Feeds

Windows malware dominates Mac malware detection chart

Sophos clean-up tool IDs carriers and rare Mac Trojans

Providing a secure and efficient Helpdesk

Malicious files that use the the scripting capability of Microsoft Media Player to infect Windows machines have emerged as the main threat detected on the machines of Apple users who have taken advantage of Sophos' recent offer of a freebie anti-malware scanner application.

The Windows-specific threat - identified by Sophos as ASDFDldr-A - typically comes in the form of maliciously constructed and padded media files that pose as music files from the likes of Lady Gaga and Madonna. It is only when these malicious files happen to be executed on Windows PCs that anything bad happens. Nonetheless it's better that these malicious media files are identified and removed than left lying around.

On Windows boxes, the malicious files use the scripting capability of Microsoft Media Player to redirect users to a booby-trapped website instead of playing the media content users were hoping to enjoy.

Java-based attacks also appear high in instances of malicious scripts detected by the Sophos security scanner, which was released earlier this month. These cross-platform scripts were typically found in the internet caches of Mac machines. "Many of these might have been designed to download further Windows-based attacks to computers, but they could easily be adapted to download Mac-based threats too," Sophos warns.

The security tool available here has also identified limited instances of Mac OS X-specific malware, Jahlav and DNS Changer. These well-known Mac Trojans are typically disguised as codecs supposedly needed to display video content. Routes to infection include maliciously constructed downloads on BitTorrent sites as well as supposed warez and prOn sites under the control of hackers.

The infamous Conficker worm also edges into the chart, appearing in 19th place. Conficker has no effect on Macs but it does spread via USB drives. Mac users probably got infected after their friends or colleagues with infected Windows machines shared an infected thumb drive with them. The malware has no effect on Mac machines except to make them a carrier of the malware, which can be spread onto previously uninfected Windows boxes when files are subsequently shared either via a USB drive or over the network.

Stats of the number of infections encountered or the percentage of Mac boxes discovered as harbouring malware are not available. The stats show that even the frequently encountered threat (ASDFDldr-A) crops up in just 4.62 per cent of infections reported to Sophos, a sharp contrast the monthly Windows malware charts in the past when one or two prevalent threats typically dominate.

Many of the nasties found on Mac boxes are actually incapable of causing harm on a MacBook or other Apple PCs. The only problem arises if malicious content (only capable of infecting Windows boxes) is shared.

In many ways the Sophos security scanner serves the same useful purpose as anti-virus scanners for Linux servers – by preventing the further spread of Windows-specific malware.

But even though instances of Mac malware remain rare, that's no reason for complacency.

"There is much less Mac malware than Windows malware, but that doesn't mean that Mac users should be blase about protecting their computers," said Carole Theriault, senior security consultant at Sophos.

The Mac malware prevalence stats come from the 150,000 active users of Sophos Anti-Virus for Mac Home Edition who have downloaded and updated the anti-malware software since its launch on 2 November. The security software is among the top 10 most downloaded products from Apple's download site and the most popular application from its networking and security section. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Microsoft WINDOWS 10: Seven ATE Nine. Or Eight did really
Windows NEIN skipped, tech preview due out on Wednesday
Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9
Forget touchscreen millennials, Microsoft goes for mouse crowd
Apple: SO sorry for the iOS 8.0.1 UPDATE BUNGLE HORROR
Apple kills 'upgrade'. Hey, Microsoft. You sure you want to be like these guys?
ARM gives Internet of Things a piece of its mind – the Cortex-M7
32-bit core packs some DSP for VIP IoT CPU LOL
Microsoft on the Threshold of a new name for Windows next week
Rebranded OS reportedly set to be flung open by Redmond
Lotus Notes inventor Ozzie invents app to talk to people on your phone
Imagine that. Startup floats with voice collab app for Win iPhone
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.