Why are there no viruses for Mac OS X?

« Previous article.
Next article. »

Sep
23

By: switchtoamac at: 4:08 PM on September 23, 2008 | Comments (13)

With today's cyber-threats and focus on computer security, it's no surprise that many people are ditching their Windows PCs for Macs running OS X.  Even Apple's 'Get a Mac' ads highlight the security issues that plague Windows.  The requirement to protect Windows installations from viruses, spyware and malware, have prompted many to make the switch.

No viruses for Mac OS X
It's well known that there are no known viruses for the Mac OS X operating system despite it being on the market for over seven years.  As of this writing, Mac OS X is virus-free.  There have been some attempted exploits in the past but those relied on social engineering.  A prime example was the trojan in 2006.  It required several actions to be undertaken by the user in order for the trojan to propagate.  Viruses on the other hand accomplish their work without the end user knowing.

At a very high level, I'll highlight the two most common reasons I've come across that are used by those who attempt to explain that no viruses exist for Mac OS X.

Reason 1 - small market share
Some people say the reason no viruses exist for Macs is that it's not worth the time for writers to focus on creating viruses for the Mac OS X operating system because of its market share.  There's no doubt that Mac OS X has a significantly smaller market share than Windows.  A common argument is that writers would rather focus on creating viruses and malware for Windows.

Reason 2 - Mac OS X is a modern operating system

Some will say that OS X is a modern operating system that is built on a secure UNIX foundation.  It is also argued that Apple has taken a big picture approach to security as it applies to operating system design and implementation.  The fact that Mac OS X was created after the Internet gives it a more secure architecture that makes it less susceptible to unauthorized access and malicious attacks.

Apple's stance on virus protection
Apple as early as this year encouraged Mac users to install virus and security software on Macs. Note that the page on which the recommendation was made no longer exists on Apple's web site but it can be viewed at the Internet archive here.

What's your take?
The goal here is to not give my opinion but open it up to readers so that they can have their say.  Also, do you think Mac users should run security software? Simply post your response or feedback in the comments section below.

Note that a more recent trend over the past few years is for attackers to exploit the software installed on an operating system and not necessarily the operating system itself.

Related Articles

13 Reader Comments

I think it's market share. Why would a person creating a virus waste his time on OS X when he/she could do more damage on Windows the OS that has like 90% of the market?

No way it's market share. Apple's operating system is better designed with security a central focus. This is why there has not been a virus for os x since it was released. If it was possible to infect, one would have been released by now.

Just my 2 cents.

Why? For eternal fame among hackers, that's why.

Let's face it, if so many 12-year old script kiddies can release variants of Windows viruses that wreak havoc, it can't be that much of a challenge, can it? On the other hand, propagating a damaging virus on a UNIX system is sure to make you a highly respected hacker.

Mac OS X is built on UNIX kernel, one of the oldest and most secure operating systems available. Windows is built on DOS which was never designed to be used as a networked OS, and is prone to attacks from anyone connecting to it.

It's NOT marketshare, because there were around a dozen or so viruses for the Mac OS way back in the System 6, 7, & 8 days. You can't get any more obscure that that! So much for the "security through obscurity" myth.

There were viruses for Vista when it was in beta and there were only a few thousand or tens of thousands of copies in use. So much for the scarcity argument.

I'll go with multiple reasons. Mac OS X is inherently more secure, it is shipped with more possible openings closed off, OS X warns you if something you are opening has been downloaded from the internet. The whole hacker culture is windows based. Their tools, their informants, their experts are all windows based. They probably need a certain critical mass to get started attacking OS X.

It may be that the big money is in hacking a small subset of windows machines. If you hack most Macs you get access to photographs, brochures, keynote presentations, school assignments, price lists, music and movies. If you hack into some windows machines you gain access to bank files, credit card databases, government databases, electric utilities and so on. So far Macs have been used by individuals and small businesses (and a few larger businesses). There is not much point in the Chinese, the KGB, the Russian gangsters or whoever in spending a lot of money developing fancy tools for hacking Macs. So the scarcity argument may have some validity, but it is the fact that Macs are not yet used in high value applications as opposed to their total numbers in the market.

Given the growth over the past couple of years one would think that the popularity increase would make people think about creating viruses for Macs. But this hasn't happened so I think it's the security built into the operating system.

I think John's theory about profitability has merit (very few large organizations have standardized on Macs, especially for backoffice, database, and development work), but it's not the whole story.

When you think about it, there are really two fundamental categories of virus authors: Professionals and amateurs.

Professionals, either independent or in the employ of others, write viruses with a specific purpose in mind (stealing/altering data, hijacking systems, sabotage, etc), and always have a larger objective in mind (i.e., profit). If they're going to last, they don't care about bragging rights or "proving" themselves, and they certainly wouldn't write a virus and release it into the wild for "fun" because that would increase the chances of being caught.

Amateurs, on the other hand, tend to be all about proving how powerful they are. At least within a small group, they want people to know that they were responsible for the attack on XYZ company. Sometimes they view the whole thing as a game, sometimes they're zealots for this or that cause, and sometimes they have a vendetta against a person or organization.

Basically, professionals tend to act "rationally" (at least within the context of their world), whereas amateurs are driven more by ego, pride, and emotion.

John's response certainly accounts for the pros, but why don't amateurs attack macs? Because there are a lot of people out there who harbor an irrational and intense hatred of Microsoft, but not very many who feel the same way about apple. Part of the reason linux hackers attack windows is to prove how inferior it is.

