This article was published on April 24, 2012

One in five Mac computers carry Windows malware but only 2.7% harbor Mac OS X malware: Sophos


One in five Mac computers carry Windows malware but only 2.7% harbor Mac OS X malware: Sophos

A new report by security specialists Sophos suggests that as many as one in five Macs now carry Windows malware, with one in thirty six Apple computers containing Mac-specific viruses and exploits, further worrying users as they come to terms with the fallout  of the Flashback botnet.

According to a recent snapshot taken from 100,000 Mac computers running Sophos’ free anti-virus software, over 20% of Macs ran a Windows-specific form of malware, but only 2.7% of machines contained Mac OS X malware.

According to Graham Cluley, senior technology consultant at Sophos, Mac owners are being targeted by malware authors because they are “soft targets”, in the respect that they don’t typically run anti-virus software and “higher level of disposable income than the typical Windows user.”

Mac malware has entered the spotlight over the past month thanks to the proliferation of the Flashback botnet, which is reported to have infected over 600,000 Mac computers in the past few weeks, by taking advantage of a security flaw in Java which had been discovered in February.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

From its 7-day snapshot of 100,000 Macs, Sophos found that the Flashback trojan dominated infections by a wide margin.

  1. OSX/Flshplyr 75.1%
  2. OSX/FakeAV 17.8%
  3. OSX/RSPlug 5.5%
  4. OSX/Jahlav 1.2%
  5. Other 0.4%

The Flashback program installs itself on an un-patched machine and attempts to harvest web browsing activity, usernames and passwords. It then sends that information to its network of computers across the internet. It is what’s known as a ‘drive-by’ infection because it can install itself on your machine after just a visit to an infected page, without any administrator passwords or installation procedures necessary.

With the security of Mac computers in question, Apple took decisive action. It announced that it was working to attack the botnet that is spreading the infection and released a patch to Java, along with a standalone removal tool to take care of infections.

The one in five Mac computers that housed Windows malware contained:

  1. Mal/Bredo 12.2%
  2. Mal/Phish 7.4%
  3. Mal/FakeAV 3.8%
  4. Troj/ObfJS 3.6%
  5. Mal/ASFDldr 3.3%
  6. Troj/Invo 3.0%
  7. Troj/Wimad 2.6%
  8. Mal/Iframe 1.5%
  9. Mal/JavaGen 1.4%
  10. Other 61.2%

Some malware traces discovered by the probe dated back to 2007, with the most popular Windows program dating back to 2009.

Of course, this raises the issue of anti-virus software on Mac computers, something that Apple device owners have not typically had to think about in the past. Windows malware may not be able to infect Mac computers, they can still be spread via USB sticks and removable storage, potentially infecting other computers in the process.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with