August 2023 - macOS Malware Shows Apple Devices Aren’t Exempt From Threats

It’s never safe to assume anything in cybersecurity. For example, since most malware attacks have traditionally targeted Windows Devices and Environments, you may have held the belief that Apple devices are not at risk or aren’t a top priority for cybercriminals. For a while this seemed to be the case as Apple Macs were rarely targeted with malware. However, this appears to be the lack of corporate adoption and minimal use of Macs instead of a “macs don’t get malware” reality.

This line of thinking is not only dangerous but it is also incorrect. Malware targeting macOS devices has been popping up with more consistency recently, and it is why it’s vital for security professionals to stay on top of these threats.

Earlier this year, macOS malware was discovered by Microsoft. This strain of malware, which Microsoft called “Migraine,” gave attackers with root access the ability to automatically bypass System Integrity Protection in macOS and perform arbitrary operations on a device.

Microsoft shared its findings with Apple, and the latter responded by addressing this issue in a security update in May.

But that doesn’t mean that the malware threat facing macOS devices was suddenly solved.

The LockBit ransomware group developed a version of its malware for macOS devices, marking the first time a major ransomware gang specifically targeted Apple’s computers.

Another form of hidden virtual network computing malware targeting macOS was discovered on the Russian dark web forum Exploit.

The hVNC malware allows cybercriminals to gain and maintain unauthorized access to their target’s Mac computer. It manages to do so without requesting permission from users, and intentionally conceals its presence, making it a challenge for small and medium enterprises to detect it.

And a Mac-specific variant of the XLoader malware was involved in cases in nine different countries, including the U.S., India, Spain and Singapore.

Cybercriminals are both retrofitting Windows malware for macOS devices and creating brand new strains of malware targeting these machines.

The days where you could say macOS was safe from malware are long gone, and perhaps they were never truly there in the first place.

Security professionals need to understand that macOS devices are no different than any other devices. They can be compromised with malware or could be at the center of a ransomware attack.

It’s important to implement proper endpoint protection controls that include antivirus and antimalware features and to ensure all software is kept up-to-date.

Do not allow anyone in your organization to download unknown and potentially dangerous applications and stay up-to-date on the potential threats that may face your macOS machines.

As Macs continue to gain popularity in the corporate environment, macOS malware has become an increasingly targeted Operating System. You should not treat this as a temporary trend. It’s more than likely that cybercriminals will continue to refine their malware techniques and continue to have success breaching these machines.

By getting a head start now preparing your organizations, you can save yourself a lot of headaches down the line.