Apple macOS malware soared 270% in 2017

Four new malware threats have been uncovered in the first two months of 2018

Mac malware increased by 270% in 2017, compared to 2016, a report by MalwareBytes has revealed, with four new major Mac vulnerabilities uncovered in the first two months of 2018.

Many of these security threats have been uncovered by Mac users rather than security researchers themselves. For example, the company revealed that the OSX.MaMi virus - the first of the year - was found by a Mac user on the company's forums who reported their DNS settings had been changed without their knowledge and the victim was blocked from changing them back.

Advertisement - Article continues below

The security firm explained that its own investigation it had concluded the OSX.MaMi malware was changing the settings to direct traffic intended for legitimate sites, such as online banking, Amazon, and iCloud, towards phishing sites and added a trusted root certificate in the keychain to run man in the middle attacks.

Following the discovery of the Dark Caracal malware, security firm Lookout found that it was able to offer remote backdoor access to Macs. The Java-based malware, which is suspected to have been state-sponsored, used a cross-platform RAT (remote access tool) which allowed hackers to use a backdoor to gain access to the infected machines.

"Although Macs no longer come with Java preinstalled, and haven't for years, it's important to keep in mind that nation-state malware is often crafted and used with some knowledge of the target(s) in mind," said Thomas Reed, Director of Mac & Mobile at MalwareBytes, in a blog post. "The targets intended to be infected with this malware may have had reason to install Java, or it may have been installed via physical (or some other) access by a hacker targeting specific individuals."

The third malware to debut this year - OSX.CreativeUpdate - was released via hacked website MacUpdate, which distributes software such as Firefox. The links to apps were replaced with malicious links, although the downloads bundled malware with the actual apps. Users installed the software thinking all was well, when in fact, malware was being downloaded on their machine in the background.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"These kinds of supply chain attacks are particularly dangerous, even capable of infecting savvy members of the development and security community, as was documented by Panic," said Reed.

The most recent discovery - OSX.Coldroot - is a generic backdoor attack that doesn't work on devices running the most recent El Capitan installation, however, older systems are still vulnerable. 

"Apple's macOS includes some good security features that are helpful, but they are easily bypassed by new malware, and they don't address the adware and PUP problem at all. macOS cannot be considered bulletproof," Reed finished.

Featured Resources

Key considerations for implementing secure telework at scale

Identifying the security risks and advanced requirements of a remote workforce

Download now

The State of Salesforce 2020

Your guide to getting the most from Salesforce

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Rethink your cybersecurity strategy for the new world

5 steps to secure the enterprise and be fit for a flexible future

Download now
Advertisement

Recommended

Andrew Daniels joins Druva as CIO and CISO
Cloud

Andrew Daniels joins Druva as CIO and CISO

22 Jul 2020
University of California gets fleeced by hackers for $1.14 million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Australia announces $1.35 billion investment in cyber security
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
CSA and ISSA form cyber security partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
UN report points to a 350% rise in phishing websites at start of 2020
phishing

UN report points to a 350% rise in phishing websites at start of 2020

7 Aug 2020