More Attacks Target Macs, Experts Say

Benjamin Daines was browsing the Web when he clicked on a series of links that promised pictures of an unreleased update to his personal computer’s operating system.

Instead, a window opened on the screen and strange commands ran as if the machine was under the control of someone -- or something -- else.

Daines was the victim of a computer virus.

Such headaches are hardly unusual on PCs running Microsoft Corp.’s Windows operating system. Daines, however, was using a Mac -- an Apple Computer Inc. machine often touted as being immune to such risks.

He and at least one other person who clicked on the links were infected by what security experts call the first virus for Mac OS X, the operating system that has shipped with every Mac sold since 2001 and has survived, virtually unscathed, the onslaught of malicious software unleashed on the Internet in recent years.

“It just shows people that no matter what kind of computer you use, you are still open to some level of attack,” said Daines, a 29-year-old British chemical engineer who once considered Macs invulnerable to such attacks.

Apple’s iconic status, growing market share and adoption of the same microprocessors used in machines running Windows are making Macs a bigger target, some experts warn.

Apple’s most recent wake-up call came last week, as a Southern California researcher reported seven new vulnerabilities. Tom Ferris said malicious websites can exploit the holes without a user’s knowledge, potentially allowing a criminal to execute code remotely and gain access to passwords and other sensitive information.

Ferris said that he warned Apple of the vulnerabilities in January and February and that the company had yet to patch the holes, prompting him to compare the Cupertino, Calif.-based computer maker to Microsoft three years ago, when the world’s largest software company was criticized for being slow to respond to weaknesses in its products.

“They didn’t know how to deal with security, and I think Apple is in the same situation now,” said Ferris, a Mac user.

Apple officials point to the company’s virtually untarnished security track record and disputed claims that Mac OS X was more susceptible to attack now than in the past.

Apple plans to patch the holes reported by Ferris in the next automatic update of Mac OS X, and there have been no reports of them being exploited, spokeswoman Natalie Kerris said. She disagreed that the vulnerabilities made it possible for someone with malicious intent to run code on a targeted machine.

In Daines’ infection, a bug in the virus’ code prevented it from doing much damage. Still, several of his operating system files were deleted, several new files were created and several applications, including a program for recording audio, were crippled.

Behind the scenes, the virus also managed to hijack his instant messaging program so that the rogue file was blasted to 10 people on his buddy list.

Among the other signs that Macs are a growing target:

* The SANS Institute, a computer-security organization in Bethesda, Md., added Mac OS X to its 2005 list of the top 20 Internet vulnerabilities. It was the first time the Mac had been included since the list was started in 2000.

* Last week, SANS updated the list to warn against flaws in Safari, the Mac Web browser, which the group said criminals were able to attack before Apple could fix the problems.

* The number of discovered Mac vulnerabilities has soared in recent years, with 81 found last year, up from 46 in 2004 and 27 in 2003, according to the Open Source Vulnerability Database, which is maintained by a nonprofit group that tracks security gaps on many different hardware and software platforms.

* Less than a week after Daines was attacked in mid-February, a 25-year-old computer security researcher released three benign Mac-based worms to prove that a serious vulnerability in Mac OS X could be exploited. Apple asked the man, Kevin Finisterre, to hold off publishing the code until it could patch the flaw.