Apple have carefully crafted an image of Macs being at low risk from malware – but this is no longer the case.
Testifying during the Apple vs. Epic lawsuit, Apple’s Senior Vice President of Software Engineering Craig Federighi said: "Today, we have a level of malware on the Mac that we don’t find acceptable." Federighi added that 130 types of malware had been found targeting Macs in the past year. The misconception that Macs don’t get viruses has been blown apart over the last few years, with one estimate suggesting that one in ten devices are affected. As macOS continues to grow, cybercriminals are increasingly seeing Macs as an opportunity.
The XCSSET malware can be used by to overtake a user’s browser and access personal information, including passwords and bank details, and take screenshots. The method of infection is Xcode projects downloaded by the user. If the infected projects are opened, the malicious code will run on the Mac. XCSSET can also spread via infected apps, so non-developers who don’t have Xcode installed can also become infected, meaning developers can unwittingly become distributors of the malware.
Kaspersky listed the Shlayer Trojan at the top of its list of the ten most common macOS threats users faced in 2019. This Trojan relies on one of the oldest tricks in the book – tricking the user with a fake link, in this case a fake Adobe Flash update. The adware that is installed, Cimpli, installs a malicious Safari extension, allowing the user’s search results to be intercepted and their own ads displayed. While it’s more of an annoyance than anything else, Kaspersky say that at least 10% of users who have their antivirus software installed are infected – so it’s not an insignificant number of users who are infected.
Federighi appears to be highlighting the increasing prevalence of malware on Macs in order to paint the iOS App Store as a secure environment. The argument is that if iOS was as open a platform as macOS, allowing multiple App Stores, then iPhone malware would be widespread. Federighi cited Android as an example of a platform with multiple app stores that suffers from security issues.
