HackDig : Dig high-quality web security articles for hacker

Mac Not Safe from Malware

2015-07-29 07:40

According to a June 2015 OPSWAT report, only half of all Apple Macintosh users have an antivirus program installed; of those,  only 35%   have it turned on. This effectively leaves only 1 in 6 Macs actively protected by an antivirus program.



One takeaway from these numbers is  is that Mac users view their operating system as inherently “safer”, and see less value in the active protection provided by an antivirus program.. However, this view is flawed. Mac devices have been considered safer once upon a time, but that is no longer the case. According to Kaspersky Labs, there were 1,800 samples for OS X in 2014 alone, up from 1,700 samples the previous year, showing that Mac-specific malware is indeed growing .  Malwarebytes, the maker of a  popular malware removal tool for Windows,  recognized this trend and, after 7 years of existence, released a Mac malware removal tool 2 weeks ago.


In the last two years, there has been a proliferation of new Mac adware like Genieo, Conduit, and VSearch that injects ads and pop-up hyperlinks in web pages, changes a user’s homepage and search engine, and inserts unwanted toolbars into the browser.  

Also, 2014 brought us new families of Mac Malware: Ventir, WireLurker, XSLCMD.

Ventir, discovered in October of last year, contains a keylogger, trojan and a backdoor.  The keystroke logger makes use of an open source software package freely available from GitHub, called LogKext. It appears that Ventir is similar to OSX/Crisis malware.

XSLCMD, discovered last September, is a backdoor that targets the Mac OS platform. It contacts a remote server to receive commands for executing on the infected system, then  sends out information about the targeted system. It may log users’ keystrokes, take screenshots, steal documents, execute shell commands and more. The malware creates a plist file to survive system reboots.

WireLurker was used to trojanize 467 OS X applications on the Maiyadi App Store, a third-party Mac application store in China. In the past six months, these 467 infected applications were downloaded over 356,104 times and may have impacted hundreds of thousands of users. WireLurker is able to attack iOS devices through OS X via USB and to install third-party applications on non-jailbroken iOS devices through enterprise provisioning. Three individuals in China (Wang, Lee, Chen) were arrested for the suspicion of creating and distributing the WireLurker malware, they were taken into custody on Thursday November 13, 2014.



How can you protect your Mac OS system against these threats? We recommend using the Mac App Store to install your applications whenever possible. These applications have been verified by Apple and should be just fine to use, and most likely  won’t come with any bundled adware. Here is how to configure this: Head to System Preferences -> Security & Privacy, click the Lock icon at the bottom, and then flip the setting over to Mac App Store instead of the default.




Apple device adoption at the enterprise level makes OS X an attractive target. The popular mantra “Macs do not get viruses” incorrectly continued for too long,causing the lag in adoption of Mac antivirus software.  As malware and phishing attacks become targeted, more sophisticated, and easier to carry out, Mac users can no longer rely on hackers to ignore the smaller OS X market share. We will dig deep into MAC malware attacks and describe in-the-wild Mac trends in our upcoming Malware’s Most Wanted webinar “Mac Not Safe from Malware” on Thursday, July 30, 2015. Register here.

The post Mac Not Safe from Malware appeared first on Cyphort.

Source: /erawlam-cam/moc.trohpyc.www

Read:1752 | Comments:0 | Tags:Uncategorized

“Mac Not Safe from Malware”0 Comments

Submit A Comment



Blog :

Verification Code:


Share high-quality web security related articles with you:)


Tag Cloud