Apple Magic Vanished as Malware Caused 11% of macOS Observations Last Year.
Apple Magic Vanished as Malware Caused 11% of macOS Observations Last Year.
We would like to inform you of a minor cybersecurity secret… Malware is present on Mac computers. Practically it has been always there.
11% of all observations documented by a famous organization on Mac computers in 2023 were for various variants of malware — the catch-all term used by cybersecurity researchers to refer to ransomware, trojans, info stealers, worms, viruses, and more — according to malware-based report.
While the 11% percentage may not appear significant, bear in mind that a considerable number of individuals continue to hold a false belief that Apple devices, Mac computers included, are impervious to cyberattacks due to some sort of “Apple magic.”
As opposed to being a product of outdated advertising (the 2006 commercial from the “I’m a Mac, and I’m a PC” series caused irreparable damage), “Apple Magic” stems from erroneous conclusions regarding the most significant breaches assaults in cybersecurity. It is mistakenly thought that Macs are immune to attacks, given that the majority of such attacks target Windows devices and servers.
The reality is considerably more complex, given that the widespread and noticeable concentration of attacks on Windows systems stems from Microsoft’s extensive tenure of triumph in the realm of business computing.
Windows was virtually utilized by each and every multinational company, local travel agency, dentist, hospital, school, government agency, and city hall for decades. This widespread adoption benefited Microsoft and its financial performance, but it also attracted and sustained the attention of cybercriminals, who continued to develop malware with the potential to affect the greatest number of individuals.
For this reason, even in the present day, the most significant breaches primarily concentrate on Windows-based malware and the occasionally unpatched vulnerabilities present in Windows software and applications.
In essence, cybercriminals restrict their efforts to Windows, given that it is the primary target.
Last year, however, new information indicated that everything might be transforming.
Mac Malware Techniques Evolved in 2023.
31% of desktop operating systems in the United States are macOS, the operating system developed by Apple for desktops and laptops. Furthermore, it is estimated that around 25% of organizations employ Mac devices in some capacity within their networks.
The cybercriminals have already taken notice.
LockBit, the most successful and deadly ransomware in history, was discovered to have a Mac variant in April 2023. LockBit ransomware, and its operators, which were responsible for at least 1,018 known attacks in the previous year, destroyed countless businesses, ruined numerous organizations, and, according to the US Department of Justice, generated over $120 million in revenue prior to its disruption by a coordinated law enforcement effort in February of this year.
Despite the fact that the LockBit variant for Mac was non-functional at the time of its discovery, the LockBit ransomware group stated that it was “actively being developed.” Thankfully, LockBit has been dealt tremendous setbacks this year, and the ransomware gang is likely more preoccupied with “avoiding prison” than with the development of Mac malware.
In a distinct development, the report identified a cybercriminal campaign in September 2023 that deceived Mac users into installing an inadvertent variant of malware capable of acquiring cryptocurrency, passwords, browser data, cookies, and files. The malicious software, referred to as Atomic Stealer (AMOS), was distributed via “malvertising,” a technique for delivering malware that exploits Google advertisements to redirect regular users to fraudulent websites that deceive users into downloading malicious software.
During the course of this campaign, users who conducted Google searches for the financial marketing trading application “TradingView” were occasionally directed to a malicious search outcome that exhibited complete authenticity: it contained a website bearing the TradingView logo, and download buttons were prominently displayed for Windows, Mac, and Linux.
Conversely, users who selected the Mac download icon were presented with AMOS.
A few months later, AMOS infiltrated Mac computers once more, this time via a delivery chain that had previously targeted Windows users more frequently.
The same organization also discovered AMOS being disseminated via the “ClearFake” malware delivery chain in November. Users are duped by the ClearFake campaign into installing an authorized web browser update. This has often resulted in numerous malicious prompts that imitate the branding and update language of Google Chrome. However, the most recent campaign took advantage of the default browser on Mac devices, Safari.
About The Author:
Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM. Naager entered the field of content in an unusual way. He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts. He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field. In the bottom line, he frequently writes for Craw Security.
READ MORE ARTICLE HERE