I’ve often overheard people saying the reason they like Macs so much more than PCs is because they are "less vulnerable to viruses."  But that’s simply not true, as Graham Cluley of Sophos correctly points out in his blog: Mac users are just as human as Windows users, and they too can be tricked into running software that they shouldn’t.  But the real reason Macs are perceived to be less vulnerable to viruses is because there just aren’t as many Mac viruses being written.  Apple computers still only represent about an 8-10% total market share.  Virus writers want their virus to have the maximum possibility to spread and be seen.

So why does the recent news about Twitter, LinkedIn and Facebook all suffering malware and/or phishing schemes matter?  It’s a sign that each has hit that crucial point where they are widely enough used and recognized to be targets in the first place.  If they were just small services that hardly anyone used, they probably wouldn’t be targets for virus writers at all.  By no means do I intend to imply that Twitter, LinkedIn and Facebook are necessarily equal to PCs in terms of quality.  But in terms of maturity, they all are relatively young and relatively untested services, so it’s not too surprising that these types of attacks could be launched so easily.

It’s probably the start to a year of two things:  1.) more attacks on these services will probably happen over the next year, with many malware and virus writers using them as a platform for propagation, and 2.) more companies may ultimately decide to limit or entirely shut off access to the services.  Both of them are truly unfortunate, but distinct possibilities, especially given that the reaction was exactly the same after instant messaging services such as Yahoo and MSN Messenger were being used to spread viruses as well.

Filed under: Consumer Web, Security