2011 was an eventful year for Mac malware, seeing the release of the 'most effective and widespread malware' targeting Macs to date.
Intego has released its Year in Mac Security report for 2011 which contains a round-up of the biggest threats targeting Mac OS X, iOS and various third-party apps.
Of course, much of the report is focused on MacDefender, the first so-called 'scareware' scam to target Mac OS X, though such scams are commonplace on the Windows platform.
"2011 was a very eventful year for Mac malware and security issues. Intego discovered the most effective and widespread malware targeting Macs since the release of Mac OS X, and other types of malware kept pressure on Mac users. Security vulnerabilities were common, and users had to apply many security updates to their software to ensure that they were safe," Intego's report reads.
Later in the year, a couple of Backdoor Trojans were discovered - Olyx, which was never seen in the wild and Flashback, which disguised itself as a Flash Player installer.
"Since Mac OS X Lion does not include Flash Player, some users were fooled and thought this was a real installation link. When they clicked the link, an installation package downloaded, and, if the user was using Safari as their web browser with the default settings, the Mac OS X Installer would launch. The Trojan horse would install software that injected code into active applications, then connected to a remoteserver, from which it could download new versions of itself, or to which it could send files or data.
"The Flashback Trojan horse spread quite effectively and a fair number of Mac users were infected. A sneakier variant was spotted on October 13. This one checked to see if the infected computer was indeed a Mac, and not a virtual machine. This was because many malware researchers test malware in virtual machines, rather than infect full installations, as it is easier to delete them and start over with clean copies," the report reads.
However, Intego notes that there were "no major vulnerabilities that affected Mac OS X in 2011", though Apple did have need to issue security updates for iTunes, Safari, QuickTime for Leopard as well as AirPort base stations, Time Capsule and the Apple TV over the course of the year.
Many third-party software programs commonly used on Mac OS X required security updates throughout the year, such as Skype, Microsoft Office, Dropbox and Adobe's Reader and Acrobat programs. "A number of programs required security updates in 2011, but, fortunately, none of these had vulnerabilities that were successfully exploited against Mac OS X," the company said.
iOS required a fix in July for a PDF vulnerability that allowed iOS devices to be easily jailbroken, as well as a special update to deal with forged security certificates. Further security updates came when iOS 5 was released in October.
You can find Intego's full ear in Mac Security report for 2011 here.