

Mac Malware Outbreak Is Bigger than 'Conficker' - mitchie_luna
http://www.pcworld.com/businesscenter/article/253403/mac_malware_outbreak_is_bigger_than_conficker.html

======
coderdude
That's weird, an article about Macs that _isn't_ being up-voted fervently. (I
kid, I kid.)

Interestingly enough, by "bigger" they just mean that a larger percentage of
Macs are infected compared to the percentage of Windows machines that were
infected by Conficker (when compared to the total number of machines in use on
each side).

~~~
chicagobob
Hmmmm ... I just read a blog post (Ars??) that upto 1% of Macs could be
infected.

What percentage of Window machines did Conficker infect? 30% 50%? I seem to
remember it was a huge percentage.

~~~
fjarlq
Estimates vary... here's one:

 _"It's estimated that at its peak Conficker infected more than 11 million PCs
globally."_

\-- [http://www.sophos.com/en-us/security-news-
trends/reports/sec...](http://www.sophos.com/en-us/security-news-
trends/reports/security-threat-report/html-04.aspx)

Numbers in the range 15-25 million were also tossed around. It's hard to
estimate.

Steve Ballmer expected the Windows installed base to cross the 1 billion mark
in mid-2008: [http://www.zdnet.com/blog/microsoft/microsoft-expect-
windows...](http://www.zdnet.com/blog/microsoft/microsoft-expect-windows-
installed-base-to-hit-1-billion-by-mid-2008/596)

Conficker peaked around January 2009 I believe. At 10 million that would be 1%
of 1 billion.

------
ghshephard
I take issue with one of the claims in this article, 'Apple isn’t to blame for
the threat. The vulnerability is in Java, not Mac OS X' if Apple decides to
ship a component with their OS (as they do with Java) and takes responsibility
for upgrading the components - then it is their blame if they delay the patch
for a month and allow all these additional machines to be infected.

Hopefully we'll see a 'malware removal' patch from Apple in the next five days
or so.

~~~
phamilton
I thought they stopped shipping Java with the OS.

~~~
Someone
Technically: yes.

Instead of Java, Mac OS ships with a stub that, when launched, offers to
download Java from Apple's servers.

------
aw3c2
Stupid linkbait headline (on the source, submitter is not to blame). Their
first paragraph clarifies:

 _(...) the Flashback Trojan botnet is even bigger than the massive Conficker
botnet… relatively speaking._

That's all there is to this "article".

------
tar
This is a very misleading title.

------
sxcurry
A lot of these reports are based on data from Russian antivirus vendor Doctor
Web. Does anyone have any information on Doctor Web, and how valid their
counting methods are?

~~~
mikenon
Kaspersky confirmed the number.
[https://www.securelist.com/en/blog/208193441/Flashfake_Mac_O...](https://www.securelist.com/en/blog/208193441/Flashfake_Mac_OS_X_botnet_confirmed)

