Jaron Bradley, MacOS Detections Manager at Jamf, says one of the most notable developments on the Mac threat landscape in 2021 was the significant amount of effort that threat actors put into attacking Macs. In addition, he says, malware developers are increasingly creating cross-platform applications independent of the operating system.
“Macs do have some security advantages, but these are becoming less significant because of two trends: malware is increasingly targeting browser plugins, not the underlying OS,” he adds.
Whatsapp for mac malware windows#
That sentiment is largely a reflection of the current market share, where Windows still dominates. “There is still a lingering misperception that Macs are inherently more secure than Windows systems, because of the raw numbers of attacks,” Leichter says. Willy Leichter, CMO at LogicHub, says the biggest Mac malware threats of last year fell under a handful of categories: cryptominers such as ElectroRAT and OSAMiner adware loaders such as Silver Sparrow information stealers such asXloader and Macma and cross-platform Trojans such as WildPressure. The other malware samples Wardle listed in his round-up were XcodeSpy, which targeted Xcode developers with a backdoor called EggShell ElectrumStealer, a cryptocurrency mining tool that Apple inadvertently signed digitally WildPressure, a cross-platform Python backdoor that Kaspersky found targeting industrial companies in the Middle East and ZuRu, a data-stealing malware tool that spread via sponsored search results on Baidu and installed the Cobalt Strike agent on compromised systems. Based on the quality of the payload code, Google assessed the malware to be the work of a well-resourced and likely state-backed threat actor.
The researchers discovered the attackers exploiting a zero-day privilege escalation vulnerability ( CVE-2021-30869) in macOS Catalina, to drop the MacMa backdoor. (OSX.CDDS) when investigating sophisticated watering hole attacks targeting visitors to the Hong Kong websites of a media outlet and a pro-democracy group. Members of Google’s threat analysis group discovered MacMa Researchers from Check Point who uncovered XLoaderĭiscovered it to be a version of a well-known information stealer called Formbook that had been rewritten for macOS. The security vendor said some 29,139 Mac endpoints had been affected by the malware installer, which however, carried no payload. Red Canary reported Silver Sparrow last February as a binary compiled specifically to run on Apple’s then-new M1 chips. At the time, the company described ElectroRAT as a rare example of a malware tool that had been developed from scratch and was used to target Windows, Linux, and macOS environments. Intezer,įor instance, uncovered ElectroRAT when investigating a wide-ranging cryptocurrency operation in January 2020.
Whatsapp for mac malware password#
Among them are ElectroRAT, a cross-platform remote access trojan that emerged last January Silver Sparrow, a malware tool specifically targeted at Apple’s M1 chip launched last year XLoader, a cross-platform password stealer and OSX.CDDS or MacMa, a macOS implant likely developed by a nation-state actor.ĭifferent antivirus and security firms discovered each of the malware samples. Wardle’s list is comprised of eight new malware samples that surfaced in 2021 and target macOS. Fifty-three percent reported that requests for Apple devices at grown at their organization over the same period. A survey of 300 IT professionals, commissioned by mobile device management vendor Kandji last year, showed Apple device use had grown at 76% of organizations over the past two years. His list is designed to give security professionals a better understanding of threats targeting macOS at a time when the technology has begun making inroads into the enterprise - propelled largely by remote workers. A sample of each new Mac malware sample that surfaced last year is available on his website. For each malware sample, Wardle identified the malware’s infection vector, installation and persistence mechanisms, and other features, such as the purpose of the malware. A handful of malware samples that emerged in 2021 demonstrated once again that Apple’s technologies, while less prone to attack and compromise than Windows systems, are not invulnerable.įor the sixth year in a row, security researcher Patrick Wardle has released a list of all the new Mac malware threats that emerged over the course of a year.