Are Mac OS X rogues an emerging threat?
For many years discussions of the potential for malware on Macs have ended with the conclusion: “there isn’t much yet, but as soon as Mac gets a big market share the dark side is going to start writing the code.” There are indications that the bad guys are working on it.
There have been some blog posts suggesting that the dark side is working hard to create a Mac OS X compatible rogue. SCMagazine is carrying a piece quoting a spokesman for researchers at Intego. Apparently Intego researchers got proof-of-concept code for an OS X rogue from underground sources and determined that it didn’t quite work. However, they concluded that some sophisticated coding was going on:
The SCMagazine wrote: “The PoC was actually created with code that was provided by Apple as part of its developer software, (Peter) James (of Intego) said. Apple includes an API in its developer technology that can be used to create a tool called a “kiosk,” which locks a user into an application or disables certain operating system functionality. The PoC does not encrypt files, but launches an application that implements the kiosk tool and locks the user’s computer.”
Rogue anti-malware products — and VIPRE has 1965 detections for them — are one of the fastest growing types of malware out there and are huge money makers for the nasty folks behind them.
So, Mac users, be careful what you click on and if you get a pop-up window screaming that your machine is “infected” and offering to sell you a virus protection product to take care of the problem – you know the “day” has arrived.
Dancho Danchev on ZDNet: “Mac OS X SMS ransomware – hype or real threat?”
Update, 3:10 p.m.:
Such a coincidence – Caris & Company, analyst Robert Cihra: “But believe it or not, we estimate Apple’s iMac accounting for a full one fourth of ALL desktop market growth in calendar year 2010.”
Apple Insider piece: “Apple’s iMac to account for 25% of global desktop growth in 2010”