Mac Malware Monsoon in May

Here’s a quick update on the Mac OS X malware landscape, a rather hot topic this month. May started off with the announcement of the DIY malware kit Weyland-Yutani BOT. This news was shortly thereafter dwarfed by numerous reports of fake (a.k.a. rogue) security software for the Mac; names include Mac Defender, Mac Protector, Mac Security, and MacGuard.

In the past I’ve read comments from Apple users claiming that the XYZ threat for Mac isn’t a “real virus” because the victim has to manually install the threat. Mac users should understand that millions of Windows threats exploit the user, rather than the operating system. Attackers target the curiosity of the person at the helm of the mouse, who’s just a couple clicks away from watching that video, seeing a photo, or obtaining the system protection they’ve been “promised.” Sadly, many Windows users have grown accustomed to the tactics of those who seek to gain control over their PCs. But even sadder will be the non-Windows users who have lived in ignorant bliss.

Here’s a chart highlighting the recent increase in the creation of malware for Mac OS X, namely the impact of these rogue security programs on the landscape, as seen in red below.

Is this merely a short-term blip on the radar or the beginnings of a trend for Mac threats? Time will tell. However, rogue security programs in general are generating revenues of hundreds of millions of dollars a year for the bad guys, a powerful incentive. Furthermore, ZDNet estimates that 60,000-125,000 customers have called Apple support this month about such malware. Of course only a fraction of those infected would actually pick up the phone, so the problem is likely much larger.