Apple users use to have huge bragging rights. They could sit back and watch smugly while Windows users updated antivirus, performed malware scans and panicked when it found something. Oh how times change!
It seems now malware programmers have found ways to attack Apple devices they are producing multiple ways to do it. According to Kaspersky Labs, attacks on OS X and iOS have increased by 3,600% over the past five years. It is a trend that is as annoying as it is threatening and shows no signs of stopping anytime soon.
OS X threats
There has been two high profile malware attacks on OS X over the past couple of years. One was FileCoder which didn’t perform as well as the programmers had hoped, thankfully. The second is KeRanger which was detected only last month. KeRanger is ransomware that encrypts a Mac and forces the owner to pay a fee to access the unlock code.
Vulnerabilities in Flash and Java also provide a potential door into OS X, as can infected websites and Trojans. While we have only mentioned two specific malware types, there are apparently many hundreds more.
iOS threats
The iPhone and iPad are so popular that any coder worth their keyboard would want to find a way to make trouble for them. While technically more secure than OS X, if it has been programmed, it can be scammed.
The first identified malware attack on iOS happened last year with the discovery of XcodeGhost. XcodeGhost was found hidden within a number of apps in the Apple App Store. It was designed to siphon confidential data such as Apple IDs and iCloud credentials from iOS devices and send it back to a master server.
Earlier this year, Palo Alto Networks found a Trojan designed to exploit Apple FairPlay DRM. It allowed fake Apple apps to appear legitimate and safe while containing a malware payload.
The iOS 9.3 update specifically addressed a vulnerability that allowed third parties to intercept iMessages and decrypt them. While Apple works quickly to address issues, offer updates or remove infected apps from the store, it is always playing catch-up.
Apple users now need to consider themselves as vulnerable as Windows users. While publicised incidents are few, we know there are more undetected threats out there. IT admins with OS X and iOS devices in their estate need to build in more security and awareness. IT managers need to create policies to address these emerging threats and educate users who think they are safe.
If you’re looking for a partner who can help manage and protect your company’s IT, contact Excalibur today. We can help!
