Sophos experts note that malware for Macs has been seen before, but until recently, organized criminal gangs have not felt the need to target Mac users when there are so many more poorly protected Windows PCs available. However, late 2007 saw Mac malware not just being written by researchers demonstrating vulnerabilities or showing off to their peers, but by financially-motivated hackers who have recognized there is a viable and profitable market in infecting Macs alongside Windows PCs. For example, many versions of the malicious OSX/RSPlug Trojan horse, first seen in November 2007, were planted on websites designed to infect surfing Apple Mac computers for the purposes of phishing and identity theft.

"Cybercriminals have begun to notice a trend in consumer ’s attractions toward Apple Macs during the last year, ” said Mike Haro, senior security analyst at Sophos. “This trend has led to a number of viruses and malware created by hackers for the purpose of attacking a growing number of consumers who purchase Mac computers. Mac users need to be aware that while the threats that exist right now are few in number, they still need to take adequate measures to protect themselves. ”

Sophos experts are now discovering 6,000 infected webpages every day - one every 14 seconds. Eighty-three percent of these webpages actually belong to innocent companies and individuals, unaware that their sites have been hacked. Websites of all types, from antique dealers to ice cream manufacturers to wedding photographers, have hosted malware on behalf of virus writers.

Cybercriminals can target any computer user by spamming out emails containing links to the poisoned webpages and directing unsuspecting victims to the malicious code. The website can determine if the visiting computer is a Mac or a PC, delivering malware custom-written for the surfer's operating system.

WI-FI PRESENTS CYBERCRIMINALS WITH MORE AVENUES TO EXPLORE

As computer users wise up to traditional malware attacks, such as email-born worms, Sophos's Security Threat Report 2008 also reveals that the wider use of new mobile technologies and Wi-Fi enabled devices, like Apple's iPhone and iPod Touch, may be opening new vectors of attack for hackers. Flaws have been found in the mobile email program and Safari browser installed on these devices. While uptake remains limited, cybercriminals seeking large returns are unlikely to exploit these avenues on a major scale in the near future. However, as personal Wi-Fi devices grow in popularity, the risks will no doubt increase. Sophos experts also note that the low cost ultra-mobile PCs, such as the popular Linux-based ASUS EEE laptop, are likely to gain the attention of the cyber underworld as sales continue to grow.

"Purchasing the newest technologies does not guarantee that your smartphone or laptop is completely immune to spyware and malware attacks," said Haro. "Any technology with an internet connection is a potential target for cybercriminals looking to exploit users for financial gain. Those with Wi-Fi connections need to make sure that they are taking the appropriate steps to password-protect and secure their connection. ”

STATE-SPONSORED CYBERSNOOPING AND CYBERCRIME CLAIMS PREDICTED TO RISE

During 2007, it became more common for countries to openly accuse each other of engaging in cybercrime, despite the fact that it can be extraordinarily difficult to prove where an attack originated and if it is government-sponsored or purely a lone hacker acting independently.

In April 2007, a large-scale distributed denial-of-service (DDoS) attack against websites in the Baltic state of Estonia was blamed on Moscow, while in December 2007, it was revealed that MI5, the British secret service, believed that the Chinese government was behind electronic espionage against British firms designed to give China a commercial advantage. However, neither claim has been proven.

"While there is no evidence of state-sponsored cyberspying, 2008 will likely see an increase in accusations toward other governments, ” said Haro. “Determining the exact source of these attacks is becoming increasingly difficult as hackers have become better at covering their tracks. For this reason, government agencies need to ensure that they prevent hackers from having an opportunity to infiltrate their computer systems. ”

MAL/IFRAME REMAINS DOMINANT MALWARE THREAT IN 2007

Web threats continued to be the preferred vector for malware attack in 2007.

The top 10 list of malware found on the web in 2007 reads as follows:

CHINA IS THE NUMBER ONE COUNTRY HOSTING MALWARE IN 2007

In 2006, China was responsible for hosting just more than 30 percent of all web-based malware and held second place after the U.S. However, in 2007 this position was reversed with China hosting more than half of all infected webpages.

The top 10 list of malware-hosting countries in 2007 reads as follows:

"China continues to top the charts every month, leading all others by a substantial margin in countries hosting malware. While all countries need to do their part in preventing the spread of spam and viruses, China needs to step-up its efforts in preventing the spread of threats," explained Haro.

For more information, including statistics on email threats, detection techniques and spam-relaying countries, please download the Sophos Security Threat Report 2008 from: www.sophos.com/securityreport2008.