Image
Is Apple Losing Its Grip?
According to statistics, Mac malware increased by 270% in 2017 compared to 2016. To top that off, four brand new Mac threats were detected only in the first two months of 2018. Previous numbers revealed similar growth: AV-TEST security report for 2016/2017 indicated that Apple systems saw three times more attacks compared to past years. The crumbling privacy of iOS apps also adds up to the controversy of Apple’s state of security. Apparently, iOS apps have been used to covertly collect location histories from tens of millions of Apple devices, via packaged code that belongs to data monetization companies. The story goes that GuardianApp experts unearthed that these apps “present a plausible justification relevant to the app in the Location Services permission dialog, often with little or no mention of the fact that location data will be shared with third-party entities for purposes unrelated to app operation”. Multiple security reports reveal that Mac users, in particular, are increasingly targeted by Trojans, adware, and potentially unwanted programs (PUPs), and even cryptomining malware and ransomware. This makes it imperative for Mac users to be armed and prepared to detect and remove macOS malware in all its forms. So, what are the most widespread mac viruses in 2018?Scams Such As “Apple wants to make changes”
Image
Potentially Unwanted Programs Such As Advanced Mac Cleaner
Image
Browser Hijackers Such As Search.fastsearch.me
In short, Search.fastsearch.me is a website that features a hoax search engine in an attempt to trick affected users into visiting as much sponsored content as possible. This could be explained by the fact that its owners gain revenue for each visit of an ad generated by their website. The website also displays a typical browser hijacker behavior. What does this mean? It is designed to apply unwanted changes to browser settings. This would happen immediately after its configuration files are started on the targeted Mac device.Trojans Such As OSX.Calisto Trojan
The OSX.Calisto Trojan was detected by Symantec researchers in July. The Trojan is designed to harvest information from infected Macs, take screenshots and also steal passwords and various files from users. The Trojan is designed to uninstall the DMG component on the compromised Mac, and after this is done, it will establish remote access to the compromised computer. Remote access allows the malware operators to perform the following actions:Enabling remote login; Enabling screen sharing; Adding permissions; Adding remote login to all users; Adding its own account on the device.
Complex Adware Threats Such As OSX.Pirrit
Pirrit Adware (Adware.Pirrit, Adware: Win32/Pirrit) was first discovered in 2014 when it was plaguing Windows systems. The adware was later equipped with a variant specifically created for Mac. Interestingly enough, the Mac variant, OSX.Pirrit appeared to be more complicated than the Windows version, displaying complex malicious behavior. The advanced adware didn’t just flood the victim’s browser with ads but could also obtain root access to the operating system. Despite the complex code, the operators of the adware made a mistake - they left something important (and traceable) behind. They forgot to sanitize the tar.gz archive, one of the archives dropped by OSX.Pirrit. The archive is a Posix format, meaning that it contained all of the file attributes (such as owners and permissions) within the archive in the same form they were created. This helped the researchers locate the user name of the person who created the archive. The analysis led to an Israeli advertising company, TargetingEdge, believed to be behind the OSX.Pirrit’s operations.Image
