HomeCII/OTApple Users Report Significant Increase in Malware Attacks, Reveals Accenture

Apple Users Report Significant Increase in Malware Attacks, Reveals Accenture

Published on

spot_img

The number of Dark Web threat actors targeting Apple Mac computers has seen a significant increase in recent years, according to a report by Accenture’s threat intelligence unit. The report indicates a tenfold rise in the number of threat actors pursuing macOS since 2019, with much of the increase occurring in the past 18 months.

Traditionally, threat actors have focused their attacks on Windows and Linux devices. However, Accenture’s Cyber Threat Intelligence team has observed a growing community of skilled attackers on the Dark Web who have shifted their attention to Macs. Thomas “Mannie” Willkan, a cyber threat intelligence consultant with Accenture’s ACTI, explains that the change in focus is partly due to threat actors constantly innovating and trying to stay ahead of security measures. Additionally, there is now an economic incentive to target Mac devices.

One reason why Macs may be more vulnerable to attacks in the enterprise is because organizations often do not apply the same security measures to them as they do to Windows devices. Jason Dettbarn, CEO of Addigy, a macOS and iOS management platform, notes that organizations struggle with patching Apple devices using the same processes as Windows PCs. He specifically refers to Apple’s Rapid Security Responses, which were launched in May 2023 and are considered the highest required patch. Dettbarn says that CISOs (Chief Information Security Officers) are increasingly taking a more proactive stance towards the security of Macs.

Prominent threat actors, including LockBit 3.0 and the group Monti, have now set their sights on macOS. ACTI reports that LockBit 3.0 is creating ransomware strains specifically targeting Macs, while Monti claims to have a rewritten version of Conti’s EXSI ransomware locker that can deploy operators dating back to REvil from 2019. These exploits for Macs often come at a premium compared to those targeting Windows PCs.

Accenture’s managing director of global cyber response and transformation services, Rob Boyce, highlights the presence of skilled threat actors with sophisticated macOS-based attack tools. These actors have been observed advertising Apple Enterprise Certificates that can bypass macOS Gatekeeper, which has become highly desirable for threat actors focused on Macs. Boyce also mentions LockBit 3.0’s development of a bespoke ransomware strain targeted at macOS, making it the first confirmed established ransomware group to target Macs.

The increasing presence of Macs in the workforce is a key factor driving the rise in attacks. According to IDC’s Worldwide Quarterly Computing Device Tracker report, Macs accounted for an 8.6% share of the PC market in the second quarter of 2023, up from 6.8% during the same period a year earlier. With the growth of Macs, there has also been an increase in macOS-specific threats, such as info stealers, remote access Trojans, loaders, and zero-days, observed by Accenture’s ACTI. Dark Web threat actors tied to initial access brokers and potentially data extortion groups have claimed to have acquired macOS-based info stealers.

Despite the increase in attacks, there is still a false sense of security among some private users and industries that believe Macs are immune to viruses. Threat actors may be leveraging this misconception to their advantage. Accenture anticipates that threat actors targeting Macs will continue to grow in numbers in the coming years.

In conclusion, the rise in Dark Web threat actors targeting Apple Mac computers is a cause for concern. The economic incentive, coupled with the growing presence of Macs in the workforce, has led to a shift in focus among skilled attackers. Organizations need to recognize the vulnerabilities in their Mac environments and implement effective security measures to protect against these evolving threats.

Source link

Latest articles

The Battle Behind the Screens

 As the world watches the escalating military conflict between Israel and Iran, another...

Can we ever fully secure autonomous industrial systems?

 In the rapidly evolving world of industrial IoT (IIoT), the integration of AI-driven...

The Hidden AI Threat to Your Software Supply Chain

AI-powered coding assistants like GitHub’s Copilot, Cursor AI and ChatGPT have swiftly transitioned...

Why Business Impact Should Lead the Security Conversation

 Security teams face growing demands with more tools, more data, and higher expectations...

More like this

The Battle Behind the Screens

 As the world watches the escalating military conflict between Israel and Iran, another...

Can we ever fully secure autonomous industrial systems?

 In the rapidly evolving world of industrial IoT (IIoT), the integration of AI-driven...

The Hidden AI Threat to Your Software Supply Chain

AI-powered coding assistants like GitHub’s Copilot, Cursor AI and ChatGPT have swiftly transitioned...