Security threats Toolkit

OSX 'at risk from attack'

Tags:
Viruses,
Security,
Mac OS X,
Worm

Munir Kotadia ZDNet.com

Published: 21 Mar 2005 08:55 GMT

Security vendor Symantec is warning that Apple's OS X operating system is increasingly becoming a target for hackers and malware authors.

In its seventh bi-annual Internet Security Threat Report, Symantec said over the past year, security researchers had discovered at least 37 serious vulnerabilities in the Mac OS X system. According to Symantec, as Apple increases its market share — with new low cost products such as the Mac mini — its userbase is likely to come under increasing attack.

"Contrary to popular belief, the Macintosh operating system has not always been a safe haven from malicious code," Symantec said. "Out of the public eye for some time, it is now clear that the Mac OS is increasingly becoming a target for the malicious activity that is more commonly associated with Microsoft and various Unix-based operating systems," the report said.

"Apple Computer has become a target for new attacks… The appearance of a rootkit109 called Opener in October 2004, serves to illustrate the growth in vulnerability research on the OS X platform… The various OS X vulnerabilities allow attackers to carry out information disclosure, authentication bypass, code execution, privilege escalation, and DoS attacks. Symantec believes that as the popularity of Apple’s new platform continues to grow, so too will the number of attacks directed at it," the report said.

Symantec’s concerns were echoed by James Turner, security analyst at Frost & Sullivan Australia, who said many of the people who bought Apple products were not concerned about security, which left them wide open to attack.

"The iPod, PowerBooks and mini Macs are cool products," Turner said. "The by-product is that people are buying these products for form over function. They say it looks pretty and then buy it but don’t secure it. As Apple increases its market share, it will be a legitimate target".

Trend Micro senior systems engineer Adam Biviano said all complex operating systems had security flaws and the more popular the platform, the more likely it would be attacked.

"All sophisticated platforms — Mac, Linux, Solaris or anything else — will have vulnerabilities," Biviano said. "The only reason Windows has had mass exploits written for it is the sheer number of connected devices that are present on most networks. As soon as you start seeing mass deployment of any technology you are going to see exploits".

According to Biviano, while there have not been any mass outbreaks of viruses targeting the Mac, the potential does exist.

"You don’t see Macintosh viruses in mass outbreaks but you do see them in the labs as proof of concepts. There aren't any outbreaks because there are simply are not enough [Macs] out there. For a virus to be successful it needs a combination of an exploit and a large target audience," said Biviano, who nominated the mobile phone market as an example of malware writers targeting the most popular platform, not Microsoft’s platform.

"Look at where mobile viruses are going and they are not targeting Microsoft — they are targeting the market leader, which is Symbian," he said. The Symantec report found in the second half of last year, an increasing proportion of malware was designed to expose confidential information. The report also found that phishing attacks increased by 366 percent while the number of Windows-based worms and viruses increased by 64 percent, when compared to the first half of 2004.

Munir Kotadia reported from Sydney for ZDNet Australia. For more ZDNet Australia stories, click here.