A new analysis from McAfees Avert Labs has predicted that the phenomenon of malware targeting Apples OS X is set to get much worse.
According to McAfees Is Mac OS X the Next Windows?, between 1987 and 2006, the company documented only 76 Apple viruses, compared to 100,000 viruses aimed at Windows over the same period.
Despite the starkness of this contrast, however, the number of vulnerabilities reported to the US National Vulnerability Database that related to OS X had risen from 45 in 2003, to 143 in 2005, an annualised 228 percent rise. By contrast, the rate for Windows was now 78 percent.
For more than 26 years, Apple has avoided the security spotlight, the report says. This good fortune is at least partly due to its significantly smaller share of the personal computer market.
The emergence in 2006 of malware exploiting known and previously unknown (i.e zero-day) vulnerabilities confirms Apples new and unwanted position in the crosshairs of malware authors, the report continues.
According to Sal Viveros of McAfees Avert Labs, past statistics on Apple virus rates were irrelevant. As with Windows, the biggest threat was from malware seeking out specific software vulnerabilities rather than old-fashioned nuisance programs.
Apples OS X was not, as some have supposed, less likely to have such holes than Windows. What mattered was the motivation of malware writers such as criminals to search out and exploit them.
We have seen an evolution in organised crime to finding exploits (on OS X), said Viveros. We are seeing the early stages of a new trend.
Currently, most Apple exploits were aimed at opening holes in the operating system. This would probably evolve so that other software was attacked as well, he said.
The McAfee report concludes: The recent bias of malware authors towards smaller, focused attacks coupled with the easy availability of Mac exploit code on the Internet may one day make the Mac OS a tempting target for the same types of malware currently plaguing the Windows world. Mac users would do well to take notice and become more vigilant.
McAfee currently sells an anti-virus application for Mac users, and so has a vested interest in selling more copies. Nevertheless, the statistics underline that rise of Apple malware is no myth drummed up to discredit the platform.
It is no longer simply the number of exploits that matters, but their severity and likelihood of hitting an unprotected user.
Viveros had no statistics on the take-up of anti-malware software among Mac users, but suggested that many remained unprotected because they believed the platform was unlikely to be targeted. This only increased the likelihood that a single targeted attack would cause major problems for the Mac community in the near future.