Changing threat landscape for MAC devices
People are very fond of Apple devices as their approach in designing devices is fundamentally different from other companies. Besides, its exclusive security features compel people to choose Apple products. Most of us believe that Macs don’t get viruses and it is extremely safe when compared to other devices, but allow me to say that it is just a myth and even Macs are susceptible for Malware attacks. Naturally, a question arises that do Macs need antivirus software? Macs are inherently secure with its in-built antivirus software, but after noticing various flaws and attacks, users are highly concerned with the changing threat landscape of Mac devices.
Normally, when compared to other devices, Macs are safe and secure, and there are many reasons why Macs are considered as the most secure PCs. Malware writers are less likely to target Mac users as they get a smaller market share when compared to Windows. Besides, it is a fact that the Mac operating system is Unix-based, and this OS have in-built security features. Added to this, Apple has also included various security features, which makes the device safer. One such security feature is the Gatekeeper, which blocks the software that are not digitally signed and approved by the Apple. In spite of having wonderful security features, there are still some flaws that make Macs susceptible for hacking.
Xagent: This malware is capable of stealing user passwords, capture the screen shots, and get hold on the backup stored on your Mac. According to the Bitdefender report, the evidences point out that this Malware is created by APT28 cybercrime group. This Malware can scan the infected system for hardware and software configurations as well as run additional files.
MacDownloader: This Malware, found in February 2017, runs a fake Adobe Flash update. When the installer run the update, you will get an alert claiming that there is an Adware in the Mac and you will be forced to click on “remove” button and when you enter the password, the Malware attempts to transmit the data including your keychain (usernames, passwords, PIN’s, credit card details) to a remote server. Fortunately, the threat has been dissipated. The remote server, which the MacDownloader tries to connect, is offline. This Malware is thought to be created by Iranian hackers targeting the US defence industry.
Word Macro Virus: We all are aware of macro programs embedded in various applications such as Microsoft Office, Excel and PowerPoint. When these documents are sent over mail and opened in other systems, the macros run automatically.
Recently, Word Macro Virus has been noticed and if the infected file is opened with macros enabled (although, it doesn’t happen by default), it will attempt to run a python code, which theoretically perform functions such as keyloggers and also takes screenshots. Besides, this virus even allows hackers to access webcam. Fortunately, the chances being affected from this virus are very less unless you received a document from unknown sources containing macros and opened it.
KeRanger: It is a Ransomware which Mac users experienced for the first time in March 2016. Once the user installs the infected apps, the KeRanger waits for three days before connecting to command and control servers. The Malware then start encrypting various documents and data files present in the system. Once the encryption process is completed, it demands the victims to pay one bitcoin to retrieve their files. As soon as the Malware was found, Apple updated its XProtect antivirus signature and the Transmission Project removed the infected apps.
It has been clear that none of the devices are safe and the in-built security of the Mac is not sufficient to mitigate the risks. Hence, it is time for Mac users to have additional layers of safety that can protect them from malware. Besides, users should be careful while downloading updates or any apps from the store. As the proverb says, a stitch in time saves nine, a research about the update or checking out the details of an app before installing can protect users in a long run.