Cyber criminals 'now target Mac users'
London, January 24, 2008
Organised criminal gangs for the first time targeted Mac users last year with the intention of stealing money, according to a report by IT security and control firm Sophos.
The report reveals that in 2007 financially-motivated hackers extended their efforts beyond Windows and for the first time targeted Mac users.
Sophos, has published its Security Threat Report 2008 examining the threat landscape over the previous twelve months, and predicting emerging cybercrime trends for this year.
The company is warning computer users of all operating systems not to be complacent about security.
Sophos experts note that malware for Macs has been seen before, but until recently, organised criminal gangs have not felt the need to target Mac users when there are so many more poorly protected Windows PCs available.
However, late 2007 saw Mac malware not just being written by researchers demonstrating vulnerabilities or showing off to their peers, but by financially-motivated hackers who have recognised there is a viable and profitable market in infecting Macs alongside Windows PCs, the report said.
For example, many versions of the malicious OSX/RSPlug Trojan horse, first seen in November 2007, were planted on websites designed to infect surfing Apple Mac computers for the purposes of phishing and identity theft.
'No-one should underestimate the significance of financially-motivated malware arriving for Apple Macs at the end of 2007. Although Macs have a long way to go in the popularity stakes before they overtake PCs, particularly in the workplace, their increased attractiveness to consumers has proven irresistible to some criminal cybergangs,' said Graham Cluley, senior technology consultant at Sophos.
'Mac users have for years prided themselves on making smarter decisions than their PC cousins – well, now's the chance to prove it. The Mac malware problem is currently tiny compared to the Windows one, so if enough Apple Mac users resist clicking on unsolicited weblinks or downloading unknown code from the web then there's a chance they could send a clear message to the hackers that it's not financially rewarding to target Macs.'
'If they fail to properly defend themselves, however, there's a chance that more cybercriminals will decide it's worth their while to develop more malware for Mac during 2008.'
Sophos experts are now discovering 6,000 infected webpages every day – one every 14 seconds. 83 per cent of these webpages actually belong to innocent companies and individuals, unaware that their sites have been hacked. Websites of all types, from antique dealers to ice cream manufacturers to wedding photographers have hosted malware on behalf of virus writers, the report said.
Cybercriminals can target any computer user by spamming out emails containing links to the poisoned webpages, directing unsuspecting victims to the malicious code. The website can determine if the visiting computer is a Mac or a PC, and delivers malware custom-written for the surfer's operating system.
As computer users wise up to traditional malware attacks, such as email-borne worms, the security threat report also reveals that the wider use of new mobile technologies and Wi-Fi enabled devices, like Apple's iPhone and iPod Touch, may be opening up new vectors of attack for hackers.-TradeArabia News Service
More IT & Telecommunications Stories
- Kuwait moves to create telecoms watchdog
- Batelco backs Royal Fund for Martyrs
- Egypt's Global Telecom posts $749m Q4 loss
- Red Hat launches open source BPM suite
- Batelco announces new board
- Batelco offers improved broadband
- You don't own phone numbers, warns TRA
- Tech giants back top Qatar ICT event
- Du to provide wifi access in public areas
- Zain finalises $800m, five-year loan facility
- Ooredoo Q4 net profit falls 36pc to $140m
- Mobily, Etisalat team up for LTE roaming
- Batelco approves $84m dividends for 2013
- Etisalat Q4 profit rises 70pc to $394m
- Kenya telecom firm to join Etisalat SmartHub
- Aruba appoints new sales director
- Du enters $1.17 billion financing deals
- VIVA extends 4G LTE offer
- Batelco to update students with latest technologies
- Etisalat SmartHub seals IPX agreement
- Etisalat picks Alcatel for LTE network expansion
- Boeing, QCRI host machine learning forum
- Mobily provides 4G LTE international roaming
- Viva Kuwait, Huawei to set up innovation centre
- Etisalat, Airtel deal to boost network services
- Batelco offers 4G LTE backup solution
- Arbor unveils ‘Peakflow’ solution
- Etisalat launches enterprise mobility services
- STC launches advanced 4G network
- Dubai to host ITU global summit