San Francisco More than 600,000 Apple Inc. Mac computers were affected by a hacking attack, a sign that the once rarely targeted company is becoming a bigger focus for people intent on spreading malware, a security research firm said.
The attack affects computers running Apple's Mac OS X software, according to Russian antivirus software maker Doctor Web. Most of the infected computers are in the United States and Canada, the firm said in a blog posting.
Apple fixed a security hole last week that let the malicious software spread. Users who haven't downloaded the necessary updates are vulnerable, Doctor Web said.
"This once again refutes claims by some experts that there are no cyber threats to Mac OS X," Doctor Web said.
Apple spokesman Bill Evans declined to comment on the hacker attack. He noted that there are 63 million Macs in use worldwide.
Unappealing target
Macs have historically been an unappealing hacking target because of their low market share. Instead, criminals have attacked personal computers running Microsoft Corp.'s Windows software, seeking the biggest number of victims for illicit moneymaking schemes. Windows runs on more than 90 per cent of the world's desktop computers, according to market researcher Net Applications.
The attack that Doctor Web analysed is an especially harmful variety that infects computers without user interaction.
To get hit, users just need to visit a poisoned webpage and the infection happens silently in the background. The vulnerability that allows the attack to take place exists in Java, the widely used programming language for building web pages.
Boris Sharov, Doctor Web's chief executive officer, said in an interview that the spread of the infection appears to have levelled off at around 600,000 computers, a sign of the effectiveness of the security patch. He pointed to a Doctor Web page for detecting and removing the malicious software, which is called BackDoor.Flashback.39.
Origin in September
The malicious software first appeared in September and has gone through a number of transformations since then, targeting Macs and generally being used to steal personal information such as passwords, according to Liam O Murchu, a manager of security response operations at Symantec Corp.
"It just shows that no matter what operating system you're using, you can be at risk," he said in a phone interview yesterday. "No one is immune."