Experts note that malware for Macs has been seen before, but until recently, organized criminal gangs have not felt the need to target Mac users when there are so many more poorly protected Windows PCs available. However, late 2007 saw Mac malware not just being written by researchers demonstrating vulnerabilities or showing off to their peers, but by financially-motivated hackers who have recognized there is a viable and profitable market in infecting Macs alongside Windows PCs. For example, many versions of the malicious OSX/RSPlug Trojan horse, first seen in November 2007, were planted on Web sites designed to infect surfing Apple Mac computers for the purposes of phishing and identity theft.
"No-one should underestimate the significance of financially-motivated malware arriving for Apple Macs at the end of 2007. Although Macs have a long way to go in the popularity stakes before they overtake PCs, particularly in the workplace, their increased attractiveness to consumers has proven irresistible to some criminal cyber gangs," said Graham Cluley, senior technology consultant at Sophos. "Mac users have for years prided themselves on making smarter decisions than their PC cousins -- well, now's the chance to prove it. The Mac malware problem is currently tiny compared to the Windows one, so if enough Apple Mac users resist clicking on unsolicited Web links or downloading unknown code from the Web then there's a chance they could send a clear message to the hackers that it's not financially rewarding to target Macs. If they fail to properly defend themselves, however, there's a chance that more cyber criminals will decide it's worth their while to develop more malware for Mac during 2008."
Experts are now discovering 6000 infected Web pages every day -- one every 14 seconds. 83 percent of these Web pages actually belong to innocent companies and individuals, unaware that their sites have been hacked. Web sites of all types, from antique dealers to ice cream manufacturers to wedding photographers have hosted malware on behalf of virus writers.
Cyber criminals can target any computer user by spamming out emails containing links to the poisoned Web pages, directing unsuspecting victims to the malicious code. The Web site can determine if the visiting computer is a Mac or a PC, and delivers malware custom-written for the surfer's operating system.
Wi-Fi presents cyber criminals with more avenues to explore
As computer users wise up to traditional malware attacks, such as email-borne worms, the Security Threat Report 2008 also reveals that the wider use of new mobile technologies and Wi-Fi enabled devices, like Apple's iPhone and iPod Touch, may be opening up new vectors of attack for hackers. Flaws have been found in the mobile email program and Safari browser installed on such devices -- but while uptake remains limited cyber criminals seeking large returns are unlikely to exploit these avenues on a major scale in the near future. However, as personal Wi-Fi devices grow in popularity, the risks will no doubt increase. Experts also note that the low cost ultra-mobile PCs, such as the popular Linux-based ASUS EEE laptop, are likely to gain the attention of the cyber underworld as sales continue to grow.
"The ultra-mobile ASUS EEE laptop, like many others, comes pre-installed with Unix, making it automatically immune to the vast majority of spyware and malware attacks," said Cluley. "However, it's still possible to lose money through phishing and identity theft on any device with an internet connection.
As it becomes more common for people to use a Wi-Fi enabled device which carries personal information, the greater the temptation for hackers to take advantage with malware in the future."
State-sponsored cyber snooping and cyber crime claims predicted to rise
During 2007, it became more common for countries to openly accuse each other of engaging in cyber crime, despite the fact that it can be extraordinarily difficult to prove where an attack originated and if it is government-sponsored or purely a lone hacker acting independently.
In April 2007, a large-scale distributed denial-of-service (DDoS) attack against Web sites in the Baltic state of the Estonia was blamed on Moscow, while in December 2007, it was revealed that MI5, the British secret service, believed that the Chinese government was behind electronic espionage against British firms designed to give China a commercial advantage. However, neither claim has been proved.
"2008 is likely to bring more accusations, but so far there has been no actual evidence of state sponsored cyber spying," said Cluley. "While spying has been happening for centuries, it is important to remember that hackers are experts at covering their tracks, making it difficult to determine the exact source of an attack. There is no doubt, however, of the importance of securing critical computers inside government organizations from hackers, no matter whether they are motivated by politics, espionage or simply money."
China is the number one country hosting malware in 2007
In 2006, China was responsible for hosting just over 30 percent of all Web-based malware, and held second place after the U.S. However, in 2007 this position was reversed with China hosting more than half of all infected Web pages.
"We would like to see China making less of an impact on the charts in the coming year. Chinese computers, whether knowingly or not, are making a disturbingly large contribution to the problems of viruses and spam affecting all of us today," explained Cluley.
