Incident Response, TDR

U.S. accounts for most Mac OS X attacks and websites seeded with malware

This year was a tough one for U.S. Apple users and U.S.-run websites, according to Kaspersky Lab's year-in-review blog post.

U.S. Apple users accounted for the largest portion of attacks on Mac OS X this year with 98,077 users being attacked, which accounted for 39 percent of all Mac OS X attacks Kaspersky documented.

This trend toward U.S. users could be for an obvious reason, said Patrick Nielsen, senior security researcher, Kaspersky Lab. Put simply, Americans use Apple computers more than other documented countries.

“As Macs have grown in market share we have seen a matching correlation with attacks,” he said. “It's just that they've become much more interesting to attackers.”

More than 3 million attempts to infect Mac OS X-based computers were blocked this year, as compared to 1,363,549 blocked attempts on Android-based devices.

The U.S. also topped the list of countries where online resources were seeded with malware. The U.S. accounted for 27 percent of infected online resources. Germany came in second at 16 percent. Again, Nielsen said, that could simply be attributed to many of the most popular websites being based in the U.S, which would offer a wealth of possible victims.

Although attacks continue to trend upward on all devices, one specific method did see a decrease in infection attempts: SMS trojan attacks.

Attacks on Russian citizens, in particular, dropped. The country had previously been a major target. The blog post says this drop could be attributed to mobile operators in Russia having to use an Advice of Charge mechanism, which requires the operator to inform a device owner of the cost of the service and get confirmation of the payment whenever a message is sent.

This doesn't mean mobile isn't lucrative for attackers, noted Nielsen, as evidenced by Android attacks.

More than anything, however, this year was marked by the proliferation of sophisticated malware, Nielsen said.

“A lot of groups that used more traditional methods in the past are now taking lessons out of the APT playbook,” he said. “They're using more techniques to get in and trying to stay in. They will certainly do it a lot more in the future because they have more advanced ways of getting in.”

Overall, Kaspersky Lab detected and neutralized 6,167,233,068 threats from November 2013 to October 2014.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.