“Wake Up, Mac Users!” One In Five Macs Carry Malware


Kaspersky is helping Apple identify vulnerabilities in Mac OS X.
Mac users are being urged to "wake up" and realize that malware is a growing problem for Mac OS X.

Think your Mac’s safe now that you’ve removed that Flashback infection? Think again. New research conducted by security specialists Sophos has revealed a “disturbingly high level” of Macs are currently carrying malware, though much of it is designed to attack Windows machines.

Of the 100,000 Macs that Sophos analyzed, one in five was found to be carrying Windows malware, while one in 36 was carrying malware designed for and dangerous to Mac OS X.

Sophos used a snapshot of 100,000 Macs running its free antivirus software and found that one in five machines was carrying one or more instances of Windows malware. While the malware cannot have any affect of Mac OS X, it can be spread, and it can affect your system if you choose to run Windows inside your Mac.

2.7% of those machines were found to be carrying Mac OS X malware. That doesn’t sound like a lot, until you realize it’s accounts for one in 36 machines, which is alarming. Graham Cluley, senior technology consultant at Sophos, is urging Mac users to “wake up” and realize that malware is a growing problem for the Mac:

Some Mac users may be relieved that they are seven times more likely to have Windows viruses, spyware and Trojans on their Macs than Mac OS X-specific malware, but Mac malware is surprisingly commonly encountered. Mac users need a wake-up call about the growing malware problem.

The Flashback infection, which has been in the news a lot recently after it was found to be infecting more than 600,000 Macs, is at the top of the charts when it comes to Mac malware threats:

1. OSX/Flshplyr 75.1%
2. OSX/FakeAV 17.8%
3. OSX/RSPlug 5.5%
4. OSX/Jahlav 1.2%
5. Other 0.4%

So how do you pick up these infections? Well, you can get them from infected USB sticks, email attachments, files you download from the web, or from what Sophos describes as a “drive-by installation,” whereby the malware is installed onto a Mac without its user’s knowledge.

Cluley explains that Mac users are seen as a “soft target” because of the common misconception that Macs are immune to malware, and that they don’t need antivirus software:

Cybercriminals view Macs as a soft target, because their owners don’t typically run anti-virus software and are thought to have a higher level of disposable income than the typical Windows user. Mac users must protect their computers now or risk making the malware problem on Macs as big as the problem on PCs.

The top Windows malware discovered on Macs includes:

1. Mal/Bredo 12.2%
2. Mal/Phish 7.4%
3. Mal/FakeAV 3.8%
4. Troj/ObfJS 3.6%
5. Mal/ASFDldr 3.3%
6. Troj/Invo 3.0%
7. Troj/Wimad 2.6%
8. Mal/Iframe 1.5%
9. Mal/JavaGen 1.4%
10. Other 61.2%

Some of this malware dates back to 2007, and Sophos insists that much of it wouldn’t be around if users had installed an antivirus product sooner. “The simple fact is that you can scan your Mac for infection from your armchair,” Cluley said. “The test is painless and free; you just download an anti-virus product and allow it to check your computer and protect it against infections in the future.”

I know what I’ll be doing this evening.

[via The Next Web]

  • David Fulero

    A security firm whose business it is to sell security software says that malware is on the rise in Macs? Yep I guess I should be worried.

  • Tomas Villegas

    Exactly David! Great observation Sophos, let me head to your site and purchase your protection suite NOW!

  • slaws

    “According to a recent snapshot taken from 100,000 Mac computers running Sophos’ free anti-virus software” so all of these Macs in this survey had virus protection, provided by Sophos, and yet 1 in 5 still harbored Windows malware and 1 in 36 sitll harbored Mac malware. I’m not sure what this says about Sophos’ free anti-virus software.

  • Reivax

    Would it have been difficult to (accurately) insert the word ‘Windows’ between ‘Carry’ and ‘Malware’ in this headline? It wouldn’t undermine the idea that Mac users should take security precautions seriously; but it would make the headline seem less like fear-mongering link bait. :: With regard to the statistics, it should also be considered that many people who -have- installed Sophos’ security software didn’t do so for no reason: they likely suspected something was up with their computer due to sluggishness or crashes. It’s likely a small skew, but one nonetheless.

  • technochick

    100k out of millions seems a bit of a low sample for the FUD they are shouting. Plus they are an anti virus software company. So they want it to sound horrible. It helps them make more sales.

