Study of 100,000 Macs Shows 1 in 5 Are Infected With Malware

A new study by Sophos, has shown that as many as 1 in 5 (20%) Macs are either infected or harbouring some kind of malware.

The study was based on the snapshot findings of 100,000 users of Sophos’s free Mac antivirus software, which in-turn found that 20% of people who had run the software on their machines harboured some form of infection. It should be noted that the Malware wouldn’t present a problem to the user unless they were also running an installation of Windows, but would help in the spread of the Malware to other computers.

However, more disturbingly,  the study did show that 2.7% of the computers who ran the AV software were found to be infected by Mac OS X malware. The other scary finding was that some of the malware found on these sampled systems dated back to 2007, which really goes to prove that the myth of Macs don’t get infected is just that. A myth.

Most recently, as many as 600,000 Macs were infected with the Flashback virus

Last year Mac users were also making the computer security headlines, when the Mac Defender infection started to infect multiple systems. Apple conducted their own internal investigation into the Mac Defender malware attack and issued an internal document with the words “Do Not Disclose Externally” written in red bold along the top, instructing the company’s front-line support people  “Don’t confirm or deny that an infection exists, and whatever you do, don’t try to remove it.”. See the document below.

There is a reason that Macs are such a simple target for malware writers currently, and one of the main reasons stems from a belief that the Mac OS can’t be infected. This is simply not true, but unfortunately, a lot of Apple users have listened to Apple dogma for too long and have no decent protection in place if any at all. As more and more Macs start to be used in the corporate arena, it should be of the utmost importance to the company to ensure that its systems are secure.

CNET wrote earlier this month about Apples lack-lustre approach to computer security regarding the recent Flashback infection and finished with the four points below.

Apple doesn’t allow Oracle to patch Java. The latest round of malware could have been avoided with faster patching. Since Apple likes to control its patching it is often behind. The window of exposure on the Mac platform is longer. The easy fix here is to let Oracle do the patching.

Apple has a rudimentary antivirus update utility that’s updated with signatures only when there’s a big enough threat. Apple knew about Flashback, which has been pointed out by security researchers, but didn’t ship an update.

Apple users have no idea if they are infected and don’t know how to search. Why would they know? Apple has told them there are no viruses on the Mac. This false sense of security is the primary reason Apple needs to start talking. Apple users are smug about security.

Anti-virus vendors can’t provide protection to the Mac because users don’t think they are needed.

Security industry insiders have known the Mac platform has its holes, but Flashback is the first in-the-wild issue that’s confirmed and big. More will follow unless Apple becomes more proactive.

It will be interesting to see how Apple’s CEO, Tim Cook will approach the companies poor approach to computer security in the following weeks.

%d bloggers like this: