It was a subtle tweak, but it didn’t go unnoticed by antivirus software makers for long.
In big bold letters on its Web site, Apple had bragged for years that its Mac computer
“Doesn’t get PC viruses.” Then, two weeks ago, the company tweaked that wording to read simply:
“Built to be safe.”
The modification was immediately called out by antivirus companies who said the language tweak
was an official admission by Apple that its computers were no longer safe from the kind of hacker
attacks common to PCs running Microsoft Windows.
“I view the changes in the messages pushed out by their marketing department as some important
baby-steps,” Graham Cluley, a security expert at Sophos, wrote in a blog post.
“Let’s hope more Apple Mac owners are also learning to take important security steps —
such as installing antivirus protection.”
Apple has always marketed its computers as sleeker, more stylish and more secure than its
Windows counterparts. But its security claims were partly discredited last April after
security experts discovered a new piece of malware, called Flashback, had infected more than
half a million Apple computers in the largest-scale attack on Apple’s Mac OS X operating system to date.
The malware, which infected Apple computers through a hole in Java software, had been infecting
computers through especially nefarious means. Unlike most malware—which typically spreads when a
user clicks on a malicious link or downloads a malicious attachment—Flashback simply downloaded
itself without prompting.
Apple released two security patches for the vulnerability and encouraged Mac users to run their
software updates. That helped bring down the number of infected machines from 600,000 to 140,000
within two weeks. But it was not long before researchers discovered that a new variant of Flashback,
called Flashback.s, was continuing to infect Mac users through the same vulnerability.
Flashback was not the first time Macs had been targeted. In 2011, security experts discovered that
a piece of malware, called Mac Defender, masquerading as anti-virus software was infecting Macs.
Antivirus companies were quick to say the attacks heralded a new era in which Mac users were
no longer safe. Windows computers have always been cyber criminals’ preferred target simply
because there have always been more of them. But as Apple expands its share of the PC market—it
currently holds 12 percent of the PC market in the United States, up from a fraction of that only
a few years ago—antivirus companies claim hackers are turning their attention to Mac users.
Bigger market share means a bigger pool of targets making it worth the criminals’
time to build the malware.
Some security researchers have criticized those warnings as premature and say they are
simply the latest case of antivirus companies hyping a threat to sell more antivirus software.
“Two issues in two years is relatively minor compared with what happens in the Windows world,”
said Rich Mogull, the founder of Securosis, a security research company.
“Antivirus companies, in particular, can be pretty deceptive. They have been marketing Apple’s
immunity far more than Apple has and they are far more vulnerable. I no longer put stock in it.”