Macs are also under attack ...
Bitdefender Labs has analyzed global data on the threat situation for macOS systems. The result shows that Apple hardware is targeted by cybercriminals, but to a lesser extent than Windows devices. For hackers, the more widespread Windows or Android devices are more attractive. macOS hardware is therefore not safe per se.
Cybercriminals do not attack Macs as often as they do Windows computers, for example. After all, the latter are still more widespread. According to the figures from the experts at Statcounter, Microsoft still dominates the desktop market with a share of 63% compared to 18% macOS. The larger attack surface causes the greater activities of hackers in the Microsoft environment.
Nevertheless, macOS environments are not a blind spot for malware actors. Apple felt compelled to proactively close vulnerabilities, Bitdefender writes. Hackers would use social engineering and automated spray-and-pray techniques to attack Mac users. At the same time, professional spyware vendors would attack Apple iOS hardware. According to Bitdefender, iOS and macOS systems share many key components, including the WebKit web rendering engine. Apple has also released security updates for such critical gaps. At the same time, attacks against macOS hardware are becoming more efficient. Careless updates and poor cybersecurity hygiene on the part of Mac users, who are in no way inferior to other users here, would make criminal work easier.
Trojan risk factor
Trojans attack systems that have not been updated, where hackers encounter unpatched vulnerabilities. A lack of update discipline is responsible for the concrete danger. At the same time, attackers used the usual and well-known mechanisms of social engineering via spam, phishing or social media, malvertising or manipulated file downloads via torrent or warez websites. Attacks designed for Macs typically require the victim to manually launch an executable file. That's why they put a lot of emphasis on making their malware appear like a legitimate application, Bitdefender explains.
Potentially unwanted applications
Every fourth threat is a PUA (Potentially Unwanted Applications), he said. The PUAs - be it just annoying or dangerous - would be distributed by hackers as freeware, repackaged applications or utilities (remote administration, system cleanup, supposed virus scanners, energy-saving apps, and disk space management), all of which had hidden functionalities for recording data or cryptomining. 8% of the PUAs were cryptominers.
Users should not assume that their macOS hardware is safe. It is only attacked less frequently. A dedicated cybersecurity solution is necessary for Apple users, as well as strict update discipline and attention to suspicious content. Downloading from unofficial download channels like torrent or warez should be a taboo, Bitdefender emphasizes.
The full report is available for download here