    That said, now that Apple is getting so much press there’s a big reason for hackers to create malware even if it comes with no payload. It gets them press and sometimes that’s enough for them. So despite the whole FUD issue it is actually good that these companies are pointing out the risks so hopefully fewer folks will fall for things like installing Flash from unknown sources etc

  • pdm777

    So let me get this straight…Sophos said that they know this bit of information because, they sampled a number of computers running their software and found that the computers contain viruses and malware…this does not say much for Sophos or make me want to run out and get Sophos for my Mac.

  • Andrew John

    All this yelling from anti virus software developers is getting annoying. How about a REAL investigation on malware on Macs, not one reportedly done by a company who profits from this. Am I to gather that their software reports back to them about viruses or malware? Isn’t that illegal without the users consent? You seriously have to wonder who writes these viruses and malware hacks don’t you. It is in their interests that these things exist. Uni students studying computer programming have been known to be approached by certain companies to write exploitative code for them. Why would a programmer waste their time doing that when they can make money writing apps?

  • TechUser

    “just download an anti-virus product and allow it to check your computer” Yeah, right! Any and all of the freeware virus scanners are just another entry point into your Mac. DON’T DO IT!!

  • TechUser

    The anti-virus software developers are the guys who are spreading the malware and viruses! It’s BIG business.

  • Mac Dots

    Don’t Bring Virus (Anti Virus Softwares) to Your Mac…

  • applegamer82

    The moving goalposts in the comments are hilarious over the last few years. Mac is invincible, errr Mac is mostly invincible, umm that is trojans aren’t viruses! I mean um well screw the other platforms, I’ll infect who I want. It is time for everyone to grow up, take a deep breath and realize a few things. A. No OS is secure. The NSA measures security for the most hardened BSD systems in terms of time to break in, not if it can be broken in to. B. Apple has always been slow to patch and basically sucks at security. Thats right, they suck at security, do some research on patch release dates for java. Speaking of which, APPLE owns their version of java. Stop blaming oracle, it is in fact apple’s fault. We have been living in a pretty great time which is coming to an end. I am grateful for all the malware free computing time that we have had. C. Trojans are not viruses like Scott tissue is not a Kleenex. Good luck educating journalists, just get over it. D. Antivirus companies are they only entities who are going to find the threats out there in order to report stories to us. Because they are antivirus companies who specialize in this. Who do you want to come up with this data? Apple? I wouldn’t trust them to do it. So who? The government? If you think Sophos is lying pursue it. Find the numbers and examine it yourself. E. If you want to spread malware to your dumb window$ pals I guess you can be smug and do that. Personally I don’t want to pay the long term costs of their stupid choices in higher credit card fees and the cleanup of all the bank fraud the dumBows users cause. F. When sophos or any other vendor finds malware, they usually clean it. The comments about it sucking are unfounded. New AV install numbers are through the roof lately giving NEW data. This isnt a machine running sophos and then sophos admits 20% infection rates in their user base after a cleaning process. Sigh. Pull your heads out of the sand and act like adults instead of justifying your expensive purchase.

  • ApplePr0n

    I don’t believe those numbers one bit. Sorry, someone who doesnt sell malware protection tell me the real numbers

  • justmeblue5ft3

    I’d like to know how “Sophos” knows this= yet fails to give Mac users a way to remove malware that is geared to Windows PC’s -on a Mac. 

  • justmeblue5ft3

    Since they were so anxious to report this and provide a “free” Mac version, why can’t they be bothered to tell a Mac user how to remove the Malware if it’s found. Even the “free” version did not do that, I clicked remove and it spun and said remove manually. I said hmmmm and uninstalled Sophos, put in my Norton Internet Security and it found NOTHING. So much for Sophos

  • gavernmusic

    This claim and article is a complete and utter load of rubbish that screams “fear based profitability”. 1 in 5 Macs? What a load of trash! Yes of course I realise that no OS is completely safe but the likelihood of a Mac getting a virus or Trojan in comparison to a PC is almost the difference between night and day. And to anyone who is fearful enough to install 3rd party “anti-virus” software on your Mac, when then don’t come crying when you get a virus because of it. Why not be wise and go with what’s worked for years 90% of the time and that’s Apple’s own software security updates. Don’t try and fix something that is not broken because you will end up breaking it.

  • ApplePr0n

    “MACS HAVE VIRUSES!!! HURY PROTECT YOURSELF WITH MALWARE PROTECTION!!!” – every malware protection company