Apple is drawing upon the expertise of security researchers from Kaspersky Lab when it comes to security on OS X, according to Kaspersky CTO Nikolai Grebennikov. In an interview with Computing News, Grebennikov revealed that Apple had asked his firm to begin analyzing OS X in order to help improve its security. The request follows the recent high-profile Flashback scare, and shows that Apple is beginning to take steps to take OS X security more seriously.
“Mac OS is really vulnerable, and Apple recently invited us to improve its security. We’ve begun an analysis of its vulnerabilities, and the malware targeting it,” Grebennikov told Computing News. “Our first investigations show Apple doesn’t pay enough attention to security. For example, Oracle closed a vulnerability in Java, which was a target for a major botnet several months ago.”
Following reports that more than a half-million Macs were infected by Flashback thanks to a then-unpatched Java vulnerability in OS X, Kaspersky Lab boldly told members of the media that “Mac OS X invulnerability” to malware is a myth. Although the statement generated grousing among the Mac-using community, it’s true—security researchers have been arguing for years that Macs were only perceptibly “safer” because of their relatively low market share. It would only be a matter of time before attackers began focusing on the Mac, and Kaspersky argued last month that we have officially reached that point. “Market share brings attacker motivation,” the firm said in April. “Expect more drive-by downloads, more Mac OS X mass-malware. Expect cross-platform exploit kits with Mac-specific exploits.”