Macs aren’t as safe as they used to be. Think your Apple product is safe from malware? That only people using Windows machines have to take precautions?
According to cybersecurity software company Malwarebytes’ latest State of Malware report, it’s time to think again. The amount of malware on Macs is outpacing PCs for the first time ever, and your complacency could be your worst enemy.
Windows machines still dominate the market share and tend to have more security vulnerabilities, which has for years made them the bigger and easier target for hackers. But as Apple’s computers have grown in popularity, hackers appear to be focusing more of their attention on the versions of macOS that power them. Malwarebytes said there was a 400 percent increase in threats on Mac devices from 2018 to 2019, and found an average of 11 threats per Mac devices, which is about twice the 5.8 average on Windows.
Now, this isn’t quite as bad as it may appear. First of all, as Malwarebytes notes, the increase in threats could be attributable to an increase in Mac devices running its software. That makes the per-device statistic a better barometer. In 2018, there were 4.8 threats per Mac device, which means the per-device number has more than doubled. That’s not great, but it’s not as bad as that 400 percent increase.
Also, the report says, the types of threats differ between operating systems. While Windows devices were more prone to “traditional” malware, the top 10 Mac threats were adware and what are known as “potentially unwanted programs.”
Latest macOS Threats in 2021
First, Macs are not generally vulnerable to what we traditionally classify as malware: that is, code which can do nasty things like delete files, or encrypt your drive for a ransomware attack. Apple’s protections against this type of attack are extremely strong.
Macs are mostly only vulnerable to so-called adware. This does things like redirect searches or load tabs automatically to earn ad revenue for the attacker. Here are some of the most recent and lates Macos threats Mac users should watch out for:
1. LaoShu
First discovered in early 2014, LaoShu is a remote access trojan (RAT) that employs spam emails as its primary infection vector. This signed malware attempts to trick an unwitting user into executing it by masquerading as a .pdf file. It is actually a .app Mach-O application file. Once executed, it opens a backdoor that gives an attacker the ability to control, steal, or exfiltrate sensitive information.
2. KeRanger
KeRanger is one of the first ransomware threats to target the Mac OS® and was distributed by threat actors compromising the installer for the Transmission BitTorrent client application. KeRanger was signed with a valid Mac Developer ID in 2016 meaning it could bypass the built-in Mac OS Gatekeeper feature which blocks untrusted applications. Once discovered, the fraudulent signature was revoked.
3. XcodeGhost
XcodeGhost, first identified in 2015, is malware whose objective is to gather information on infected devices and upload it to C&C servers. XcodeGhost affects both iOS® and Mac OS® X and its malicious code was repackaged into some versions of the Xcode installers, Apple’s official tool for developing apps for iOS and Mac OS X. It successfully infected at least two iOS apps that were accepted into the App Store.
4. Shlayer Trojan
In a report by Kaspersky which detailed the 10 most common threats its macOS users encountered in 2019, Shlayer tops the list which hit 10 percent of all of the Macs Kaspersky monitors, and accounted for nearly a third of detections overall. Shlayer is a rather ordinary piece of malware. In fact, it relies on some of the oldest tricks in the books: convincing people to click on a bad link, then pushing a fake Adobe Flash update.
Shlayer’s brilliance, it turns out, lies less in its code than its method of distribution. The operators behind the trojan reportedly offer website owners, YouTubers, and Wikipedia editors a cut if they push visitors toward a malicious download. A complicit domain might prompt a phony Flash download, while a shortened or masked link in a YouTube video’s description or Wikipedia footnote might initiate the same. Kaspersky says it counted more than 1,000 partner sites distributing Shlayer. One individual, Kaspersky says, currently owns 700 domains that redirect to Shlayer download landing pages.
5. NewTab
NewTab only appeared on the scene in December 2018, but rapidly rose in 2019. NewTab is an adware family that attempts to redirect searches in the web browser for the purpose of earning illicit affiliate revenue, and it is mostly delivered in the form of apps with embedded Safari extensions.
NewTab apps are often spread through fake flight or package tracking pages, fake maps, or fake directions pages. In one early example, a fake package tracking page would accept any number entered, and regardless of the number, clicking the Track button would download a “PackagesTracker” app, with some instructions on how to open it. The app did not actually provide any tracking functionality.
Don’t Miss-
5 Best Ways to Protect Your Computer Against Ransomware
A Step-by-Step Guide for Downloading Apple’s OS- the macOS Big Sur
How to Protect Your Mac Against Malware
People need to understand that they’re not safe just because they’re using a Mac. They need to exercise care about what they click on, what apps they download, and who they allow having access to their computers.
Fake Flash installers are one of the top methods for getting malware installed on a Mac. In general, if you’ve downloaded malware, you can try removing it manually or, if you’re less comfortable messing around with your computer’s settings, get a security program that will do it for you.
As always, practice good password hygiene, as one machine was infected because the hacker gained remote access by using a password that was exposed in a password breach. That’s one of many reasons to use different passwords for your accounts and change them on a regular basis.
Of course, downloading anti-virus software never hurts. Just make sure the one you choose is a trusted source. And always be wary of free software — it’s never really free.
