Macs Are Virus Targets, Some Experts Warn

In Daines' infection, a bug in the virus' code prevented it from doing much damage. Still, several of his operating system files were deleted, several new files were created and several applications, including a program for recording audio, were crippled.

Behind the scenes, the virus also managed to hijack his instant messaging program so the rogue file was blasted to 10 people on his buddy list.

Independent security consultant Rodney Thayer works at his desk in South San Francisco, Tuesday, April 18, 2006. Experts say the Apple operating system, long a haven of safety, is a growing security risk. On the left console Thayer is running a simulated attack test as the left console is tracking the network traffic from the attack. (AP Photo/Paul Sakuma) (Paul Sakuma - AP) QUIZ What percent of U.S. tweens own a mobile phone? A. 15 percent B. 25 percent C. 35 percent D. 55 percent • Test Your Knowledge -- More Questions Save & Share Tag This Article  Saving options 1. Save to description:  Headline (required)  Byline 2. Save to notes (255 character max):  Blurb 3. Tag This Article

"A lot of Mac users are in denial and have blinders on that say, 'Nothing is ever going to get to us,'" said Neil Fryer, a computer security consultant who works for an international financial institution in Britain. "I can't say I agree with them."

Fryer, also a Mac user, said he has begun taking additional precautions over the past year to make sure he doesn't fall victim to an attack. He spends more time than in the past scrutinizing his security logs for signs of intruders, and he uses a firewall and additional security applications, just as he would with a Windows-based machine.

Among the other signs Macs are a growing target:

_ The SANS Institute, a computer-security organization in Bethesda, Md., added Mac OS X to its 2005 list of the top-20 Internet vulnerabilities. It was the first time the Mac has been included since the experts started compiling the list in 2000.

_ This week, SANS updated the list to warn against flaws in Safari, the Mac Web browser, which the group said criminals were able to attack before Apple could fix it.

_ The number of discovered Mac vulnerabilities has soared in recent years, with 81 found last year, up from 46 in 2004 and 27 in 2003, according to the Open Source Vulnerability Database, which is maintained by a nonprofit group that tracks security vulnerabilities on many different hardware and software platforms.

_ Less than a week after Daines was attacked in mid-February, a 25-year-old computer security researcher released three benign Mac-based worms to prove a serious vulnerability in Mac OS X could be exploited. Apple asked the man, Kevin Finisterre, to hold off publishing the code until it could patch the flaw.

The Mac's vulnerability could also increase as Apple transitions to a product line that uses microprocessors made by Intel Corp., security experts said.

With new Macs running the same processor that powers Windows-based machines, far more people will know how to exploit weaknesses in Apple machines than in the past, when they ran on the PowerPC chips made by IBM Corp. and Motorola Corp. spinoff Freescale Semiconductor Inc.

"They have eliminated their genetic diversity," said independent security consultant Rodney Thayer. "The fear is that we're going to run into a new class of attacks."