Killer worms continue to steal Internet bandwidth and clog Mac user's email boxes, and the problem seems set to intensify. Meanwhile, virus writers are "showing increased interest in Unix", experts told Macworld.
Every computer user has seen their in-box clogged with infected emails in recent weeks, and there's a host of viral miscreants to blame. While the commonest viruses only infect Windows, Mac users can still pass infected mails on. The problem is colossal, experts agree, and is likely to grow worse.
The market dominance of the Windows OS exacerbates the problem, as virus writers want to maximize the potential damage they can unleash
Jan Andresen of UK security firm mi2g explained the situation today: "Individuals releasing viruses are aiming for mass proliferation and will therefore write code exploiting applications running on the more widespread operating systems. There is no justifiable reason to attack Macs in terms of the costings and economics."
Microsoft last week said over eight million PCs worldwide may have been compromised by recent waves of worm and virus infections. Until recently Windows PCs shipped with security features switched-off. While this has changed, experts expect it will take five or six years until Windows systems represent a less easy target.
Sophos warns of Unix attacks
However, Sophos senior technology consultant anti virus expert Graham Cluley warned Macworld that some virus writers are considering other operating systems: "A small number of virus writers are showing an increased interest in Unix, and there have been Unix worms which have spread in the wild."
He added: "For this reason Mac OS X users should not think they have nothing to worry about moving into the future."
The enemy isn't yet at the gates, Cluley stressed: "There's no evidence of any imminent attacks on Macs in the same way we have seen on Windows systems."
Apple's small user base is both blessing and curse. "Any Mac malware release will be stopped in its tracks by the lack of a large user base - writing one could be a waste of time," said Andresen.
Meanwhile, infected Windows machines are being exploited by hackers to launch so-called identity theft, or 'phishing' scams, as well as distributed denial-of-service (DdoS) attacks.
For example, Internet security expert Sophos today warned that the prevalent W32/Netsky-Q worm will commence DdoS attacks after midnight tonight, launching these at file sharing sites, such as KaZaA until April 11.
Sophos senior technology consultant Graham Cluley warned: "The worm is using innocent infected computers around the world to try and launch its attack."
"Home users should ensure their computers are properly protected with anti-virus updates and a personal firewall to ensure they are not contributing to the problem," he said.
Another breed of Netsky is also doing the rounds, [email protected]. This infection tries to open a backdoor to its host PC that hackers can use to execute malicious applications, such as keystroke loggers, as well as other nefarious activities.
Netsky spreads by stealing email addresses from infected computers, using these as 'mail from' and 'mail to' addresses.
Slightly more scary for Windows users, an old favourite worm has reappeared, Bugbear.E. This acts like others in that it sends itself to contacts in the Outlook address book. Thing is, this worm is capable of disabling many anti-virus programs. It also logs keystrokes and other data, emailing this to a hacker's remote account.
Cluley advises all computer users to "practice safe computing and ensure their systems are properly patched to avoid malware attack."
Mac users should also ensure they install the latest system security updates, and ensure their virus protection software is fully up-to-date.
Cluley's common-sense advise follows: "Always think twice before running unknown executable code on your computer – regardless of whether it is for Windows or Macintosh. You may have valuable personal data on your Mac (for example, family photos) and you wouldn't want that to be wiped."