Security Bite: Mac Malware wreaking the most havoc in 2024

Share via:


It is a long-standing misconception that Macs are impervious to malware. This has never been the case. And while Apple might secretly hope people continue the preconceived notion, Mac users continue to be caught off guard by cybercriminals whose attack methods are becoming increasingly sophisticated. Below, you’ll find the most common macOS malware strains in 2024…


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


It’s increasingly clear that 2024 could prove to be an even more challenging year for Mac security. Looking back at 2023, at least 21 new Mac malware families were detected in the wild, a 50% increase year over year. Moreover, Patrick Wardle, founder of Objective-See, told Moonlock Labs that the number of new macOS malware specimens increased by about 100% in 2023 with no signs of a slowdown.

Phil Stokes, security researcher and blogger at leading cybersecurity firm Sentinal One, recently shared a ranking of the popularity of common macOS malware in 2024. From the chart below, ransomware, trojans, and backdoors continue to dominate.

Atomic Stealer (AMOS) is a widespread infostealer malware discovered in early 2023. Once installed, it quietly targets iCloud Keychain passwords, a user’s system password, cookies, and credit card details from various browsers. It can also compromise crypto wallets, including Atomic, Binance, Exodus, Electrum, MetaMask, and more, as reported by my colleague Michael Potuck.

Phil Stokes’s Twitter/X thread links to deeper dives into each of the top 10. I highly encourage you to check that out!

Rising Mac malware attacks, what gives?

It’s no secret that malware specifically designed and made for Mac is growing exponentially, and Apple is aware of this. Last month, the company added 74 new Yara detection rules to macOS, the most I’ve ever seen. These help prevent malware from executing or spreading by checking for specific patterns that match known malware signatures or behaviors.

So, why is Mac becoming more targeted? Here’s what I’m gathering.

Macs are rising in popularity, both for personal and business use. With this, they’re losing their strength in low numbers and becoming a more attractive target for cybercriminals.

Moreover, the rise in malware-as-a-service (MaaS) is also a big contributor. For the first time in the history of the Internet, any Joe Shmoe can download and launch different types of attacks aimed at individuals and/or companies. MaaS platforms make it easier for attackers to target macOS users without needing programming knowledge. These attacks are also scary inexpensive to carry out.

Ways to protect yourself in 2024

  1. Keep your device up-to-date: Whether it’s an iPhone, Mac, or iPad, everyone should first keep macOS up-to-date with the latest security patch goodness. This will address known vulnerabilities that malware can exploit. Note: Apple will push new Yara rules automatically. More on that here.
  2. Use antivirus software: This is important for scans and prevention. I recommend using Malwarebytes, which provides a free app for individuals that can detect and remove possible threats. Additionally, there’s Intego and CleanMyMac X, which now includes a malware removal tool powered by its MoonLock service.
  3. Exercise caution when clicking: Don’t be stupid, stupid. Email continues to be the most popular vertical for malware. Minimal effort for criminals, maximum success. 9% of phishing attacks were successful in 2023, up 1% in 2022, according to Jamf. As you know, exercise caution when clicking any links and opening attachments.
  4. Enable firewall: Enabling your Mac’s firewall is the best way to prevent the acceptance of unauthorized applications and services. You should configure this accordingly.
  5. Use strong (unique) passwords: Your name twice, followed by an exclamation, is not okay.
  6. Enable disk encryption: On Mac, this is called FileVault and will encrypt all user data saved to disk on the fly. This will keep sensitive information safe in case your device is lost or stolen. According to Jamf’s report, this was disabled on 36% of client devices.
  7. Limit user privileges: It is important to restrict user privileges to prevent unauthorized installation of software and to limit the potential impact of malware infections. See how to limit privileges on Mac here.

More in this series

Follow Arin: Twitter/X, LinkedIn, Threads

Read more: Security Bite: Mac Malware wreaking the most havoc in 2024

FTC: We use income earning auto affiliate links. More.





Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

Security Bite: Mac Malware wreaking the most havoc in 2024


It is a long-standing misconception that Macs are impervious to malware. This has never been the case. And while Apple might secretly hope people continue the preconceived notion, Mac users continue to be caught off guard by cybercriminals whose attack methods are becoming increasingly sophisticated. Below, you’ll find the most common macOS malware strains in 2024…


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


It’s increasingly clear that 2024 could prove to be an even more challenging year for Mac security. Looking back at 2023, at least 21 new Mac malware families were detected in the wild, a 50% increase year over year. Moreover, Patrick Wardle, founder of Objective-See, told Moonlock Labs that the number of new macOS malware specimens increased by about 100% in 2023 with no signs of a slowdown.

Phil Stokes, security researcher and blogger at leading cybersecurity firm Sentinal One, recently shared a ranking of the popularity of common macOS malware in 2024. From the chart below, ransomware, trojans, and backdoors continue to dominate.

Atomic Stealer (AMOS) is a widespread infostealer malware discovered in early 2023. Once installed, it quietly targets iCloud Keychain passwords, a user’s system password, cookies, and credit card details from various browsers. It can also compromise crypto wallets, including Atomic, Binance, Exodus, Electrum, MetaMask, and more, as reported by my colleague Michael Potuck.

Phil Stokes’s Twitter/X thread links to deeper dives into each of the top 10. I highly encourage you to check that out!

Rising Mac malware attacks, what gives?

It’s no secret that malware specifically designed and made for Mac is growing exponentially, and Apple is aware of this. Last month, the company added 74 new Yara detection rules to macOS, the most I’ve ever seen. These help prevent malware from executing or spreading by checking for specific patterns that match known malware signatures or behaviors.

So, why is Mac becoming more targeted? Here’s what I’m gathering.

Macs are rising in popularity, both for personal and business use. With this, they’re losing their strength in low numbers and becoming a more attractive target for cybercriminals.

Moreover, the rise in malware-as-a-service (MaaS) is also a big contributor. For the first time in the history of the Internet, any Joe Shmoe can download and launch different types of attacks aimed at individuals and/or companies. MaaS platforms make it easier for attackers to target macOS users without needing programming knowledge. These attacks are also scary inexpensive to carry out.

Ways to protect yourself in 2024

  1. Keep your device up-to-date: Whether it’s an iPhone, Mac, or iPad, everyone should first keep macOS up-to-date with the latest security patch goodness. This will address known vulnerabilities that malware can exploit. Note: Apple will push new Yara rules automatically. More on that here.
  2. Use antivirus software: This is important for scans and prevention. I recommend using Malwarebytes, which provides a free app for individuals that can detect and remove possible threats. Additionally, there’s Intego and CleanMyMac X, which now includes a malware removal tool powered by its MoonLock service.
  3. Exercise caution when clicking: Don’t be stupid, stupid. Email continues to be the most popular vertical for malware. Minimal effort for criminals, maximum success. 9% of phishing attacks were successful in 2023, up 1% in 2022, according to Jamf. As you know, exercise caution when clicking any links and opening attachments.
  4. Enable firewall: Enabling your Mac’s firewall is the best way to prevent the acceptance of unauthorized applications and services. You should configure this accordingly.
  5. Use strong (unique) passwords: Your name twice, followed by an exclamation, is not okay.
  6. Enable disk encryption: On Mac, this is called FileVault and will encrypt all user data saved to disk on the fly. This will keep sensitive information safe in case your device is lost or stolen. According to Jamf’s report, this was disabled on 36% of client devices.
  7. Limit user privileges: It is important to restrict user privileges to prevent unauthorized installation of software and to limit the potential impact of malware infections. See how to limit privileges on Mac here.

More in this series

Follow Arin: Twitter/X, LinkedIn, Threads

Read more: Security Bite: Mac Malware wreaking the most havoc in 2024

FTC: We use income earning auto affiliate links. More.





Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

ICAI Says Probe Into Alleged Audit Lapses At BYJU’S...

SUMMARY ICAI president Ranjeet Kumar Agarwal has revealed that...

MobiKwik Shares Surge 12.5% To INR 549.80 

SUMMARY The broader benchmark indices showed recovery today with...

Ranjita Ghosh: Wipro elevates Ranjita Ghosh as new global...

Indian IT major Wipro on Monday announced the...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!