Cyberattacks on macOS-based systems are on the rise as cybercrimes are now more focused on targeted attacks. According to the 2020 State of Malware report by Malwarebytes, macOS malware detections have increased up to 31%. In addition, hackers have created at least two new strains of new malware targeting the latest M1 chips, indicating how desperately attackers are trying to penetrate Apple’s products.
Multiple malware targeting Apple's macOS and M1 Chip
Investigations suggest that the development of macOS malware has increased by 1,092% in 2020. And, a high volume of recent attacks on macOS suggests that attackers are still actively targeting macOS and other Apple products.
- A few days ago, some genuine Xcode projects were modified and infected by attackers with XcodeSpy malware that was used to spread the EggShell backdoor.
- Last month, a macOS malware Silver Sparrow had infected 30,000 mac devices. The malware had a component specifically compiled for the Apple M1 chip.
- A cryptocurrency mining campaign was discovered targeting macOS systems. The malware was tracked as OSAMiner.
- A Safari adware extension was revamped to run on the new M1 chips. The malicious extension GoSearch22 belonged to the Pirrit Mac adware family.
Along with direct attacks from malware threats, macOS is plagued with exploitable vulnerabilities and severe bugs which, when exploited, could cause severe damage.
A threat group was abusing an unpatched zero-day vulnerability in Webkit-based browsers. The attack was redirecting iOS and macOS users to malicious websites.
- A researcher showcased a proof-of-concept, in which he plugged a malicious USB cable into a MacBook to remotely trigger (via smartphone) the laptop to visit a malicious Google login webpage and gather the owner's password.
- A security researcher discovered a security flaw (CVE-2021-3156) in the Sudo app. This flaw impacts multiple operating systems such as macOS, Linux, and BSD.
- Apple patched a non-exploitable programming security flaw in macOS Big Sur operating system.
Recent attack trends indicate that cybercriminals are increasingly attempting to target and exploit Apple’s Mac computers and other products. Therefore, Apple users are recommended to actively think about adding additional layers of security on top of Mac’s default security layers, such as having an anti-malware and anti-spam solution on their devices.