NEWS
Apple macOS malware soared 270% in 2017
2381
2018-03-13
Posted by 3uTools

Mac malware increased by 270% in 2017, compared to 2016, a report by MalwareBytes has revealed, with four new major Mac vulnerabilities uncovered in the first two months of 2018.


Many of these security threats have been uncovered by Mac users rather than security researchers themselves. For example, the company revealed that the OSX.MaMi virus - the first of the year - was found by a Mac user on the company's forums who reported their DNS settings had been changed without their knowledge and the victim was blocked from changing them back.


The security firm explained that its own investigation it had concluded the OSX.MaMi malware was changing the settings to direct traffic intended for legitimate sites, such as online banking, Amazon, and iCloud, towards phishing sites and added a trusted root certificate in the keychain to run man in the middle attacks.


Following the discovery of the Dark Caracal malware, security firm Lookout found that it was able to offer remote backdoor access to Macs. The Java-based malware, which is suspected to have been state-sponsored, used a cross-platform RAT (remote access tool) which allowed hackers to use a backdoor to gain access to the infected machines.


Apple macOS malware soared 270% in 2017


"Although Macs no longer come with Java preinstalled, and haven’t for years, it’s important to keep in mind that nation-state malware is often crafted and used with some knowledge of the target(s) in mind," said Thomas Reed, Director of Mac & Mobile at MalwareBytes, in a blog post. "The targets intended to be infected with this malware may have had reason to install Java, or it may have been installed via physical (or some other) access by a hacker targeting specific individuals."


The third malware to debut this year - OSX.CreativeUpdate - was released via hacked website MacUpdate, which distributes software such as Firefox. The links to apps were replaced with malicious links, although the downloads bundled malware with the actual apps. Users installed the software thinking all was well, when in fact, malware was being downloaded on their machine in the background.


“These kinds of supply chain attacks are particularly dangerous, even capable of infecting savvy members of the development and security community, as was documented by Panic,” said Reed.


The most recent discovery - OSX.Coldroot - is a generic backdoor attack that doesn't work on devices running the most recent El Capitan installation, however, older systems are still vulnerable. 


"Apple’s macOS includes some good security features that are helpful, but they are easily bypassed by new malware, and they don’t address the adware and PUP problem at all. macOS cannot be considered bulletproof," Reed finished.


Source: itpio

Related Articles
macOS High Sierra 10.13.2 Beta 4 Now Available Apple Releases macOS Catalina With Find My, Screen Time, and No More iTunes Rumor: Apple Blocks Activation on iOS 9.0-9.3.5 Firmware Apple Still Signing iOS 11.3 Beta 5/6, Downgrade to It to Jailbreak Your iPhone iCloud Bypass Bug Discovered in iOS 11 How to Download Apple’s Official iOS IPSW with One Simple Step? iOS 10.3 Jailbreak / iOS 10.3.1 Jailbreak Apple Acquires German Eye Tracking Firm SensoMotoric Instruments