Nothing is guaranteed to bring the smug Mac user brigade out in force like a discussion on viruses and trojans. “Oh, we don’t get those – we use Macs!” they proudly announce. And they have a point; Mac malware is pretty thin on the ground right now. Indeed, the first virus to specifically attack Mac OS X didn’t come out until 2006 – five years after Mac OS X was launched.
Well the time for such smugness may be coming to an end. In the past few weeks we’ve had a published root escalation vulnerability, not to mention a Mac-targeted trojan in the wild that takes advantage of said vulnerability, and is evil enough to wipe the smile off even the smuggest Mac user’s face. Furthermore, Mac hackers have produced a tool to make future production of similar trojans almost trivially simple.
Maybe we’re seeing an increase in Mac malware now because Macs are getting more popular, with 80% of businesses allegedly now using them. More Macs make for a bigger, juicier target.
But Macs are secure – aren’t they?
Yes, Macs are built on UNIX, and yes, UNIX is generally pretty secure and battle-tested. But UNIX and Linux servers are compromised every day. Maybe not as much as Windows machines, but there are plenty of worms and rootkits out there for Linux. If malware authors start targeting the Mac in earnest, it’s unlikely that Mac users will get off that lightly. We can only hope that Apple starts tightening up security in Snow Leopard, as Dino Dai Zovi suggests.