One of Apple’s chief advantages in the personal computing market has been that its Mac computers have been relatively impervious to viruses and malware, at least when compared to Windows-based PCs. But that advantage may have been more difficult to maintain in 2011—at least, according to a new report from security firm Intego.
The company’s Year in Mac Security 2011, released this week, claims that 2011“was the most active year for Mac malware since the release of Mac OS X.” Much of the stepped-up activity can be blamed on the emergence of MAC Defender malware and the Flashback program that masqueraded as an Adobe Flash installer. Intego estimated that “ several hundred thousand Mac users” were affected by the year’s “bumper crop” of malware.
The MAC Defender malware spread via search engine optimization poisoning, using commonly searched terms to get prominent placement in search engine results and tricking users into downloading the faux virus-scanning application. Apple released a security update in May that targeted MAC Defender.
In its report, Intego contends that Mac owners may have been lulled into a false sense of security by the previous dearth of malware problems. “The majority of Mac malware … comes as Trojan horses, tricking un-savvy users into installing them, making them think they are something they are not,” the company said. “One of the main lessons for Mac users is that they should think very carefully about when they enter their password and when they install software.”
The 2010 report from Intego gave the impression that malware remained a minimal threat on the Mac platform, especially when compared to the PC side. But, asked by Macworld to put the malware threat faced by Mac users in context, Intego spokesman Peter James wouldn’t directly the address the matter of whether Apple products retain their security advantage over Windows PCs.
“It’s not a question of whether Mac OS X is more secure than Windows,” James said. “The issue now is that Mac users are facing unfamiliar threats, the kinds of threats that Windows users have dealt with for years. The weak link in the chain of security is the user, and both on Windows and Mac OS X, malware writers have been successfully exploiting this weakness through social engineering.”
But malware wasn’t the only challenge during 2011. Intego’s report noted security problems posed to Mac owners by users of third-party software such as Skype, Dropbox, and users of Adobe PDF-reading software. The report also touched on problems posed by hacking and phishing, as well as privacy issues raised by the rise of social networks like Facebook and Twitter. Still, the Intego report noted that there were no major vulnerabilities affecting Mac OS X in 2011.
Intego’s report emphasized the growing security risks faced by Mac users—particularly as they download or update their computer’s software—but made no mention of how those issues might be affected by 2011’s launch and rise of the Mac App Store. While Mac owners aren’t required to use the store to buy or install software, it has been suggested that one of the new store’s chief advantages is security—software that passes through Apple’s own processes being much less likely to pose malicious security issues.
Even with the store in place since January, though, Intego emphasized the 2011 offered a greater-than-usual number of threats to Mac computers. “It was,” the firm said, “a very eventful year.”