The recent Flashback/Flashfake malware outbreak targeting Apple’s Mac computers is likely to be just the start of a new wave of attacks aimed at the system, according to Kaspersky founder and CEO Eugene Kaspersky.
The CEO said that Apple is years behind Microsoft when it comes to security, and the company will have to change the ways it approaches updates following the recent malware attacks.
“I think they [Apple] are ten years behind Microsoft in terms of security,” Kaspersky said. “For many years I’ve been saying that from a security point of view there is no big difference between Mac and Windows. It’s always been possible to develop Mac malware, but this one was a bit different. For example it was asking questions about being installed on the system and, using vulnerabilities, it was able to get to the user mode without any alarms.” he claims.
“Cyber criminals have now recognised that Mac is an interesting area,” Kaspersky said. “Now we have more, it’s not just Flashback or Flashfake. Welcome to Microsoft’s world, Mac. It’s full of malware.”
“They [Apple] will understand very soon that they have the same problems Microsoft had ten or 12 years ago. They will have to make changes in terms of the cycle of updates and so on and will be forced to invest more into their security audits for the software.” he said.
The “Flashback” virus discovered to have infected more than 600,000 Mac computers earlier this month originated on a series of WordPress blogs, security experts have determined. According to Alexander Gostev, head of the global research and analysis team at Kaspersky, the virus began as a trojan hidden within a fake Adobe software update. In March, however, the malware’s creators repackaged the virus in a “drive-by attack” that infected users’ Apple computers when they visited one of thousands of compromised WordPress blogs.
As of the middle of last week, it is believed that more than 140,000 Mac computers were still infected with the virus, which is capable of intercepting private data and transmitting it without a user’s knowledge.