Adware remains the largest blot in the Mac threat landscape
In early 2020, analysts at Malwarebytes reported a dramatic spike in the distribution of Mac threats. The security firm’s solutions had detected a fourfold year-over-year increase in malicious apps tailor-made to run on macOS machines. Back then, these unsetting statistics eclipsed the state of things in the Windows threat ecosystem, but there was an important nuance worth emphasizing.
Mac cryptominer uses offbeat anti-analysis tricks to stay undetected
Analysts at cybersecurity firm SentinelOne have recently shed light on a long-running macOS cryptomining malware strain codenamed OSAMiner. These would have been garden-variety findings if it weren’t for the fact that the infection has been playing a hide-and-seek game with researchers since around 2015. Its uniqueness stems from the use of what’s called run-only AppleScript files to download and execute the dodgy components.
Apple enforces new rigid app privacy requirements
Apple has made a bold move to pull the plug on app makers’ privacy foul play. The new rules now in effect require that every developer provides a clear-cut summary of what types of data their products collect. This is expected to raise users’ awareness of the potential privacy roadblocks they may hit down the road when using a particular application.
Unencrypted Gatekeeper data puts Mac users’ privacy at risk
Apple’s terrific track record of keeping macOS safe from malicious apps is a double-edged sword. Recent findings of security enthusiasts about a Gatekeeper quirk demonstrate that the trade-off between security and privacy is a nontrivial one. Before elaborating on this issue further, let’s recall what this feature is intended to do in the first place. When a user tries to run an app, it checks the code against a database of known-harmful software.
Vietnamese state-sponsored malware campaign targeting Macs
The unorthodox Mac malware strain with backdoor capabilities has code overlaps and shares some behavior patterns with earlier threats distributed by the OceanLotus Advanced Persistent Threat group. Also referred to as APT32, this gang is considered to have a connection with the Vietnamese authorities. It has been previously spotted in plots aiming to perpetrate industrial espionage attacks...