There is only one reason and one reason alone as to why there have been no known viruses to date for Mac OS X... because it is amongst the most inherently secure commercially-available operating systems on the market.

The whole "security through obscurity" argument is nothing but a cop-out for those who either can't understand why or simply refuse to admit that the Mac is a very secure platform. Apple is enjoying its largest market share since the 1980s... there are millions and millions of Macs in service and on the web, so it's hardly obscure. If one honestly thinks that it's simply not "worth it" to try and exploit damn near 1/10th of a pie that's as big as the computer market, then they're delusional. Even if that remotely held the tiniest bit of water, then how does one explain the fact that the Classic Mac OS had several (relatively speaking) well known viruses/attacks, especially when their market share was much lower in those days? Even more telling is the existence of hundreds of different kinds of malware out there which are written for linux... Linux is used by what - 1% of the market?

The argument that there's nothing worthwhile to be found on Macs does stack up well either. It is fairly common knowledge that Mac users, on average have both higher incomes and higher disposable incomes, especially due to their perception as nothing more than a high-end "luxury" item. Mac users store financial information on their computers just like everyone else... So if one of every ten computers is owned by someone who may very well have higher than average assets, then how is that not an attractive target?

The current Mac OS must be the "holy grail" of hackers, et al. It is impossible to fathom that untold numbers of hackers simply give the Mac a free pass and leave it and its users to their own devices totally unscathed. OS X has been on the market now for almost 8 years... In terms of computers that's eons, yet nothing has gotten out into the wild - even despite the fact that there have been full-fledged contests held to exploit the system.

I'm not so naive to think that there might never be any kind of malicious code released to exploit the Mac, but neither am I so naive to think that there hasn't been countless numbers of people out there who have tried unsuccessfully to do so over almost an entire decade's time.

There's only one answer to this question... and it requires giving Apple a massive amount of credit and an unquestionable "kudos," for something they most certainly deserve.

It's easy to simply put it down to 'small market share' as the sole explanation for Mac security. Why target 3% when you can target 95%? It's probably a contributing factor, but there's a couple of things that cast doubt on it being the only factor...

1) Software developers write application software for Macs, despite it only having a tiny market share. They must consider it worthwhile. Why would malware writers not consider it just as worthwhile?

2) There would be kudos among their peers for anyone who could get the first covertly self propagating virus onto virgin Mac territory. And who could resist wiping the smug grins of Mac users faces? Are you really going to suggest that of those who have such motivation, not one single one in the entire world can be bothered?

I would suggest therefore that it is a combination of factors which contribute to the Mac's relative security to date. Under the radar for most malwarers, but also a pretty damn hard nut to crack for the remainder.

In my opinion it's just the market share, I generally don't think Mac is "More Secure" I just think people don't care to attack a Mac because there's a lot less users. Just like this post

heather on: September 23, 2008 5:25 PM said:

I think it's market share. Why would a person creating a virus waste his time on OS X when he/she could do more damage on Windows the OS that has like 90% of the market?

More people use Windows. I use a mac because I'm doing some iPhone development (don't bug me about it) that's it. I'm generally a Windows/Linux user. I use windows for everything, Linux for just messing with just wanting to learn. and mac for that one reason. I generally don't care for macs but the funny thing is I HAVE ONE. :(

Again Mac CANNOT be more secure than any other OS can because there's always someone out there that can crack that code because there will be some kind of security hole in every system ever made WINDOWS, LINUX, OR MAC. People just don't care to attack it. It's generally not worth the effort or time. I'm not a hacker I'm just looking at it from a hacker's standpoint.

"There are, as far as we know, no Mac OS X viruses in the wild.
To prove that assertion wrong, you only have to name one."

"Again Mac CANNOT be more secure than any other OS can because there's always someone out there that can crack that code because there will be some kind of security hole in every system ever made WINDOWS, LINUX, OR MAC. People just don't care to attack it. It's generally not worth the effort or time. I'm not a hacker I'm just looking at it from a hacker's standpoint."

Not worth the effort? Tell me who wouldn't like to see someone wipe the smug, superior grins off all Mac users by writing the first successful virus for OS X? The kudos would be beyond most virus writers wildest wet dreams.

But, as you admit, you're not a hacker, so I don't see how you can possibly comment from "a hacker's standpoint" . I suspect you are not a programmer either, as any programmer knows that writing malicious code is the (relatively) easy part - the real trick is getting unwitting victims to run them and pass them on to their friends without them knowing about it. It is this virulent behaviour that makes a virus a virus.

This is much, much easier on Windows than on Unix-based operating systems. Anyone can write malicious code for Windows and then distribute it, you don't even need to be a programmer. Look at Office macros, for example: I've seen plenty of cases where secretaries or PAs have embedded some botched attempt at a macro in a Word or Excel document before sending it in an email to their colleagues. Microsoft have stuck big ugly sticking plasters over a lot of this by flagging up dozens of warnings to the user before they download a file from the Internet, attempt to change their network settings, etc., but this is not proper security - it's an afterthought.

Writing effective viruses for Unix takes considerable programming skill and experience, and people with those skills tend to use them for good and profit, rather than evil. Think about it: to write viruses for a Mac, you'd have to own a Mac... so why would you want to poison your own water hole when there's good money to be made writing decent software for your fellow Mac users?

Remember: Windows viruses are generally written by the same sort of destructive delinquents that graffiti their own neighborhood (hence the term, "script kiddies"). These same talentless individuals are not capable of writing Unix viruses.

Speak your mind - Leave a Comment