macOS malware

Ice Tea said:
www.theregister.com

Data-stealing Mac malware XCSSET returns with fresh tricks

Known for popping zero-days of yesteryear, Microsoft puts Apple devs on high alert
www.theregister.com www.theregister.com

It's not very often you see this type of thing so i thought it was worth posting.
Click to expand...
Given the uptick in demand for Apple devices over the years, Apple based malware/ransomware is rapidly increasing with it unfortunately; 20-25 new cases last year alone.
If you're remotely interested in Apple based malware/security then Patrick Wardle is always worth a follow on socials and similarly, his yearly round-up is always a good read - 2024's https://objective-see.org/blog/blog_0x7D.html.
 
Last edited:
visibleman said:
Given the uptick in demand for Apple devices over the years, Apple based malware/ransomware is rapidly increasing with it unfortunately; 20-25 new cases last year alone.
If you're remotely interested in Apple based malware/security then Patrick Wardle is always worth a follow on socials and similarly, his yearly round-up is always a good read - 2024's https://objective-see.org/blog/blog_0x7D.html.
Click to expand...
Cheers for that, I will check that out.
 
One thing I notice about (some) Apple users is that they still use old versions of macOS or iOS because they don't like the new versions but this means that they don't get all the security patches that are included with newer versions and puts them at high risk of being compromised.

It is the same with Linux and Windows. If you are not installing updates you are at very high risk.
 
Last edited:
Cromulent said:
One thing I notice about (some) Apple users is that they still use old versions of macOS or iOS because they don't like the new versions but this means that they don't get all the security patches that are included with newer versions and puts them at high risk of being compromised.

It is the same with Linux and Windows. If you are not installing updates you are at very high risk.
Click to expand...
Someone wanted to run a 2012 Mac mini server in our data centre, one that had been sitting on a LAN previously with the team’s iMacs and accessed with no share permissions. OS out of final support over 5 years ago too.

Nope, not letting that happen. Took a bit of an argument to resolve, but it didn’t get connected.
 
Cromulent said:
One thing I notice about (some) Apple users is that they still use old versions of macOS or iOS because they don't like the new versions but this means that they don't get all the security patches that are included with newer versions and puts them at high risk of being compromised.

It is the same with Linux and Windows. If you are not installing updates you are at very high risk.
Click to expand...
If a version MacOS is still receiving security updates then i don't see any issue. Plus, it's worth noting that a vulnerability in one major, say 15 (Sequoia), may not affect another, like 13 (Ventura), which is why you'll see patches/fixes in a security update for one (major) version and not another.
Obviously if it's EOL on security updates then you're pretty much on your own.

To be honest, a bigger issue is Apple users believing in the age old adage that they're devices are somehow better secured against malware/ransomware/vulnerabilities than other devices/platforms. This is complete BS and has been for a while; you still need to be as vigilant as if you were using anything else.
 
visibleman said:
To be honest, a bigger issue is Apple users believing in the age old adage that they're devices are somehow better secured against malware/ransomware/vulnerabilities than other devices/platforms. This is complete BS and has been for a while; you still need to be as vigilant as if you were using anything else.
Click to expand...

I find this a fascinating topic :)

Like yourself, I also feel that the bigger issue is this belief that macOS is somehow 'immune' to malware as it certainly isn't, however the mechanism for said malware getting onto the system in the first place still seems very much to be user initiated after clicking mindlessly through several "I wouldn't if I were you" prompts, again most likely attributed to the belief that there's nothing out there that can harm them.

macOS has a number of built in mechanisms to help mitigate against this but a zero-click or zero-day is still the biggest threat as, with the exception of something such as a firewall blocking the outbound connection back to the C2C or BlockBlock preventing it installing a mechanism for persistence, these are extremely difficult to defend against.

On the flip side though..I also feel that just because someone is using an EoL version of macOS it doesn't mean they're going to be compromised within seconds of them going on t'interwebs with it, again especially if you're savvy and you're able to use a still supported browser (Firefox ESR on High Sierra or Mojave for example). I still have a mid-2010 Mac Pro running High Sierra / Mojave for the 32bit support :) Not saying I would go as far as using it for banking but I do general browsing with it.
 
You must log in or register to reply here.
Back
Top Bottom