Apple must change security practices to combat Mac OS Trojan threat

The discovery of yet another Trojan targeting Apple's Mac operating system is further proof that Apple needs to change its approach to cyber security, according to security vendors Kaspersky and Trend Micro.

Trend Micro's Rob McArdle reported that Apple's Mac OS has now become a valid target for cyber criminals, warning that the company's head-in-the-sand approach to security is no longer a viable option.

"You need three things to make a platform a valid target for a hacker," McArdle told V3.

"One, you need it to be easy to develop for and create malware. Two, you there to be a security issues, which there is with Mac as most users don't run anti-virus. And three, you need there to be enough people using it for it to be worth targeting. So Apple's become a good target."

McArdle highlighted the recently discovered OSX/Crisis Trojan as proof that Mac malware is evolving, following the same pattern seen 20 years ago with the growth of Windows viruses.

"The malware has several firsts for Mac but not for Windows. The ability to survive reboots is a very standard feature for Windows malware. Some other new things for Mac include the malware's ability to turn on infected machine's microphones, turning the Trojan into a surveillance attack."

McArdle warned that the affluent nature of most Mac users also added an extra incentive for criminals to target the OS for surveillance purposes.

"People who use Macs tend to be more affluent. If you can afford a £1,500 computer you're probably fairly wealthy and as such useful to target," McArdle told V3.

"Also in a corporate setting, people with Macs tend to be higher up in management, meaning data stolen could be valuable."