Mac OS X users have been largely protected from malware because of, as they say, “security through obscurity.” In the past there simply weren’t enough Macs around to make it worth the time to identify and exploit vulnerabilities.
That’s all changed.
Less than two weeks after the first major Mac malware infestation, two more Trojans have been identified. Both use vulnerabilities in commonly installed software to attack. Flashback and Backdoor.OSX were spread through Java exploits, and the third was spread through infected Microsoft Word documents shared via email. Flashback is estimated to have affected over 500,000 Macs. These new Trojans were used for targeted attacks and don’t appear to be actively infecting more computers.
After being widely condemned for its slow reaction, Apple released software updates for most OS X versions. They clean up any infestation and install a version of Java that does not have the vulnerability. In addition, Apple has beefed up its built-in security checks as part of another update.
As Apple’s software continues to gain popularity, we can expect to see more attack attempts and more potential malware. Security through obscurity is dead, at least for Macs. Welcome to popularity, Mac users!