McAfee Labs VP Vincent Weafer said the increase can be partially attributed to hackers setting their sights beyond Windows targets. More people are using multi-platform environments in their homes and businesses, he explains, and attackers are taking advantage.
“The more that happens, the more hackers will ensure their attacks work on various systems,” he says. “It’s a natural extension of how they look at the market and their victims.”
Cyber criminals are expanding their campaigns onto other platforms, going from Windows to Mac OS, iOS, and Android. While PCs remain the target of choice for large attack campaigns, the report shows that they are using the same types of attacks on a smaller scale for different platforms.
“No platform is immune to attackers,” Weafer says. “Attackers are taking the time to make their threats multi-platform.”
The biggest driver behind the 247% growth in Mac OS malware was OSX/Bundlore. Bundlore is an installer that combines legitimate apps with offers for third-party apps users may not want. These third-party apps are usually installed by default but may present an “opt-out” option either during or following installation.
Much of the Mac OS malware variants follow patterns similar to malware on PCs. Attackers are going after credentials, banking information, and access into organizations. They’re using misleading applications, remote access programs, information theft, and ransomware, which saw a large expansion onto Mac platforms last year as well.
In speaking with Jeremy Murtishaw, Fortify 24×7’s CTO, he noted that “The higher numbers of Apple malware identified in Q4 2016 will go down and is only about 1% of the Windows malware volume. We believe the spike is short-term but malware is increasing with more attacks on Macs, Windows PCs, Android, and iOS devices. The technology landscape is evolving rapidly and we need to think about the security of all these systems. Malware will continue to evolve as the Internet of Things (IoT) grows and more devices, including cars, cameras, TV’s, home appliances and drones become connected.”
“The rise in Mac based malware doesn’t mean that you should rethink your compute platform strategy. Solid security practices are still the key to protecting your environment regardless of which OS you deploy for your organization. At a minimum every organization should be implementing endpoint security software, keeping all applications current, having a solid data storage/backup strategy and an enforced password policy” continued Murtishaw.
McAfee’s report also includes insight on Mirai, the botnet that exploited poorly secured IoT devices in October 2016 to launch the largest-ever DDoS attack. In the six months since then, Mirai has infected about 2.5 million IoT devices, McAfee discovered. About five IP addresses are added to Mirai botnets every minute.