Mac users were once relatively insulated from malware attacks, if only because their OS platform didn’t attract the attention of criminals. But now a spike in security threats is making it clear that the bad guys are no longer ignoring Apple’s OS X.
The latest Mac security threat, a variant of the “LuckyCat” attack, takes advantage of an exploit in Microsoft Word documents, giving a remote attacker the ability to plunder infected systems, and steal data by hand.
It’s an exploit that’s been around for almost three years now, and is completely preventable if you keep your system up to snuff with security updates. The fact that it’s only now getting widespread publicity indicates how historically lackadaisical Mac users have been toward security — and that this attitude needs to change.
“I think this is a wake-up call that people running OS X need to start patching and updating their systems more,” Marcus Carey, a security researcher with vulnerability management firm Rapid7, told Wired. “Patching is the number one thing anyone can do to protect their computer.”
In the past, malicious attacks on the Mac platform have been few and far between. More than 90 percent of the desktop market share used to go to Windows, so that’s where cybercriminals focused their time. But in recent months, OS X adoption has been rising, and similarly the number of threats (like last year’s MacDefender trojan horse) have been rising.
“The OS X platform has always been as potentially hacked and compromised as any other platform, but it just hasn’t been targeted until now,” Dave Marcus, director of advanced research and threat intelligence with McAfee Labs, told Wired.
The Flashback Trojan gained notoriety earlier this month for infecting upwards of 650,000 Macs. Flashback used a Java-based security flaw to install itself onto systems, but Apple patched and issued a security update for it last week. (Public service announcement: Update your Mac right now, if you haven’t already).
But cybercriminals haven’t invented new, twisted ways of creeping into your MacBook.
Read the entire article over at Wired.com.