local web server and an IRC server, acts as part of a botnet, acts as a DNS changer, and can activate a number of other functions, either through files initially installed or other files downloaded subsequently. It spreads by posting messages on Facebook, MySpace and Twitter, usually trying to get people to click a link to view some sort of video.”

...

Posted by: (Krebs) Koobface Worm Targets Java on Mac OS X at October 28, 2010 04:15 AM

Hackers took down Apple's iPhone and Safari browser, Microsoft's Internet Explore 8 (IE8) and Mozilla's Firefox within minutes at today's Pwn2Own contest, as expected.

The two-man team of Vincenzo Iozzo and Ralf-Philipp Weinmann exploited the iPhone in under five minutes, said a spokeswoman for 3Com TippingPoint, the security company that sponsored the contest. The pair also walked away with $15,000 in cash, a record prize for the challenge, which is in its fourth year.

Iozzo, an Italian college student, works for Zynamics GmbH, the company headed by noted researcher Thomas Dullien, better known as Halvar Flake, while Weinmann is a post-doctoral researcher at the Laboratory of Algorithms, Cryptology and Security at the University of Luxembourg.

Weinmann is probably best known for being part of a three-man team that in 2007 demonstrated how to crack the Wi-Fi security protocol WEP much faster than previously thought possible.

Charlie Miller, an analyst at Baltimore-based Independent Security Evaluators, brought down Safari on a MacBook Pro running Snow Leopard for a three-peat at Pwn2Own.

Miller won prizes in both 2008 and 2009 by hacking a Mac; last year, Miller cracked Safari in just 10 seconds. For his work today, Miller walked off with the notebook and $10,000 in cash.

No one else has won at Pwn2Own three times.

When his turn came, Pwn2Own newcomer Peter Vreugdenhil successfully exploited a vulnerability in IE8 running on Windows 7 with attack code called "technically impressive" by TippingPoint because it bypassed the operating system's Data Execution Prevention, or DEP, security mechanism, which is designed to stop most attacks.

Like Miller, Vreugdenhil, a freelance vulnerability researcher from the Netherlands, earned a $10,000 prize.

Another former winner, a German computer science student known only by his first name, Nils, was awarded $10,000 for hacking Firefox on Windows 7.

Of the browsers set up as targets for the contest, only Google's Chrome remained standing on the first day.

...

Posted by: all of them falling... at November 11, 2010 06:02 PM
Post a comment









Remember personal info?






Hit preview to see your comment as it would be displayed.