• United States



Suck it up, Apple addicts

Apr 11, 20124 mins
Application SecurityNetwork Security

The truth stings, especially if you’re a fanatical Mac user. They’ve smugly declared their chosen machines better than everyone else’s for years, scowling at anyone who dared tell them to take the love fest down a notch. They always bragged that they didn’t get malware. Now they’re being proven wrong.

To be fair, a lot of Apple’s products ARE better than Microsoft’s. Did anyone ever consider the Zune a viable alternative to the iPod? Does anyone really think the Windows smartphone is better than the iPhone? I’m an Android user, and I can’t wait until the contract expires so I can get an iPhone. I’ve also played around with several tablets and none come close to the iPad. All my opinions, of course. Feel free to disagree.

But I’ve never believed for a second that any of Apple’s devices were more secure than Windows devices. The only thing that made Macs a safer bet was that the bad guys still preferred attacking Windows for its easily-exploited vulnerabilities and larger market share.

The only thing that’s different in 2012 is that attackers now see a reason to attack Apple vulnerabilities that have always been there. You could say Apple is a victim of its own success. It has put out so many cool toys in the last five years that everyone is clamoring for those products. When people have to have it, attackers have to target it. Pure and simple.

So here we are, seeing headlines like this:

Fast-growing Flashback botnet includes over 600,000 Macs, malware experts say

In that story, IDG News Service writer Lucian Constantin writes:

More than 600,000 Macs have been infected with a new version of the Flashback Trojan horse that’s being installed on people’s computers with the help of Java exploits, security researchers from Russian antivirus vendor Doctor Web said on Wednesday. Flashback is a family of Mac OS malware that appeared in September 2011. Older Flashback versions relied on social engineering tricks to infect computers, but the latest variants are distributed via Java exploits that don’t require user interaction.

On Tuesday, Apple released a Java update in order to address a critical vulnerability that’s being exploited to infect Mac computers with the Flashback Trojan horse. However, a large number of users have already been affected by those attacks, Doctor Web said in a report issued on Wednesday. The company’s researchers have managed to hijack a part of the Flashback botnet through a method known in the security community as sinkholing, and counted unique identifiers belonging to more than 550,000 Mac OS X systems infected with the Trojan horse.

The botnet is growing at a rapid rate. Hours after Doctor Web issued its report, Ivan Sorokin, one of the company’s malware analysts announced on Twitter that the botnet had grown to over 600,000 infected computers. He also said that 274 Macs infected with the new Flashback variant were located in Cupertino, the U.S. city where Apple has its headquarters.

It was going to happen eventually, which is what makes this next headline a real eye roller:

Opinion: You are the biggest security risk to your Mac

Here, Ben Camm-Jones states what has become obvious at this point: That the hubris of Mac users is the biggest threat, especially when, he writes, “A poll run late last week on the Beta News website found that 75 percent of Mac users questioned didn’t run any anti-malware protection, whereas around 90 percent of Windows users did.” I agree with his next statement: “Given that the Flashback Trojan that Macworld reported extensively on last week has managed to infect some 600,000 Macs – even some within Cupertino, according to reports — there is no more excuse for having your head in the sand.”

Don’t feel too badly, Apple addicts: You still use some of the best technology on Earth. Your taste remains top-notch, and legions of nerds envy you — including me.

It’s just that reality has caught up with you. Now it’s time to adjust accordingly.