Macs are not invulnerable! Confuse?
The Report Unmasking a Malware threat in MacOS
Malware Targeting MacOS is a Growing Concern for Cybersecurity
Apple frequently releases security patches to address vulnerabilities exploited by threat actors using social engineering and advanced techniques.
According to the BitDefender report, Mac users were targeted by three primary threats in 2022: Trojans, Potentially Unwanted Applications (PUAs), and Adware. It’s worth noting that Trojans made up the majority (51.8%) of the identified threats.
As macOS and iOS share common components such as the WebKit engine, spyware vendors are increasingly targeting Apple’s iOS. Hence, cyber threat actors are exploiting unpatched flaws and lax cybersecurity hygiene to attack Macs more efficiently.
Key Threats
- Mac users are targeted by three key threats: Trojans, Adware and Potentially Unwanted Applications (PUAs).
- Trojans are the biggest single threat to Macs, accounting for more than half of threat detections followed by PUAs and Adware.
- EvilQuest remains the single most common piece of malware targeting Macs at 52.7%.
- Trojans designed to exploit unpatched vulnerabilities present a real danger to users who typically postpone installing the latest security patches from Apple
with a 25.3% share, PUAs represent a quarter of “executable” threats to Macs. - 8% of PUA detections on Macs are crypto miners and 1% are jailbreak utilities.
- Trojans designed to exploit unpatched vulnerabilities present a real danger to users who typically postpone installing the latest security patches from Apple.
- Threats designed to infect Macs typically require victims to manually run an executable.
- Threat actors put effort into making malware packages look and feel like legitimate applications.
Top Cyber Threats Targeting Macs
Data gathered annually by Bitdefender shows that Mac users are mainly targeted by three key threats: Trojans, Adware and Potentially Unwanted Applications (PUAs). While named differently, these hazards share one trait: they require victims to manually run the threat, meaning their authors try hard to make their malware look like legitimate applications.
The most common Trojan families used to target MacOS in 2022 were EvilQuest (52.7%), followed by Generic Trojan (22.4%), Exploit (8.2%), Flashback (2.7%) and Empire (2.6%).
For extra visibility into the key threats making the rounds in the Mac ecosystem, these are the top 15 detections (designated as “families” of threats) aggregated from all three main categories (Trojan, PUA and Adware).
Some key findings:
- The ransomware-laden EvilQuest trumps every other threat on the board, scoring over 27% just by itself.
- In second place, Generic detections from all categories come together to account for some 23.9% of all file-based (executable) threats on macOS.
- Moving into the single digits, Adware leads the pack with considerable activity from the likes of Adload, Installmiez and Bundlore.
- Shellcode-centric Trojans, with a small 1% share, were the least-detected threat targeting Macs in 2022.
Speaking to Infosecurity, Bogdan Botezatu, Director of Threat Research at Bitdefender, said: “Threat actors are now building much more sophisticated malware creations, and many times target multiple OS platforms and architectures in the same attack. We expect the existing threats to evolve and become more refined with time.”
“While the bulk of the Mac badware used to revolve around greyware and potentially unwanted apps, the balance has tilted this year in favour of more potent Trojans. The EvilQuest malware, for instance, has been active since late 2020 and continues to perfect itself. This shows in the number of unique samples that kept coming since 2020, but it’s not just an increase in samples – it’s also an increase in the quality of malware,” he explained.
Also See – How To remove Mac Malware?
In report Conclusion
Apple’s ecosystem is often considered a “walled garden” protected from malware, although it faces fewer threats than Microsoft or Google’s ecosystems.
Despite common belief, Macs are still susceptible to malware. The perception of their safety often makes them attractive targets for attackers using advanced methods to breach their defenses.
How To Secure Your Mac?
Experts strongly recommend avoiding downloading software from unofficial sources like torrents and warez sites. It is also crucial to keep your operating system up-to-date with the latest version and apply the newest security patches to ensure device safety.
Bitdefender recommends that Mac users stay up to date with the latest OS version and always apply the newest security patches. Equally important, never download software from unofficial sources, like torrents and warez sites.
Previously, security researchers found macOS malware AMOS, capable of stealing your keychain Passwords, specifically targeting popular browsers like Firefox and Chrome.
