In the past year, several macOS malware examples surfaced that once again show that Apple’s operating systems are better protected from attacks than Windows, but are not immune. For the sixth time in a row, security researcher Patrick Wardle publishes perform of all the new malware for Mac that emerged during the year. In 2021, it was replenished with eight new positions.
Wardle’s List is designed to provide security professionals with a deeper understanding of malware targeting macOS. The researcher determines the infection methods, installation mechanisms, purpose and other characteristics of the malware. His work is especially important as corporate usage of Apple devices has increased 76%, according to surveys.
According to Wardle, there were eight new malware samples targeting macOS in 2021. These include ElectroRAT, a cross-platform remote access Trojan that was first discovered last January; Silver Sparrow – a tool that targets the Apple M1 chip directly; cross-platform password thief XLoader and OSX.CDDS or MacMa – spyware that is credited by government agencies. Each of the viruses was discovered by different cybersecurity companies.
Other malicious products that Wardle described in the 2021 list include XcodeSpy, which targets Xcode developers with a backdoor called EggShell; ElectrumStealer, a cryptocurrency mining tool that Apple accidentally digitally signed; WildPressure, a cross-platform Python backdoor discovered by Kaspersky Lab and ZuRu, is a data theft tool that spreads through advertising in search results on the Chinese search engine Baidu.
The macOS malware discovered in 2021 can be divided into several categories: cryptominer, adware downloaders, data thieves and Trojans.
Security researchers point out that there is still a misconception that, unlike Windows computers, Macs are virtually immune to malware infection. Apple computers have some security advantages, but these have become insignificant recently. This is because malware is increasingly targeting the browser rather than the operating system. Cyber criminals are increasingly creating cross-platform, operating system-independent applications.
According to security researchers, attackers demonstrated their knowledge of the macOS structure in 2021 and put much greater effort into creating malware that targeted Apple devices. You have actively searched for zero-day vulnerabilities and successfully exploited them. It should be noted that this trend requires companies to pay more attention to computers running macOS. Cybersecurity teams need to start aligning their technical knowledge of Apple platforms with that of other platforms in order to identify malicious behavior and attacks.